diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 00000000000..6bcbc242808 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,6 @@ +NOTICE +====== + +Master branch is closed! A major refactor is ongoing in devel-40. +Changes for 3.x should be made directly to the latest release branch they're +relevant to and backported from there. diff --git a/.pylintrc b/.pylintrc index 80c74b73485..38b8b8b3f7a 100644 --- a/.pylintrc +++ b/.pylintrc @@ -215,7 +215,7 @@ ignore-mixin-members=yes # and thus existing member attributes cannot be deduced by static analysis. It # supports qualified module names, as well as Unix pattern matching. # Ignoring ansible.constants to suppress `no-member` warnings -ignored-modules=ansible.constants +ignored-modules=ansible.constants,distutils # List of classes names for which member attributes should not be checked # (useful for classes with attributes dynamically set). This supports can work diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index 7bb1b374e6e..42af3dc1a89 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.11.0-0.28.0 ./ +4.0.0-0.94.0 ./ diff --git a/.tito/releasers.conf b/.tito/releasers.conf index cb3bc75d37e..c8ae34ce7d9 100644 --- a/.tito/releasers.conf +++ b/.tito/releasers.conf @@ -62,6 +62,11 @@ releaser = tito.release.DistGitReleaser branches = rhaos-3.11-rhel-7 srpm_disttag = .el7aos +[aos-4.0] +releaser = tito.release.DistGitReleaser +branches = rhaos-4.0-rhel-7 +srpm_disttag = .el7aos + [copr-openshift-ansible] releaser = tito.release.CoprReleaser project_name = @OpenShiftOnlineOps/openshift-ansible diff --git a/README.md b/README.md index 1fb7aa90c23..433fa7568c7 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,14 @@ [![Build Status](https://travis-ci.org/openshift/openshift-ansible.svg?branch=master)](https://travis-ci.org/openshift/openshift-ansible) [![Coverage Status](https://coveralls.io/repos/github/openshift/openshift-ansible/badge.svg?branch=master)](https://coveralls.io/github/openshift/openshift-ansible?branch=master) +NOTICE +====== + +Master branch is closed! A major refactor is ongoing in devel-40. +Changes for 3.x should be made directly to the latest release branch they're +relevant to and backported from there. + + # OpenShift Ansible This repository contains [Ansible](https://www.ansible.com/) roles and @@ -61,7 +69,7 @@ Install base dependencies: Requirements: -- Ansible >= 2.6.2 +- Ansible >= 2.6.5, Ansible 2.7 is not yet supported and known to fail - Jinja >= 2.7 - pyOpenSSL - python-lxml @@ -153,7 +161,7 @@ created for you automatically. ## Complete Production Installation Documentation: -- [OpenShift Container Platform](https://docs.openshift.com/container-platform/latest/install_config/install/advanced_install.html) +- [OpenShift Container Platform](https://docs.openshift.com/container-platform/3.11/install/running_install.html) - [OpenShift Origin](https://docs.okd.io/latest/install/index.html) ## Containerized OpenShift Ansible diff --git a/README_CONTAINERIZED_INSTALLATION.md b/README_CONTAINERIZED_INSTALLATION.md deleted file mode 100644 index c6ebb768477..00000000000 --- a/README_CONTAINERIZED_INSTALLATION.md +++ /dev/null @@ -1,99 +0,0 @@ -# Overview - -Users may now deploy containerized versions of OpenShift Origin, OpenShift -Enterprise on [Atomic Host](https://projectatomic.io) or RHEL, Centos, and -Fedora. This includes OpenvSwitch based SDN. - - -## Installing on Atomic Host - -When installing on Atomic Host you will automatically have containerized -installation methods selected for you based on detection of _/run/ostree-booted_ - -## Installing on RHEL, Centos, or Fedora - -Currently the default installation method for traditional operating systems is -via RPMs. If you wish to deploy using containerized installation you may set the -ansible variable 'containerized=true' on a per host basis. This means that you -may easily deploy environments mixing containerized and RPM based installs. At -this point we don't suggest deploying heterogeneous environments. - -## CLI Wrappers - -When using containerized installations openshift-ansible will deploy a wrapper -script on each master located in _/usr/local/bin/openshift_ and a set of -symbolic links _/usr/local/bin/oc_, _/usr/local/bin/oadm_, and -_/usr/local/bin/kubectl_ to ease administrative tasks. The wrapper script spawns -a new container on each invocation so you may notice it's slightly slower than -native clients. - -The wrapper scripts mount a limited subset of paths, _~/.kube_, _/etc/origin/_, -and _/tmp_. Be mindful of this when passing in files to be processed by `oc` or - `oadm`. You may find it easier to redirect input like this : - - `oc create -f - < my_file.json` - -## Technical Notes - -### Requisite Images - -Based on your `openshift_deployment_type` the installer will make use of the following -images. Because you may make use of a private repository we've moved the -configuration of docker additional, insecure, and blocked registries to the -beginning of the installation process ensuring that these settings are applied -before attempting to pull any of the following images. - - Origin - docker.io/openshift/origin - docker.io/openshift/node (node + openshift-sdn + openvswitch rpm for client tools) - docker.io/openshift/openvswitch (centos7 + openvswitch rpm, runs ovsdb ovsctl processes) - registry.redhat.io/rhel7/etcd - OpenShift Container Platform - registry.redhat.io/openshift3/ose - registry.redhat.io/openshift3/node - registry.redhat.io/openshift3/openvswitch - registry.redhat.io/rhel7/etcd - - * note openshift3/* images come from registry.redhat.io and -rely on the --additional-repository flag being set appropriately. - -### Starting and Stopping Containers - -The installer will create relevant systemd units which can be used to start, -stop, and poll services via normal systemctl commands. These unit names match -those of an RPM installation with the exception of the etcd service which will -be named 'etcd_container'. This change is necessary as currently Atomic Host -ships with etcd package installed as part of Atomic Host and we will instead use -a containerized version. The installer will disable the built in etcd service. -etcd is slated to be removed from os-tree in the future. - -### File Paths - -All configuration files are placed in the same locations as RPM based -installations and will survive os-tree upgrades. - -The examples are installed into _/etc/origin/examples_ rather than -_/usr/share/openshift/examples_ because that is read-only on Atomic Host. - - -### Storage Requirements - -Atomic Host installs by default have a small root filesystem. However -the etcd, master, and node containers will persist data in -`/var/lib`. Please ensure that you have enough space on the root -filesystem. This is usually handled by -[docker-storage-setup](https://github.com/projectatomic/docker-storage-setup/); -set e.g. `ROOT_SIZE=20G` in `/etc/sysconfig/docker-storage-setup` in -early host boot, such as inside a `cloud-init` boot hook. - -### OpenvSwitch SDN Initialization - -OpenShift SDN initialization requires that the docker bridge be reconfigured and -docker is restarted. This complicates the situation when the node is running -within a container. When using the OVS SDN you'll see the node start, -reconfigure docker, restart docker which will restart all containers, and -finally start successfully. - -The node service may fail to start and be restarted a few times because the -master services are also restarted along with docker. We currently work around -this by relying on Restart=always in the docker based systemd units. diff --git a/examples/certificate-check-upload.yaml b/examples/certificate-check-upload.yaml index 679bf74ac4b..26c4fe2f68a 100644 --- a/examples/certificate-check-upload.yaml +++ b/examples/certificate-check-upload.yaml @@ -10,7 +10,7 @@ # The following objects are expected to be configured before the creation # of this Job: # - A ConfigMap named 'inventory' with a key named 'hosts' that -# contains the the Ansible inventory file +# contains the Ansible inventory file # - A Secret named 'sshkey' with a key named 'ssh-privatekey # that contains the ssh key to connect to the hosts # (see examples/README.md for more details) diff --git a/examples/certificate-check-volume.yaml b/examples/certificate-check-volume.yaml index 01bf43be495..0c0129cce52 100644 --- a/examples/certificate-check-volume.yaml +++ b/examples/certificate-check-volume.yaml @@ -10,7 +10,7 @@ # The following objects are expected to be configured before the creation # of this Job: # - A ConfigMap named 'inventory' with a key named 'hosts' that -# contains the the Ansible inventory file +# contains the Ansible inventory file # - A Secret named 'sshkey' with a key named 'ssh-privatekey # that contains the ssh key to connect to the hosts # - A PersistentVolumeClaim named 'certcheck-reports' where the diff --git a/hack/ci-build-rpm.sh b/hack/ci-build-rpm.sh new file mode 100755 index 00000000000..96c37312c91 --- /dev/null +++ b/hack/ci-build-rpm.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +# This script builds RPMs for Prow CI +tito tag --offline --accept-auto-changelog --use-release '9999%{?dist}' +tito build --output="_output/local/releases" --rpm --test --offline --quiet + +mkdir _output/local/releases/rpms +mv _output/local/releases/noarch/* _output/local/releases/rpms +createrepo _output/local/releases/rpms diff --git a/hack/ci-build-unittests.sh b/hack/ci-build-unittests.sh new file mode 100644 index 00000000000..4831fc5a296 --- /dev/null +++ b/hack/ci-build-unittests.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +# This script installs tox dependencies in the test container +yum install -y gcc libffi-devel python-devel openssl-devel python-pip +pip install tox +chmod uga+w /etc/passwd diff --git a/hack/ci-run-unittests.sh b/hack/ci-run-unittests.sh new file mode 100644 index 00000000000..6eccf84a067 --- /dev/null +++ b/hack/ci-run-unittests.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +# This script runs tox tests in test container +echo "${USER:-default}:x:$(id -u):$(id -g):Default User:${HOME:-/tmp}:/sbin/nologin" >> /etc/passwd +tox 2>&1 | tee /tmp/artifacts/output.log diff --git a/images/installer/Dockerfile b/images/installer/Dockerfile index 1d01f18789b..0e0d1b1b491 100644 --- a/images/installer/Dockerfile +++ b/images/installer/Dockerfile @@ -10,11 +10,9 @@ COPY images/installer/origin-extra-root / # install ansible and deps RUN INSTALL_PKGS="python-lxml python-dns pyOpenSSL python2-cryptography openssl python2-passlib httpd-tools openssh-clients origin-clients iproute patch" \ && yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS \ - && EPEL_PKGS="python2-boto python2-boto3 python2-crypto which python2-pip.noarch python2-scandir python2-packaging azure-cli" \ - && EPEL_TESTING_PKGS="ansible" \ + && EPEL_PKGS="ansible-2.6.5 python2-boto python2-boto3 python2-crypto which python2-pip.noarch python2-scandir python2-packaging azure-cli-2.0.46" \ && yum install -y epel-release \ && yum install -y --setopt=tsflags=nodocs $EPEL_PKGS \ - && yum install -y --setopt=tsflags=nodocs --enablerepo=epel-testing $EPEL_TESTING_PKGS \ && if [ "$(uname -m)" == "x86_64" ]; then yum install -y https://sdodson.fedorapeople.org/google-cloud-sdk-183.0.0-3.el7.x86_64.rpm ; fi \ && yum install -y java-1.8.0-openjdk-headless \ && rpm -V $INSTALL_PKGS $EPEL_PKGS $EPEL_TESTING_PKGS \ diff --git a/images/installer/Dockerfile.ci b/images/installer/Dockerfile.ci new file mode 100644 index 00000000000..926f965a96c --- /dev/null +++ b/images/installer/Dockerfile.ci @@ -0,0 +1,41 @@ +FROM centos:7 + +MAINTAINER OpenShift Team + +USER root + +LABEL name="openshift/origin-ansible" \ + summary="OpenShift's installation and configuration tool" \ + description="A containerized openshift-ansible image to use in CI - includes necessary packages to test clusters on AWS/GCP/Azure" \ + url="https://github.com/openshift/openshift-ansible" \ + io.k8s.display-name="openshift-ansible" \ + io.k8s.description="A containerized openshift-ansible image to use in CI - includes necessary packages to test clusters on AWS/GCP/Azure" \ + io.openshift.expose-services="" \ + io.openshift.tags="openshift,install,upgrade,ansible" \ + atomic.run="once" + +ENV USER_UID=1001 \ + HOME=/opt/app-root/src \ + WORK_DIR=/usr/share/ansible/openshift-ansible \ + OPTS="-v" + +# Add image scripts and files for running as a system container +COPY images/installer/root / +# Add origin repo for including the oc client +COPY images/installer/origin-extra-root / +# Install openshift-ansible RPMs +RUN yum install -y epel-release && \ + rm -rf /etc/yum.repos.d/centos-openshift-origin.repo && \ + yum-config-manager --enable built > /dev/null && \ + INSTALL_PKGS="openssh google-cloud-sdk azure-cli-2.0.46" \ + yum install --setopt=tsflags=nodocs -y $INSTALL_PKGS openshift-ansible-test && \ + yum clean all + +RUN /usr/local/bin/user_setup \ + && rm /usr/local/bin/usage.ocp + +USER ${USER_UID} + +WORKDIR ${WORK_DIR} +ENTRYPOINT [ "/usr/local/bin/entrypoint" ] +CMD [ "/usr/local/bin/run" ] diff --git a/images/installer/container.yaml b/images/installer/container.yaml new file mode 100644 index 00000000000..4cd3257c0fa --- /dev/null +++ b/images/installer/container.yaml @@ -0,0 +1,13 @@ +--- +compose: + packages: + - openshift-ansible + - python2-crypto + - httpd-tools + - google-cloud-sdk + - java-1.8.0-openjdk-headless + - atomic-openshift-clients + - openssl + - iproute + - python-boto + - python2-boto3 diff --git a/images/installer/origin-extra-root/etc/yum.repos.d/centos-ansible26.repo b/images/installer/origin-extra-root/etc/yum.repos.d/centos-ansible26.repo new file mode 100644 index 00000000000..2f28e63379e --- /dev/null +++ b/images/installer/origin-extra-root/etc/yum.repos.d/centos-ansible26.repo @@ -0,0 +1,6 @@ + +[centos-ansible26-testing] +name=CentOS Ansible 2.6 testing repo +baseurl=https://cbs.centos.org/repos/configmanagement7-ansible-26-testing/x86_64/os/ +enabled=1 +gpgcheck=0 diff --git a/images/installer/root/usr/local/bin/generate b/images/installer/root/usr/local/bin/generate index 76ffcd8977f..c242e6d0ed8 100755 --- a/images/installer/root/usr/local/bin/generate +++ b/images/installer/root/usr/local/bin/generate @@ -186,7 +186,7 @@ class Host: if self.public_ip_addr: info += "openshift_public_ip=" + self.public_ip_addr + " " if self.hostname: - info += "openshift_hostname=" + self.hostname + " " + info += "openshift_kubelet_name_override=" + self.hostname + " " if self.public_hostname: info += "openshift_public_hostname=" + self.public_hostname diff --git a/inventory/hosts.example b/inventory/hosts.example index 1d1c6be6dfa..555851e84be 100644 --- a/inventory/hosts.example +++ b/inventory/hosts.example @@ -188,8 +188,6 @@ debug_level=2 #oreg_auth_password='my-pass' # NOTE: oreg_url must be defined by the user for oreg_auth_* to have any affect. # oreg_auth_pass should be generated from running docker login. -# To update registry auth credentials, uncomment the following: -#oreg_auth_credentials_replace: True # OpenShift repository configuration #openshift_additional_repos=[{'id': 'openshift-origin-copr', 'name': 'OpenShift Origin COPR', 'baseurl': 'https://copr-be.cloud.fedoraproject.org/results/maxamillion/origin-next/epel-7-$basearch/', 'enabled': 1, 'gpgcheck': 1, 'gpgkey': 'https://copr-be.cloud.fedoraproject.org/results/maxamillion/origin-next/pubkey.gpg'}] @@ -251,6 +249,20 @@ debug_level=2 # or #openshift_master_request_header_ca_file= +# GitHub auth +#openshift_master_identity_providers=[{"name": "github", "login": "true", "challenge": "false", "kind": "GitHubIdentityProvider", "mappingMethod": "claim", "client_id": "my_client_id", "client_secret": "my_client_secret", "teams": ["team1", "team2"], "hostname": "githubenterprise.example.com", "ca": "" }] +# +# Configure github CA certificate +# Specify either the ASCII contents of the certificate or the path to +# the local file that will be copied to the remote host. CA +# certificate contents will be copied to master systems and saved +# within /etc/origin/master/ with a filename matching the "ca" key set +# within the GitHubIdentityProvider. +# +#openshift_master_github_ca= +# or +#openshift_master_github_ca_file= + # CloudForms Management Engine (ManageIQ) App Install # # Enables installation of MIQ server. Recommended for dedicated @@ -701,25 +713,6 @@ debug_level=2 # this value must be 1 #openshift_logging_es_cluster_size=1 -# Prometheus deployment -# -# Currently prometheus deployment is disabled by default, enable it by setting this -#openshift_hosted_prometheus_deploy=true -# -# Prometheus storage config -# By default prometheus uses emptydir storage, if you want to persist you should -# configure it to use pvc storage type. Each volume must be ReadWriteOnce. -#openshift_prometheus_storage_type=emptydir -#openshift_prometheus_alertmanager_storage_type=emptydir -#openshift_prometheus_alertbuffer_storage_type=emptydir -# Use PVCs for persistence -#openshift_prometheus_storage_type=pvc -#openshift_prometheus_alertmanager_storage_type=pvc -#openshift_prometheus_alertbuffer_storage_type=pvc - -# Grafana deployment, requires Prometheus -#openshift_hosted_grafana_deploy=true - # Configure the multi-tenant SDN plugin (default is 'redhat/openshift-ovs-subnet') # os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant' @@ -846,7 +839,7 @@ debug_level=2 #logrotate_scripts=[{"name": "syslog", "path": "/var/log/cron\n/var/log/maillog\n/var/log/messages\n/var/log/secure\n/var/log/spooler\n", "options": ["daily", "rotate 7", "compress", "sharedscripts", "missingok"], "scripts": {"postrotate": "/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true"}}] # The OpenShift-Ansible installer will fail when it detects that the -# value of openshift_hostname resolves to an IP address not bound to any local +# value of openshift_kubelet_name_override resolves to an IP address not bound to any local # interfaces. This mis-configuration is problematic for any pod leveraging host # networking and liveness or readiness probes. # Setting this variable to false will override that check. @@ -1056,7 +1049,7 @@ debug_level=2 # # LOCAL NFS NOTE: # -# You may may also change this value if you want to change the default +# You may also change this value if you want to change the default # path used for local NFS exports. #openshift_management_storage_nfs_base_dir: /exports diff --git a/inventory/hosts.openstack b/inventory/hosts.openstack index b11f662f0c9..b9aa9927b71 100644 --- a/inventory/hosts.openstack +++ b/inventory/hosts.openstack @@ -24,7 +24,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', #openshift_pkg_version=-3.0.0.0 [masters] -jdetiber-master.usersys.redhat.com openshift_public_hostname="{{ inventory_hostname }}" openshift_hostname="{{ ansible_default_ipv4.address }}" +jdetiber-master.usersys.redhat.com openshift_public_hostname="{{ inventory_hostname }}" [etcd] jdetiber-etcd.usersys.redhat.com @@ -33,5 +33,5 @@ jdetiber-etcd.usersys.redhat.com #ose3-lb-ansible.test.example.com [nodes] -jdetiber-master.usersys.redhat.com openshift_public_hostname="{{ inventory_hostname }}" openshift_hostname="{{ ansible_default_ipv4.address }}" openshift_node_group_name="node-config-master" -jdetiber-node[1:2].usersys.redhat.com openshift_public_hostname="{{ inventory_hostname }}" openshift_hostname="{{ ansible_default_ipv4.address }}" openshift_node_group_name="node-config-compute" +jdetiber-master.usersys.redhat.com openshift_public_hostname="{{ inventory_hostname }}" openshift_node_group_name="node-config-master" +jdetiber-node[1:2].usersys.redhat.com openshift_public_hostname="{{ inventory_hostname }}" openshift_node_group_name="node-config-compute" diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 92a7e48f113..80e8c246a78 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -9,15 +9,15 @@ %global __requires_exclude ^/usr/bin/ansible-playbook$ Name: openshift-ansible -Version: 3.11.0 -Release: 0.28.0%{?dist} +Version: 4.0.0 +Release: 0.94.0%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 URL: https://github.com/openshift/openshift-ansible Source0: https://github.com/openshift/openshift-ansible/archive/%{commit}/%{name}-%{version}.tar.gz BuildArch: noarch -Requires: ansible >= 2.6.2 +Requires: ansible >= 2.5.7 Requires: python2 Requires: python-six Requires: tar @@ -31,6 +31,8 @@ Requires: libselinux-python Requires: python-passlib Requires: python2-crypto Requires: patch +Requires: pyOpenSSL +Requires: iproute %description Openshift and Atomic Enterprise Ansible @@ -66,6 +68,7 @@ cp inventory/hosts.* inventory/README.md docs/example-inventories/ # openshift-ansible-playbooks install cp -rp playbooks %{buildroot}%{_datadir}/ansible/%{name}/ +cp -rp test %{buildroot}%{_datadir}/ansible/%{name}/ # remove contiv plabooks rm -rf %{buildroot}%{_datadir}/ansible/%{name}/playbooks/adhoc/contiv @@ -160,9 +163,618 @@ BuildArch: noarch %files roles %{_datadir}/ansible/%{name}/roles +%pretrans roles +#RHBZ https://bugzilla.redhat.com/show_bug.cgi?id=1626048 +#roles/openshift_examples/latest used to be a symlink, now its a dir +# workaround for RPM bug https://bugzilla.redhat.com/show_bug.cgi?id=975909 +if [ -d %{_datadir}/ansible/%{name}/roles/openshift_examples/files/examples ]; then + find %{_datadir}/ansible/%{name}/roles/openshift_examples/files/examples -name latest -type l -delete +fi +# ---------------------------------------------------------------------------------- +# openshift-ansible-tests subpackage +# ---------------------------------------------------------------------------------- +%package test +Summary: Openshift and Atomic Enterprise Ansible Test Playbooks +Requires: %{name} = %{version}-%{release} +Requires: %{name}-roles = %{version}-%{release} +Requires: %{name}-playbooks = %{version}-%{release} +Requires: python-boto3 +BuildArch: noarch + +%description test +%{summary}. + +%files test +%{_datadir}/ansible/%{name}/test %changelog +* Mon Dec 10 2018 AOS Automation Release Team 4.0.0-0.94.0 +- + +* Sun Dec 09 2018 AOS Automation Release Team 4.0.0-0.93.0 +- + +* Sat Dec 08 2018 AOS Automation Release Team 4.0.0-0.92.0 +- + +* Sat Dec 08 2018 AOS Automation Release Team 4.0.0-0.91.0 +- + +* Fri Dec 07 2018 AOS Automation Release Team 4.0.0-0.90.0 +- + +* Fri Dec 07 2018 AOS Automation Release Team 4.0.0-0.89.0 +- + +* Thu Dec 06 2018 AOS Automation Release Team 4.0.0-0.88.0 +- + +* Thu Dec 06 2018 AOS Automation Release Team 4.0.0-0.87.0 +- + +* Thu Dec 06 2018 AOS Automation Release Team 4.0.0-0.86.0 +- + +* Thu Dec 06 2018 AOS Automation Release Team 4.0.0-0.85.0 +- + +* Wed Dec 05 2018 AOS Automation Release Team 4.0.0-0.84.0 +- + +* Tue Dec 04 2018 AOS Automation Release Team 4.0.0-0.83.0 +- + +* Mon Dec 03 2018 AOS Automation Release Team 4.0.0-0.82.0 +- + +* Sun Dec 02 2018 AOS Automation Release Team 4.0.0-0.81.0 +- + +* Sat Dec 01 2018 AOS Automation Release Team 4.0.0-0.80.0 +- + +* Sat Dec 01 2018 AOS Automation Release Team 4.0.0-0.79.0 +- + +* Thu Nov 29 2018 AOS Automation Release Team 4.0.0-0.78.0 +- + +* Wed Nov 28 2018 AOS Automation Release Team 4.0.0-0.77.0 +- + +* Tue Nov 27 2018 AOS Automation Release Team 4.0.0-0.76.0 +- + +* Tue Nov 27 2018 AOS Automation Release Team 4.0.0-0.75.0 +- + +* Sun Nov 25 2018 AOS Automation Release Team 4.0.0-0.74.0 +- + +* Sun Nov 25 2018 AOS Automation Release Team 4.0.0-0.73.0 +- + +* Sat Nov 24 2018 AOS Automation Release Team 4.0.0-0.72.0 +- + +* Sat Nov 24 2018 AOS Automation Release Team 4.0.0-0.71.0 +- + +* Fri Nov 23 2018 AOS Automation Release Team 4.0.0-0.70.0 +- + +* Fri Nov 23 2018 AOS Automation Release Team 4.0.0-0.69.0 +- + +* Thu Nov 22 2018 AOS Automation Release Team 4.0.0-0.68.0 +- + +* Wed Nov 21 2018 AOS Automation Release Team 4.0.0-0.67.0 +- + +* Tue Nov 20 2018 AOS Automation Release Team 4.0.0-0.66.0 +- + +* Tue Nov 20 2018 AOS Automation Release Team 4.0.0-0.65.0 +- + +* Tue Nov 20 2018 AOS Automation Release Team 4.0.0-0.64.0 +- + +* Mon Nov 19 2018 AOS Automation Release Team 4.0.0-0.63.0 +- + +* Sun Nov 18 2018 AOS Automation Release Team 4.0.0-0.62.0 +- + +* Sat Nov 17 2018 AOS Automation Release Team 4.0.0-0.61.0 +- + +* Fri Nov 16 2018 AOS Automation Release Team 4.0.0-0.60.0 +- + +* Thu Nov 15 2018 AOS Automation Release Team 4.0.0-0.59.0 +- + +* Wed Nov 14 2018 AOS Automation Release Team 4.0.0-0.58.0 +- + +* Tue Nov 13 2018 AOS Automation Release Team 4.0.0-0.57.0 +- + +* Mon Nov 12 2018 AOS Automation Release Team 4.0.0-0.56.0 +- + +* Mon Nov 12 2018 AOS Automation Release Team 4.0.0-0.55.0 +- + +* Sat Nov 10 2018 AOS Automation Release Team 4.0.0-0.54.0 +- + +* Sat Nov 10 2018 AOS Automation Release Team 4.0.0-0.53.0 +- GitHubIdentityProvider catering for GitHub Enterprise and includes examples + on using the provider. Installation includes parameters for ca and hostname + (GH enterprise specific) (ckyriaki@redhat.com) +- Check both service catalog and install vars (ruju@itu.dk) + +* Thu Nov 08 2018 AOS Automation Release Team 4.0.0-0.52.0 +- Simplify PR template and add text to README.md (sdodson@redhat.com) +- Pre-pull CLI image using openshift_container_cli (vrutkovs@redhat.com) +- Start node image prepull after CRIO is restarted (vrutkovs@redhat.com) +- sdn: tolerate all taints (vrutkovs@redhat.com) +- sync: tolerate all taints (vrutkovs@redhat.com) +- Update centos_repos.yml (camabeh@users.noreply.github.com) +- Update centos_repos.yml (camabeh@users.noreply.github.com) +- Update .github/PULL_REQUEST_TEMPLATE.md (roignac@gmail.com) +- Add notice about MASTER branch (sdodson@redhat.com) + +* Thu Nov 08 2018 AOS Automation Release Team 4.0.0-0.51.0 +- Mount /etc/pki into controller pod (mchappel@redhat.com) + +* Wed Nov 07 2018 AOS Automation Release Team 4.0.0-0.50.0 +- Restart docker after openstack storage setup (tzumainn@redhat.com) +- Update crio.conf.j2 template for registries (umohnani@redhat.com) +- Fix master paths check, while using Istio (faust64@gmail.com) + +* Tue Nov 06 2018 AOS Automation Release Team 4.0.0-0.49.0 +- Add instructions to use cri-o in openstack (e.minguez@gmail.com) +- Fix broken link in README.md (artheus@users.noreply.github.com) +- openshift_prometheus: cleanup unused variables (pgier@redhat.com) +- fix gce-logging problem (rmeggins@redhat.com) +- Run the init/main playbook properly (e.minguez@gmail.com) + +* Mon Nov 05 2018 AOS Automation Release Team 4.0.0-0.48.0 +- + +* Mon Nov 05 2018 AOS Automation Release Team 4.0.0-0.47.0 +- + +* Sun Nov 04 2018 AOS Automation Release Team 4.0.0-0.46.0 +- + +* Sat Nov 03 2018 AOS Automation Release Team 4.0.0-0.45.0 +- added needed space in error message as stated in bug# 1645718 + (pruan@redhat.com) + +* Fri Nov 02 2018 AOS Automation Release Team 4.0.0-0.44.0 +- glusterfs: Fix a typo in the README (obnox@redhat.com) + +* Thu Nov 01 2018 AOS Automation Release Team 4.0.0-0.43.0 +- Update playbooks/azure/openshift-cluster/build_node_image.yml + (roignac@gmail.com) +- add oreg_url check (mangirdas@judeikis.lt) + +* Wed Oct 31 2018 AOS Automation Release Team 4.0.0-0.42.0 +- Adding configuration documentation for etcd (bedin@redhat.com) +- Fixing provisioning of separate etcd (bedin@redhat.com) +- Fixing provisioning of separate etcd (bedin@redhat.com) +- Fixing provisioning of separate etcd (bedin@redhat.com) + +* Tue Oct 30 2018 AOS Automation Release Team 4.0.0-0.41.0 +- 4.0 -> 3.11 (mangirdas@judeikis.lt) +- add 3.11 build steps (mangirdas@judeikis.lt) +- rollback azure cli version and sas image config path (mangirdas@judeikis.lt) +- Make timeout a param and increase default to 20 for docker_creds.py + (chmurphy@redhat.com) +- Ensure Kuryr-controller runs on infra nodes (ltomasbo@redhat.com) +- Updating clean up task to match become of creation task (ewolinet@redhat.com) + +* Mon Oct 29 2018 AOS Automation Release Team 4.0.0-0.40.0 +- + +* Mon Oct 29 2018 AOS Automation Release Team 4.0.0-0.39.0 +- Increase Octavia OpenShift API loadbalancer timeouts (ltomasbo@redhat.com) + +* Sun Oct 28 2018 AOS Automation Release Team 4.0.0-0.38.0 +- Improve cleanup of networks and disks in GCP (ccoleman@redhat.com) + +* Sat Oct 27 2018 AOS Automation Release Team 4.0.0-0.37.0 +- Added validation to avoid upload template always (jparrill@redhat.com) +- openshift_console: remove OAuthClient when uninstalling (mlibra@redhat.com) +- adding kuryr ports back (egarcia@redhat.com) +- Prepull node image using openshift_container_cli (vrutkovs@redhat.com) +- clarification in response to comments (iamemilio@users.noreply.github.com) +- correction (i.am.emilio@gmail.com) +- clearer instructions (iamemilio@users.noreply.github.com) +- Certain ports were incorrectly configured by default. (i.am.emilio@gmail.com) +- Update existing template for registry-console and make sure created objects + are updated (vrutkovs@redhat.com) + +* Fri Oct 26 2018 AOS Automation Release Team 4.0.0-0.36.0 +- Fix ansible version checking (celebdor@gmail.com) + +* Thu Oct 25 2018 AOS Automation Release Team 4.0.0-0.35.0 +- Don't install cockpit unless required (e.minguez@gmail.com) +- openshift_ovirt: Add a task to create the VMs (rgolan@redhat.com) +- Decalre the dns variable in the defaults (rgolan@redhat.com) +- Fix version number in upgrade readme to 4.0. (pdd@redhat.com) +- Add pull secret to the Calico controllers (mleung975@gmail.com) +- Fix Calico liveness and readiness checks to include Calico 3.2 + (mleung975@gmail.com) +- Fail installation if Atomic Host variant ID is detected (vrutkovs@redhat.com) +- Don't use 'atomic' RPM (vrutkovs@redhat.com) +- Remove an option to install 4.0 on Atomic Hosts (vrutkovs@redhat.com) + +* Wed Oct 24 2018 AOS Automation Release Team 4.0.0-0.34.0 +- Fix incorrect until condition in servicecatalog api check + (sdodson@redhat.com) +- Run the init playbooks to properly set vars (e.minguez@gmail.com) +- Add permissions for the Calico CNI plugin to access namespaces + (mleung975@gmail.com) + +* Tue Oct 23 2018 AOS Automation Release Team 4.0.0-0.33.0 +- Remove hostname override from OpenStack inventory (tomas@sedovic.cz) +- Fixing Typo (jparrill@redhat.com) +- quick fix for formatting of error messages, bz# 1640823 (pruan@redhat.com) +- Mount /etc/pki into apiserver pod (sdodson@redhat.com) +- Set openshift_hosted_registry_storage_swift_insecureskipverify's default + (mickael.canevet@camptocamp.com) +- Document openshift_hosted_registry_storage_swift_insecureskipverify + (mickael.canevet@camptocamp.com) +- Added capability to add dns_search and dns_server even without static + configuration (jparrill@redhat.com) +- Fixes #10415 maintains the name and host_name when vm count field are 1. + (jparrill@redhat.com) +- Add openshift_hosted_registry_storage_swift_insecureskipverify parameter + (mickael.canevet@camptocamp.com) +- Updated logging namespace name (andy.block@gmail.com) +- Update oc_group.py in src (camabeh@gmail.com) +- cluster-monitoring: Adds storageclass name variable (davivcgarcia@gmail.com) +- Update tests (camabeh@gmail.com) +- Fix oc group get (camabeh@gmail.com) + +* Mon Oct 22 2018 AOS Automation Release Team 4.0.0-0.32.0 +- Allow Ansible 2.5.7 (tomas@sedovic.cz) +- Remove value rather than replacing it with an empty string + (sdodson@redhat.com) + +* Sun Oct 21 2018 AOS Automation Release Team 4.0.0-0.31.0 +- + +* Sat Oct 20 2018 AOS Automation Release Team 4.0.0-0.30.0 +- + +* Fri Oct 19 2018 AOS Automation Release Team 4.0.0-0.29.0 +- + +* Thu Oct 18 2018 AOS Automation Release Team 4.0.0-0.28.0 +- Fix scaleup failure for hostname override (mgugino@redhat.com) +- Fail on openshift_kubelet_name_override for new hosts. (mgugino@redhat.com) + +* Thu Oct 18 2018 AOS Automation Release Team 4.0.0-0.27.0 +- Make sure images are prepulled when CRIO is used (vrutkovs@redhat.com) +- pin azure cli to version 2.0.47 and fix start copy playbook task + (akalugwu@redhat.com) + +* Wed Oct 17 2018 AOS Automation Release Team 4.0.0-0.26.0 +- + +* Wed Oct 17 2018 AOS Automation Release Team 4.0.0-0.25.0 +- + +* Tue Oct 16 2018 AOS Automation Release Team 4.0.0-0.24.0 +- + +* Mon Oct 15 2018 AOS Automation Release Team 4.0.0-0.23.0 +- Add ansible 2.6 repo (vrutkovs@redhat.com) + +* Sun Oct 14 2018 AOS Automation Release Team 4.0.0-0.22.0 +- + +* Sun Oct 14 2018 AOS Automation Release Team 4.0.0-0.21.0 +- + +* Fri Oct 12 2018 AOS Automation Release Team 4.0.0-0.20.0 +- Require ansible 2.6.5 (vrutkovs@redhat.com) +- Dockerfile: install ansible 2.6 and remove epel-testing (vrutkovs@redhat.com) +- Dockerfile: install ansible 2.6 (vrutkovs@redhat.com) + +* Fri Oct 12 2018 AOS Automation Release Team 4.0.0-0.19.0 +- README: ansible 2.7 is not supported (vrutkovs@redhat.com) +- Modify sync pod to check for KUBELET_HOSTNAME_OVERRIDE (mgugino@redhat.com) +- Configure Ansible service broker secrets (simon.ruegg@vshn.ch) + +* Wed Oct 10 2018 AOS Automation Release Team 4.0.0-0.18.0 +- Update main.yml (sgaikwad@redhat.com) +- Openshift autoheal fails to pull images even if oreg_url is specified + (sgaikwad@redhat.com) + +* Tue Oct 09 2018 AOS Automation Release Team 4.0.0-0.17.0 +- Add missing option in Openstack documentation and sample file. + (juriarte@redhat.com) +- Replace openshift.node.nodename with l_kubelet_node_name (mgugino@redhat.com) +- Increase number of retries in sync DS (vrutkovs@redhat.com) +- test/ci: update atomic hosts and restart only when necessary + (vrutkovs@redhat.com) +- test/ci: make sure all packages are updated before starting install + (vrutkovs@redhat.com) +- test/ci: set hostname before collecting facts (vrutkovs@redhat.com) +- Fix etcd scaleup on standalone hosts (rteague@redhat.com) + +* Mon Oct 08 2018 AOS Automation Release Team 4.0.0-0.16.0 +- Fail on openshift_hostname defined; add openshift_kubelet_name_override + (mgugino@redhat.com) + +* Sun Oct 07 2018 AOS Automation Release Team 4.0.0-0.15.0 +- + +* Sun Oct 07 2018 AOS Automation Release Team 4.0.0-0.14.0 +- + +* Sat Oct 06 2018 AOS Automation Release Team 4.0.0-0.13.0 +- unmount just before removing (rmeggins@redhat.com) + +* Fri Oct 05 2018 AOS Automation Release Team 4.0.0-0.12.0 +- + +* Fri Oct 05 2018 AOS Automation Release Team 4.0.0-0.11.0 +- prelim/partial update to jenkins imagestream to enable tests (while we wait + for global PR in openshift/origin to merge) (gmontero@redhat.com) +- Remove unused registry migration task (vrutkovs@redhat.com) + +* Thu Oct 04 2018 AOS Automation Release Team 4.0.0-0.10.0 +- glusterfs: add probe script for liveness and readiness checks + (jmulligan@redhat.com) + +* Thu Oct 04 2018 AOS Automation Release Team 4.0.0-0.9.0 +- + +* Wed Oct 03 2018 AOS Automation Release Team 4.0.0-0.8.0 +- roles/cluster_monitoring: minor wording improvement (pgier@redhat.com) +- Remove unlicensed code from internet in sanity checks (mgugino@redhat.com) +- Use clusterid attribute to filter servers in dynamic inventory + (rusichen@redhat.com) +- Add CI scripts in hack/ (vrutkovs@redhat.com) +- Replace 'command chmod' with 'file mode=...' (vrutkovs@redhat.com) +- Start only the ovsdb so we can add the config safely (bbennett@redhat.com) +- Add pyOpenSSL and iproute to RPM dependencies (sdodson@redhat.com) +- Fixes #8267 (mavazque@redhat.com) +- Node problem detector always pull images from registry.redhat.io for + openshift-enterprise (sgaikwad@redhat.com) +- Replace undefined {{ item }} by filename (info@theothersolution.nl) +- Pass admin kubeconfig (sdodson@redhat.com) +- typo correction (i.am.emilio@gmail.com) +- no longer creates cns security group when number of cns is 0 + (i.am.emilio@gmail.com) + +* Fri Sep 28 2018 AOS Automation Release Team 4.0.0-0.7.0 +- Add OpenStack pre-requisites check for various features (tzumainn@redhat.com) +- [openstack] Add configuration note for all-in-one and DNS (pep@redhat.com) +- Remove oreg_auth_credentials_replace from inventory (sdodson@redhat.com) +- test/ci: ensure AWS instances have public hostname (vrutkovs@redhat.com) + +* Thu Sep 27 2018 AOS Automation Release Team 4.0.0-0.6.0 +- Bug 1554293 - logging-eventrouter event not formatted correctly in + Elasticsearch when using MUX (nhosoi@redhat.com) +- Add a new dockerfile to use in CI (vrutkovs@redhat.com) +- Add new package which contains test playbooks (vrutkovs@redhat.com) + +* Wed Sep 26 2018 AOS Automation Release Team 4.0.0-0.5.0 +- test/ci: set expirationDate flag for CI namespace garbage collector + (vrutkovs@redhat.com) +- Refactored Calico and updated playbooks to reflect self-hosted Calico + installs only (mleung975@gmail.com) +- Enable IAM roles for EC2s in AWS (mazzystr@gmail.com) +- Fix for recent az changes. (kwoodson@redhat.com) +- cluster-monitoring: Bump cluster monitoring operator in origin + (fbranczyk@gmail.com) +- Added capability to fix static addresses to openshift_ovirt provider vms + (jparrill@redhat.com) + +* Mon Sep 24 2018 AOS Automation Release Team 4.0.0-0.4.0 +- Reload tuned service when node-config.yaml has changed. + (jmencak@users.noreply.github.com) + +* Fri Sep 21 2018 AOS Automation Release Team 4.0.0-0.3.0 +- GlusterFS: Fix registry playbook PV creation (jarrpa@redhat.com) +- Only create OpenStack router if both router and subnet are undefined + (tzumainn@redhat.com) + +* Fri Sep 21 2018 AOS Automation Release Team 4.0.0-0.2.0 +- + +* Fri Sep 21 2018 AOS Automation Release Team 4.0.0-0.1.0 +- Don't re-deploy node system containers when deploying auth credentials + (sdodson@redhat.com) +- etcdv2 remove: avoid using failed_when (vrutkovs@redhat.com) +- Bump Data Grid to version 1.1.1 (osni.oliveira@redhat.com) +- remove unix prefix from crio path (sjenning@redhat.com) +- adding container.yaml (adammhaile@gmail.com) +- Fix openstack nsupdate record (tzumainn@redhat.com) +- Always set openstack node private ip (tzumainn@redhat.com) +- lib_utils_oo_oreg_image preserve path component (jkupfere@redhat.com) +- Add unit test for oo_oreg_image filter (mgugino@redhat.com) +- Update installer_checkpoint plugin to handle empty stats (rteague@redhat.com) +- Fix etcd scaleup playbook (rteague@redhat.com) +- registry auth: fix check that node_oreg_auth_credentials_stat exists + (vrutkovs@redhat.com) +- Fix openshift_additional_registry_credentials comparison + (vrutkovs@redhat.com) +- Ensure glusterfs host groups are correct for registry play + (mgugino@redhat.com) +- move OpenStack network fact gathering from prereqs to provision tasks + (tzumainn@redhat.com) +- Ensure atomic hosts prepull node image during pre-upgrade + (mgugino@redhat.com) +- Make cloud-user SSH key maintenance more reliable (ironcladlou@gmail.com) +- Simplify match filter when looking for sync annotations (vrutkovs@redhat.com) +- Merge upgrade_control_plane playbooks back into one (vrutkovs@redhat.com) +- test ci: add an option to terminate VMs instead of stopping + (vrutkovs@redhat.com) +- Update main.yml (sheldyakov@tutu.ru) +- Remove duplicate words (lxia@redhat.com) +- Remove traces of containerized install (vrutkovs@redhat.com) +- Move the cluster-cidr assignment to the correct configs (mleung975@gmail.com) +- Ensure dnsmasq is restarted during upgrades (mgugino@redhat.com) +- Don't install NM on atomic systems (vrutkovs@redhat.com) +- openshift-prometheus: remove deprecated prometheus stack install + (pgier@redhat.com) +- GCP upgrade: don't exclude nodes with tag_ocp-bootstrap (vrutkovs@redhat.com) +- GCP upgrade: don't exclude nodes with tag_ocp-bootstrap (vrutkovs@redhat.com) +- Hash the registry hostname to generate unique secret names + (sdodson@redhat.com) +- Add retries around api service discovery (sdodson@redhat.com) +- Ensure that recycler pod definition is deployed during upgrade + (sdodson@redhat.com) +- Change upgrade playbooks to use 4.0 (vrutkovs@redhat.com) +- Add 3 retries around all image stream create/replace (sdodson@redhat.com) +- Fix wrong doc default value of logging (teleyic@gmail.com) +- test/ci: setup network manager (vrutkovs@redhat.com) +- Update uninstall_masters play to deal with standalone instances + (mazzystr@gmail.com) +- Fix broken package list on fedora (mgugino@redhat.com) +- certificate_expiry: gather facts so ansible_date_time is defined + (sdodson@redhat.com) +- Fix volume recycler configuration on upgrade (sdodson@redhat.com) +- openshift_storage_nfs_lvm: fix with_sequence (jfchevrette@gmail.com) +- Removing launch.yml. (kwoodson@redhat.com) +- Wait for sync DS to set annotations on all available nodes + (vrutkovs@redhat.com) +- sync annotations: expected number of annotations should be a number of items + (vrutkovs@redhat.com) +- reduce number of openstack heat retries (tzumainn@redhat.com) +- Fix openstack parameter checks (tzumainn@redhat.com) +- Add a wait for aggregated APIs when restarting control plane + (sdodson@redhat.com) +- Update openshift ca redeploy to use correct node client-ca + (rteague@redhat.com) +- Enable monitoring of openshift-metering via cluster monitoring + (chance.zibolski@coreos.com) +- Refactor csr approval for client certs ignore ready (mgugino@redhat.com) +- reducing /sys/fs/selinux/avc/cache_threshold to 8192 instead of 65535 + (elvirkuric@gmail.com) +- Add preview operators to OLM Catalog (cordell.evan@gmail.com) +- Collect provider facts only if cloudprovider is set (vrutkovs@redhat.com) +- - s3 variables check as part of importing the s3 tasks itself. + (sarumuga@redhat.com) +- Add proper liveness and readiness checks for Calico 3.2 (mleung975@gmail.com) +- Move controller args back to template (hekumar@redhat.com) +- Retry our etcd health check (sdodson@redhat.com) +- Set gquota on slash filesystem (mazzystr@gmail.com) +- docker_creds: rename image_name to test_image (sdodson@redhat.com) +- cluster-monitoring: Fix regex_replace to remove image tag + (fbranczyk@gmail.com) +- fix arguments to controller (hekumar@redhat.com) +- Update recyler to lsm_registry_url (hekumar@redhat.com) +- cutting 4.0 (aos-team-art@redhat.com) +- Use oreg_url rather than hardcoding path (hekumar@redhat.com) +- Formatting fixes on olm and catalog operators (cordell.evan@gmail.com) +- Update rh-operators catalog to latest (cordell.evan@gmail.com) +- Update OLM CRDs to latest (cordell.evan@gmail.com) +- Proper DNS for the subnet created (e.minguez@gmail.com) +- Set etcd facts necessary for etcd scaleup (rteague@redhat.com) +- Revert "Don't fetch provider openshift_facts if openshift_cloud_provider_kind + is not set" (roignac@gmail.com) +- cluster-monitoring: Remove version tag for passing image repos + (fbranczyk@gmail.com) +- Fixes: BZ1618547 disable keep ns on error in ASB to prevent resource + starvation (jmontleo@redhat.com) +- Add openshift_additional_registry_credentials (sdodson@redhat.com) +- docker_creds: Add tls_verify parameter (sdodson@redhat.com) +- Avoid S3 deployment check (sarumuga@redhat.com) +- Filter openshift_cloudprovider_openstack_blockstorage_ignore_volume_az to + bool (alberto.rodriguez.peon@cern.ch) +- Add playbook to migrate node imageConfig.format (mgugino@redhat.com) +- docker_creds: Use bool for test_login param (sdodson@redhat.com) +- Run the kube-proxy once per cluster for Calico (mleung975@gmail.com) +- Provide version information (hekumar@redhat.com) +- Annotate nodes with md5sum of the applied config (vrutkovs@redhat.com) +- Add a pod template for recycler pod (hekumar@redhat.com) +- Bump repo constants to support 4.0 RPMs (ccoleman@redhat.com) +- Add calico-pull-secret (mleung975@gmail.com) +- Add separate Calico etcd (mleung975@gmail.com) +- Use true/false instead of yes/no (alberto.rodriguez.peon@cern.ch) +- Allow to configure BlockStorage.ignore-volume-az for Openstack Cloud Provider + (alberto.rodriguez.peon@cern.ch) + +* Tue Sep 11 2018 AOS Automation Release Team 3.11.0-0.35.0 +- cluster-monitoring: Fix incorrect handling of conditional PVCs + (fbranczyk@gmail.com) +- fix alertmanager example in OLM prometheus operator (cordell.evan@gmail.com) +- GlusterFS: Tweak groups for external config (jarrpa@redhat.com) +- Fix kuryr support for custom OpenStack network and subnet + (ltomasbo@redhat.com) +- Add missing ClusterRole for OLM (cordell.evan@gmail.com) +- GlusterFS: Fix heketi_pod check (jarrpa@redhat.com) +- spec: remove roles/openshift_examples/lates symlink (vrutkovs@redhat.com) +- Prepare to split openshift-sdn out of the openshift binary + (ccoleman@redhat.com) +- SDN check: Ignore errors from `oc version` (miciah.masters@gmail.com) + +* Sun Sep 09 2018 AOS Automation Release Team 3.11.0-0.34.0 +- + +* Sat Sep 08 2018 AOS Automation Release Team 3.11.0-0.33.0 +- Install rh-operators catalog (cordell.evan@gmail.com) +- olm: add openshift_facts dependency (sdodson@redhat.com) +- fix ca cert deploy for 3.10. addresses + https://bugzilla.redhat.com/show_bug.cgi?id=1585978 (judd@newgoliath.com) +- Add oc_get_nodes to debug csr output (mgugino@redhat.com) +- Check for migrated status (vrutkovs@redhat.com) +- Run on first etcd only (vrutkovs@redhat.com) +- Add playbooks to remove etcdv2 data (vrutkovs@redhat.com) +- Update rh-operators catalog (cordell.evan@gmail.com) +- don't bind to cluster-admin for OLM (cordell.evan@gmail.com) +- put olm deployments in the right namespace (cordell.evan@gmail.com) +- add main.yaml for olm task (cordell.evan@gmail.com) + +* Fri Sep 07 2018 AOS Automation Release Team 3.11.0-0.32.0 +- + +* Fri Sep 07 2018 AOS Automation Release Team 3.11.0-0.31.0 +- + +* Fri Sep 07 2018 AOS Automation Release Team 3.11.0-0.30.0 +- Remove configmap check during upgrades (rteague@redhat.com) +- Add extra debug info to csr module (mgugino@redhat.com) +- Revert ensure gquota set on slash filesystem (mazzystr@gmail.com) +- Don't fetch provider facts if openshift_cloud_provider_kind is not set + (vrutkovs@redhat.com) +- Remove unused openshift_openstack_app_floating_ip (tomas@sedovic.cz) +- Allow custom OpenStack network and subnet (tomas@sedovic.cz) +- Fixup PR #8671 (tomas@sedovic.cz) +- Squash PR 8671 (i.am.emilio@gmail.com) + +* Thu Sep 06 2018 AOS Automation Release Team 3.11.0-0.29.0 +- cluster-monitoring: Fix repo/docs URL (fbranczyk@gmail.com) +- cluster-monitoring: Make PVCs optional (fbranczyk@gmail.com) +- Fix issue with cockpit package list (rteague@redhat.com) +- GlusterFS: External uninstall (jarrpa@redhat.com) +- GlusterFS: Ignore external nodes (jarrpa@redhat.com) +- openshifT_aws: removed subnet naming (mwoodson@redhat.com) +- openshift-aws: updating the subnet querying (mwoodson@redhat.com) +- Use first_master_client_binary from hostvars[groups.oo_first_master.0] + (nakayamakenjiro@gmail.com) +- Do not stop Opensvswitch #9895 (yasensim@gmail.com) +- add OWNERS file for OLM (jpeeler@redhat.com) +- Add OLM to component upgrades (jpeeler@redhat.com) +- Refactor image health checks (mgugino@redhat.com) +- OLM images: use quay for origin (cordell.evan@gmail.com) +- NSX-T fixes #8134 and fixes NSX #8015, PR #8016 (yasensim@gmail.com) +- update olm images to use openshift registry instead of quay + (cordell.evan@gmail.com) + * Wed Sep 05 2018 AOS Automation Release Team 3.11.0-0.28.0 - Switch openshift_crio_enable_docker_gc default to False (rteague@redhat.com) - Add default node groups to support running cri-o runtime (rteague@redhat.com) diff --git a/playbooks/adhoc/uninstall_docker.yml b/playbooks/adhoc/uninstall_docker.yml index 8bf1f3c5948..41d59b45df4 100644 --- a/playbooks/adhoc/uninstall_docker.yml +++ b/playbooks/adhoc/uninstall_docker.yml @@ -7,20 +7,6 @@ # images # RPMs --- -- hosts: OSEv3:children - become: yes - tasks: - - name: Detecting Operating System - shell: ls /run/ostree-booted - ignore_errors: yes - failed_when: false - register: ostree_output - - # Since we're not calling openshift_facts we'll do this for now - - set_fact: - openshift_is_atomic: "{{ ostree_output.rc == 0 }}" - openshift_is_containerized: "{{ ostree_output.rc == 0 or containerized | default(false) | bool }}" - - hosts: nodes:masters become: yes tasks: diff --git a/playbooks/adhoc/uninstall_openshift.yml b/playbooks/adhoc/uninstall_openshift.yml index 310a61e4402..d0aa7a8f426 100644 --- a/playbooks/adhoc/uninstall_openshift.yml +++ b/playbooks/adhoc/uninstall_openshift.yml @@ -7,20 +7,6 @@ # images # RPMs --- -- hosts: OSEv3:children - become: yes - tasks: - - name: Detecting Operating System - shell: ls /run/ostree-booted - ignore_errors: yes - failed_when: false - register: ostree_output - - # Since we're not calling openshift_facts we'll do this for now - - set_fact: - openshift_is_atomic: "{{ ostree_output.rc == 0 }}" - openshift_is_containerized: "{{ ostree_output.rc == 0 or containerized | default(false) | bool }}" - # Stop services on all hosts prior to removing files. - hosts: nodes become: yes @@ -84,58 +70,55 @@ - when: openshift_remove_all | default(true) | bool block: - - when: not openshift_is_atomic | bool - block: - - - name: Remove packages - package: - name: "{{ pkg_list | join(',') }} " - state: absent - vars: - pkg_list: - - atomic-openshift - - atomic-openshift-clients - - atomic-openshift-excluder - - atomic-openshift-docker-excluder - - atomic-openshift-node - - atomic-openshift-sdn-ovs - - atomic-openshift-hyperkube - - cockpit-bridge - - cockpit-docker - - cockpit-system - - cockpit-ws - - kubernetes-client - - openshift - - openshift-node - - openshift-sdn - - openshift-sdn-ovs - - origin - - origin-excluder - - origin-docker-excluder - - origin-clients - - origin-node - - origin-sdn-ovs - - origin-hyperkube - - tuned-profiles-atomic-openshift-node - - tuned-profiles-origin-node - register: result - until: result is succeeded - - - name: Remove OVS package - package: - name: openvswitch - state: absent - register: result - until: result is succeeded - when: openshift_use_openshift_sdn | default(True) | bool - - - name: Remove flannel package - package: - name: flannel - state: absent - when: openshift_use_flannel | default(false) | bool - register: result - until: result is succeeded + - name: Remove packages + package: + name: "{{ pkg_list | join(',') }} " + state: absent + vars: + pkg_list: + - atomic-openshift + - atomic-openshift-clients + - atomic-openshift-excluder + - atomic-openshift-docker-excluder + - atomic-openshift-node + - atomic-openshift-sdn-ovs + - atomic-openshift-hyperkube + - cockpit-bridge + - cockpit-docker + - cockpit-system + - cockpit-ws + - kubernetes-client + - openshift + - openshift-node + - openshift-sdn + - openshift-sdn-ovs + - origin + - origin-excluder + - origin-docker-excluder + - origin-clients + - origin-node + - origin-sdn-ovs + - origin-hyperkube + - tuned-profiles-atomic-openshift-node + - tuned-profiles-origin-node + register: result + until: result is succeeded + + - name: Remove OVS package + package: + name: openvswitch + state: absent + register: result + until: result is succeeded + when: openshift_use_openshift_sdn | default(True) | bool + + - name: Remove flannel package + package: + name: flannel + state: absent + when: openshift_use_flannel | default(false) | bool + register: result + until: result is succeeded - shell: systemctl reset-failed changed_when: False @@ -166,26 +149,6 @@ - tun0 when: openshift_use_openshift_sdn | default(True) | bool - - shell: atomic uninstall "{{ item }}"-node - changed_when: False - failed_when: False - with_items: - - openshift-enterprise - - origin - - - shell: atomic uninstall "{{ item }}" - changed_when: False - failed_when: False - with_items: - - etcd - - - shell: atomic uninstall "{{ item }}" - changed_when: False - failed_when: False - with_items: - - openvswitch - when: openshift_use_openshift_sdn | default(True) | bool - - shell: find /var/lib/origin/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true changed_when: False @@ -322,7 +285,6 @@ name: "{{ pkg_list | join(',') }}" state: absent when: - - not openshift_is_atomic | bool - openshift_remove_all | default(True) | bool vars: pkg_list: @@ -431,19 +393,11 @@ - etcd3 - firewalld - - name: Stop additional atomic services - service: name={{ item }} state=stopped - when: openshift_is_containerized | bool - with_items: - - etcd_container - failed_when: false - - name: Remove packages package: name: "{{ pkg_list | join(',') }}" state: absent when: - - not openshift_is_atomic | bool - openshift_remove_all | default(True) | bool vars: pkg_list: @@ -508,7 +462,6 @@ name: haproxy state: absent when: - - not openshift_is_atomic | bool - openshift_remove_all | default(True) | bool register: result until: result is succeeded diff --git a/playbooks/aws/openshift-cluster/build_ami.yml b/playbooks/aws/openshift-cluster/build_ami.yml index bed90fd90d4..ffac45492bf 100644 --- a/playbooks/aws/openshift-cluster/build_ami.yml +++ b/playbooks/aws/openshift-cluster/build_ami.yml @@ -39,7 +39,6 @@ - import_playbook: ../../openshift-node/private/image_prep.yml vars: openshift_node_reboot_instance_before_cleanup: true - openshift_aws_ami_set_gquota_on_slash: true - import_playbook: seal_ami.yml vars: diff --git a/playbooks/aws/openshift-cluster/prerequisites.yml b/playbooks/aws/openshift-cluster/prerequisites.yml index 0afcce331ee..49ecf66d853 100644 --- a/playbooks/aws/openshift-cluster/prerequisites.yml +++ b/playbooks/aws/openshift-cluster/prerequisites.yml @@ -4,3 +4,5 @@ - import_playbook: provision_ssh_keypair.yml - import_playbook: provision_sec_group.yml + +- import_playbook: provision_iam_role.yml diff --git a/playbooks/aws/openshift-cluster/provision_iam_role.yml b/playbooks/aws/openshift-cluster/provision_iam_role.yml new file mode 100644 index 00000000000..b41bf6ea614 --- /dev/null +++ b/playbooks/aws/openshift-cluster/provision_iam_role.yml @@ -0,0 +1,10 @@ +--- +- name: Create iam role + hosts: localhost + connection: local + tasks: + - name: create iam role + include_role: + name: openshift_aws + tasks_from: iam_role.yml + when: openshift_aws_create_iam_role | default(true) | bool diff --git a/playbooks/aws/openshift-cluster/uninstall_masters.yml b/playbooks/aws/openshift-cluster/uninstall_masters.yml index fb618df6c21..9647a241258 100644 --- a/playbooks/aws/openshift-cluster/uninstall_masters.yml +++ b/playbooks/aws/openshift-cluster/uninstall_masters.yml @@ -8,9 +8,9 @@ - name: Alert user to variables needed - region debug: - msg: "openshift_aws_region={{ openshift_aws_region }}" + msg: "openshift_aws_region={{ openshift_aws_region | default('us-east-1') }}" -- name: Delete the master node group +- name: Delete the master instances hosts: localhost tasks: - name: delete masters diff --git a/playbooks/azure/openshift-cluster/build_node_image.yml b/playbooks/azure/openshift-cluster/build_node_image.yml index 52c06225d8a..d50fa172dd0 100644 --- a/playbooks/azure/openshift-cluster/build_node_image.yml +++ b/playbooks/azure/openshift-cluster/build_node_image.yml @@ -24,7 +24,12 @@ openshift_node_image_prep_packages: - strace - tcpdump + - skopeo + - crio etcd_ip: ETCD_IP_REPLACE + etcd_hostname: ETCD_HOSTNAME_REPLACE + etcdctlv2: ETCD_CTL2_REPLACE + openshift_use_crio: True - name: add insights-client to package installs when on rhel set_fact: @@ -45,7 +50,7 @@ import_tasks: tasks/yum_certs.yml - name: update rpms - import_role: + include_role: name: os_update_latest vars: os_update_latest_reboot: True @@ -85,7 +90,9 @@ copy: dest: "/etc/origin/oreg_url" content: "{{ oreg_url }}" - when: oreg_url is defined + when: + - oreg_url is defined + - oreg_url != "" - name: create a file with image name copy: diff --git a/playbooks/azure/openshift-cluster/group_vars/all/yum_repos.yml b/playbooks/azure/openshift-cluster/group_vars/all/yum_repos.yml index 8d61aad90a6..1ac53f87203 100644 --- a/playbooks/azure/openshift-cluster/group_vars/all/yum_repos.yml +++ b/playbooks/azure/openshift-cluster/group_vars/all/yum_repos.yml @@ -33,8 +33,8 @@ azure_node_repos: sslclientkey: /var/lib/yum/client-key.pem enabled: yes - - name: rhel-7-server-ansible-2.4-rpms - baseurl: https://mirror.openshift.com/enterprise/rhel/rhel-7-server-ansible-2.4-rpms/ + - name: rhel-7-server-ansible-2.6-rpms + baseurl: https://mirror.openshift.com/enterprise/rhel/rhel-7-server-ansible-2.6-rpms/ gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release sslclientcert: /var/lib/yum/client-cert.pem sslclientkey: /var/lib/yum/client-key.pem diff --git a/playbooks/azure/openshift-cluster/launch.yml b/playbooks/azure/openshift-cluster/launch.yml deleted file mode 100644 index a9d673700c8..00000000000 --- a/playbooks/azure/openshift-cluster/launch.yml +++ /dev/null @@ -1,131 +0,0 @@ ---- -- hosts: localhost - gather_facts: no - tasks: - - import_role: - name: lib_utils - - - name: create temporary directory - tempfile: - state: directory - register: tmp - - - name: download acs-engine - get_url: - url: "{{ item }}" - dest: "{{ tmp.path }}/" - with_list: - - "http://acs-engine-build-azure.svc.ci.openshift.org/acs-engine" - - "http://acs-engine-build-azure.svc.ci.openshift.org/openshift.json" - - - name: make acs-engine executable - file: - path: "{{ tmp.path }}/acs-engine" - mode: 0755 - - - name: configure acs-engine - yedit: - content_type: json - src: "{{ tmp.path }}/openshift.json" - edits: - - key: properties.orchestratorProfile.openShiftConfig.clusterUsername - value: demo - - key: properties.orchestratorProfile.openShiftConfig.clusterPassword - value: "{{ 16 | lib_utils_oo_random_word }}" - - key: properties.orchestratorProfile.orchestratorVersion - value: unstable - # azProfile - - key: properties.azProfile.tenantId - value: "{{ lookup('env', 'AZURE_TENANT') }}" - - key: properties.azProfile.subscriptionId - value: "{{ lookup('env', 'AZURE_SUBSCRIPTION_ID') }}" - - key: properties.azProfile.resourceGroup - value: "{{ openshift_azure_resource_group_name }}" - - key: properties.azProfile.location - value: "{{ openshift_azure_resource_location }}" - # masterProfile - - key: properties.masterProfile.dnsPrefix - value: "a{{ 16 | lib_utils_oo_random_word }}a" - - key: properties.masterProfile.imageReference.name - value: "{{ openshift_azure_input_image_name }}" - - key: properties.masterProfile.imageReference.resourceGroup - value: "{{ openshift_azure_input_image_ns }}" - - key: properties.masterProfile.vmSize - value: "{{ openshift_azure_vm_size | default('Standard_D4s_v3') }}" - # agentpool compute - - key: properties.agentPoolProfiles[0].imageReference.name - value: "{{ openshift_azure_input_image_name }}" - - key: properties.agentPoolProfiles[0].imageReference.resourceGroup - value: "{{ openshift_azure_input_image_ns }}" - - key: properties.agentPoolProfiles[0].vmSize - value: "{{ openshift_azure_vm_size | default('Standard_D4s_v3') }}" - # agentpool infra - - key: properties.agentPoolProfiles[1].imageReference.name - value: "{{ openshift_azure_input_image_name }}" - - key: properties.agentPoolProfiles[1].imageReference.resourceGroup - value: "{{ openshift_azure_input_image_ns }}" - - key: properties.agentPoolProfiles[1].vmSize - value: "{{ openshift_azure_vm_size | default('Standard_D4s_v3') }}" - # linuxprofile - - key: properties.linuxProfile.adminUsername - value: "cloud-user" - - key: properties.linuxProfile.ssh.publicKeys[0].keyData - value: "{{ openshift_azure_vm_ssh_public_key }}" - # serviceprincipal - - key: properties.servicePrincipalProfile.clientId - value: "{{ lookup('env', 'AZURE_CLIENT_ID') }}" - - key: properties.servicePrincipalProfile.secret - value: "{{ lookup('env', 'AZURE_SECRET') }}" - - - name: run acs-engine deploy - command: | - {{ tmp.path }}/acs-engine deploy \ - --resource-group {{ openshift_azure_resource_group_name }} \ - --location {{ openshift_azure_resource_location }} \ - --subscription-id {{ lookup('env', 'AZURE_SUBSCRIPTION_ID') }} \ - --auth-method client_secret \ - --client-id {{ lookup('env', 'AZURE_CLIENT_ID') }} \ - --client-secret {{ lookup('env', 'AZURE_SECRET') }} \ - --output-directory {{ tmp.path }}/deploy \ - {{ tmp.path }}/openshift.json - no_log: true - ignore_errors: yes - register: deploy - - - debug: - msg: "{{ deploy.stdout }}" - - - debug: - msg: "{{ deploy.stderr }}" - - # This code attempts to persist the data to /var/tmp which is bind - # mounted into the calling container. This enables the CI to reuse - # the cluster created in the previous steps to perform the e2e tests - - name: persist the acs-engine generated artifacts - copy: - src: "{{ tmp.path }}/deploy" - dest: /var/tmp/ - when: openshift_ci_persist_artifacts | default(False) - - - name: delete temporary directory - file: - path: "{{ tmp.path }}" - state: absent - - - block: - - name: get azure deployment message - command: > - az group deployment list - -g "{{ openshift_azure_resource_group_name }}" - --query "[0].properties.additionalProperties.error.details[0].message" - -o tsv - register: message - - - debug: - msg: "{{ (message.stdout | from_json).error.details[0].message }}" - when: message.stdout != "" - - - assert: - that: "{{ not deploy.failed }}" - - when: deploy.failed diff --git a/playbooks/azure/openshift-cluster/tasks/create_blob_from_vm.yml b/playbooks/azure/openshift-cluster/tasks/create_blob_from_vm.yml index 1d319eb3c04..e4204697760 100644 --- a/playbooks/azure/openshift-cluster/tasks/create_blob_from_vm.yml +++ b/playbooks/azure/openshift-cluster/tasks/create_blob_from_vm.yml @@ -23,7 +23,7 @@ - name: start copy command: > az storage blob copy start - --source-uri "{{ (sas.stdout | from_json).accessSas }}" + --source-uri "{{ (sas.stdout | from_json).properties.output.accessSAS }}" --account-name "{{ openshift_azure_storage_account }}" --account-key "{{ (keys.stdout | from_json)[0].value }}" --destination-container "{{ openshift_azure_container }}" diff --git a/playbooks/azure/openshift-cluster/tasks/yum_certs.yml b/playbooks/azure/openshift-cluster/tasks/yum_certs.yml index b1bfa6f2981..8bcbe52c61c 100644 --- a/playbooks/azure/openshift-cluster/tasks/yum_certs.yml +++ b/playbooks/azure/openshift-cluster/tasks/yum_certs.yml @@ -13,7 +13,7 @@ when: ansible_distribution == "RedHat" - name: add yum repositories - import_role: + include_role: name: openshift_repos vars: r_openshift_repos_has_run: True diff --git a/playbooks/byo/calico/legacy_upgrade.yml b/playbooks/byo/calico/legacy_upgrade.yml index 1affaa22253..8d0462efed4 100644 --- a/playbooks/byo/calico/legacy_upgrade.yml +++ b/playbooks/byo/calico/legacy_upgrade.yml @@ -100,7 +100,7 @@ - name: Apply node label delegate_to: "{{ groups.oo_first_master.0 }}" command: > - {{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig label node {{ openshift.node.nodename | lower }} --overwrite projectcalico.org/ds-ready=true + {{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig label node {{ l_kubelet_node_name | lower }} --overwrite projectcalico.org/ds-ready=true - name: Wait for node running uri: url: http://localhost:9099/readiness diff --git a/playbooks/byo/openshift-cluster/upgrades/README.md b/playbooks/byo/openshift-cluster/upgrades/README.md index c50420425ad..2eee532285a 100644 --- a/playbooks/byo/openshift-cluster/upgrades/README.md +++ b/playbooks/byo/openshift-cluster/upgrades/README.md @@ -4,4 +4,4 @@ cluster. Additional notes for the associated upgrade playbooks are provided in their respective directories. # Upgrades available -- [OpenShift Container Platform 3.10 to 3.11](v3_11/README.md) (upgrade OpenShift Origin from 3.10.x to 3.11.x) +- [OpenShift Container Platform 3.11 to 4.0](v4_0/README.md) (upgrade OpenShift Origin from 3.11.x to 4.0.x) diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_11/README.md b/playbooks/byo/openshift-cluster/upgrades/v4_0/README.md similarity index 91% rename from playbooks/byo/openshift-cluster/upgrades/v3_11/README.md rename to playbooks/byo/openshift-cluster/upgrades/v4_0/README.md index d660d1e2aaa..a318167e142 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_11/README.md +++ b/playbooks/byo/openshift-cluster/upgrades/v4_0/README.md @@ -16,5 +16,5 @@ This playbook currently performs the following steps. ## Usage ``` -ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_11/upgrade.yml +ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v4_0/upgrade.yml ``` diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_11/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v4_0/upgrade.yml similarity index 85% rename from playbooks/byo/openshift-cluster/upgrades/v3_11/upgrade.yml rename to playbooks/byo/openshift-cluster/upgrades/v4_0/upgrade.yml index f60ff2a910e..4a5e9219aaf 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_11/upgrade.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v4_0/upgrade.yml @@ -2,4 +2,4 @@ # # Full Control Plane + Nodes Upgrade # -- import_playbook: ../../../../common/openshift-cluster/upgrades/v3_11/upgrade.yml +- import_playbook: ../../../../common/openshift-cluster/upgrades/v4_0/upgrade.yml diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_11/upgrade_control_plane.yml b/playbooks/byo/openshift-cluster/upgrades/v4_0/upgrade_control_plane.yml similarity index 93% rename from playbooks/byo/openshift-cluster/upgrades/v3_11/upgrade_control_plane.yml rename to playbooks/byo/openshift-cluster/upgrades/v4_0/upgrade_control_plane.yml index 633734662ee..b5e98aa3de3 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_11/upgrade_control_plane.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v4_0/upgrade_control_plane.yml @@ -11,6 +11,6 @@ # # You can run the upgrade_nodes.yml playbook after this to upgrade these components separately. # -- import_playbook: ../../../../common/openshift-cluster/upgrades/v3_11/upgrade_control_plane.yml +- import_playbook: ../../../../common/openshift-cluster/upgrades/v4_0/upgrade_control_plane.yml - import_playbook: ../../../../openshift-master/private/restart.yml diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_11/upgrade_nodes.yml b/playbooks/byo/openshift-cluster/upgrades/v4_0/upgrade_nodes.yml similarity index 87% rename from playbooks/byo/openshift-cluster/upgrades/v3_11/upgrade_nodes.yml rename to playbooks/byo/openshift-cluster/upgrades/v4_0/upgrade_nodes.yml index 6edbe4c5769..40b7d6f6065 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_11/upgrade_nodes.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v4_0/upgrade_nodes.yml @@ -4,4 +4,4 @@ # # Upgrades nodes only, but requires the control plane to have already been upgraded. # -- import_playbook: ../../../../common/openshift-cluster/upgrades/v3_11/upgrade_nodes.yml +- import_playbook: ../../../../common/openshift-cluster/upgrades/v4_0/upgrade_nodes.yml diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_11/upgrade_scale_groups.yml b/playbooks/byo/openshift-cluster/upgrades/v4_0/upgrade_scale_groups.yml similarity index 100% rename from playbooks/byo/openshift-cluster/upgrades/v3_11/upgrade_scale_groups.yml rename to playbooks/byo/openshift-cluster/upgrades/v4_0/upgrade_scale_groups.yml diff --git a/playbooks/cluster-operator/aws/components/openshift-prometheus.yml b/playbooks/cluster-operator/aws/components/openshift-prometheus.yml deleted file mode 100644 index d37580d986f..00000000000 --- a/playbooks/cluster-operator/aws/components/openshift-prometheus.yml +++ /dev/null @@ -1,25 +0,0 @@ ---- -- name: Alert user to variables needed - hosts: localhost - tasks: - - name: Alert user to variables needed - clusterid - debug: - msg: "openshift_aws_clusterid={{ openshift_aws_clusterid | default('default') }}" - - - name: Alert user to variables needed - region - debug: - msg: "openshift_aws_region={{ openshift_aws_region | default('us-east-1') }}" - -- name: Setup the master node group - hosts: localhost - tasks: - - import_role: - name: openshift_aws - tasks_from: setup_master_group.yml - -- name: run the init - import_playbook: ../../../init/main.yml - -- name: Run prometheus playbook - import_playbook: ../../../openshift-prometheus/private/config.yml - when: openshift_hosted_prometheus_deploy | default(false) | bool diff --git a/playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml index d2200a74b26..8509b0beaf8 100644 --- a/playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml @@ -31,10 +31,6 @@ roles: - openshift_facts tasks: - - fail: - msg: Cannot upgrade Docker on Atomic operating systems. - when: openshift_is_atomic | bool - - import_role: name: container_runtime tasks_from: docker_upgrade_check.yml @@ -56,7 +52,7 @@ tasks: - name: Mark node unschedulable oc_adm_manage_node: - node: "{{ openshift.node.nodename | lower }}" + node: "{{ l_kubelet_node_name | lower }}" schedulable: False delegate_to: "{{ groups.oo_first_master.0 }}" retries: 10 @@ -70,7 +66,7 @@ - name: Drain Node for Kubelet upgrade command: > - {{ hostvars[groups.oo_first_master.0]['first_master_client_binary'] }} adm drain {{ openshift.node.nodename | lower }} + {{ hostvars[groups.oo_first_master.0]['first_master_client_binary'] }} adm drain {{ l_kubelet_node_name | lower }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets --timeout={{ openshift_upgrade_nodes_drain_timeout | default(0) }}s @@ -94,7 +90,7 @@ - name: Set node schedulability oc_adm_manage_node: - node: "{{ openshift.node.nodename | lower }}" + node: "{{ l_kubelet_node_name | lower }}" schedulable: True delegate_to: "{{ groups.oo_first_master.0 }}" retries: 10 diff --git a/playbooks/common/openshift-cluster/upgrades/init.yml b/playbooks/common/openshift-cluster/upgrades/init.yml index 6a09096e9e8..ac2334aaf40 100644 --- a/playbooks/common/openshift-cluster/upgrades/init.yml +++ b/playbooks/common/openshift-cluster/upgrades/init.yml @@ -16,13 +16,6 @@ name: openshift_certificate_expiry tasks_from: main.yml -- name: Ensure essential node configmaps are present - hosts: oo_first_master - tasks: - - import_role: - name: openshift_node_group - tasks_from: check_for_configs.yml - - name: Ensure firewall is not switched during upgrade hosts: "{{ l_upgrade_no_switch_firewall_hosts | default('oo_all_hosts') }}" vars: diff --git a/playbooks/common/openshift-cluster/upgrades/pre/verify_upgrade_targets.yml b/playbooks/common/openshift-cluster/upgrades/pre/verify_upgrade_targets.yml index 9a462ecf43b..5db1c2047ee 100644 --- a/playbooks/common/openshift-cluster/upgrades/pre/verify_upgrade_targets.yml +++ b/playbooks/common/openshift-cluster/upgrades/pre/verify_upgrade_targets.yml @@ -10,39 +10,31 @@ tasks_from: registry_auth.yml when: oreg_auth_user is defined -- name: Verify containers are available for upgrade - command: "{{ openshift_container_cli }} pull {{ openshift_cli_image }}" - register: pull_result - changed_when: "'Downloaded newer image' in pull_result.stdout" - when: openshift_is_containerized | bool +- name: Check latest available OpenShift RPM version + repoquery: + name: "{{ openshift_service_type }}{{ '-' ~ openshift_version ~ '*' }}" + ignore_excluders: true + register: repoquery_out -- when: not openshift_is_containerized | bool - block: - - name: Check latest available OpenShift RPM version - repoquery: - name: "{{ openshift_service_type }}{{ '-' ~ openshift_version ~ '*' }}" - ignore_excluders: true - register: repoquery_out - - - name: Fail when unable to determine available OpenShift RPM version - fail: - msg: "Unable to determine available OpenShift RPM version" - when: - - not repoquery_out.results.package_found +- name: Fail when unable to determine available OpenShift RPM version + fail: + msg: "Unable to determine available OpenShift RPM version" + when: + - not repoquery_out.results.package_found - - name: Set fact avail_openshift_version - set_fact: - avail_openshift_version: "{{ repoquery_out.results.versions.available_versions_full.0 }}" - - name: Set openshift_pkg_version when not specified - set_fact: - openshift_pkg_version: "-{{ repoquery_out.results.versions.available_versions_full.0 }}" - when: openshift_pkg_version | default('') == '' +- name: Set fact avail_openshift_version + set_fact: + avail_openshift_version: "{{ repoquery_out.results.versions.available_versions_full.0 }}" +- name: Set openshift_pkg_version when not specified + set_fact: + openshift_pkg_version: "-{{ repoquery_out.results.versions.available_versions_full.0 }}" + when: openshift_pkg_version | default('') == '' - - name: Verify OpenShift RPMs are available for upgrade - fail: - msg: "OpenShift {{ avail_openshift_version }} is available, but {{ openshift_upgrade_target }} or greater is required" - when: - - (openshift_pkg_version | default('-0.0', True)).split('-')[1] is version(openshift_upgrade_target, '<') +- name: Verify OpenShift RPMs are available for upgrade + fail: + msg: "OpenShift {{ avail_openshift_version }} is available, but {{ openshift_upgrade_target }} or greater is required" + when: + - (openshift_pkg_version | default('-0.0', True)).split('-')[1] is version(openshift_upgrade_target, '<') - name: Fail when openshift version does not meet minimum requirement for Origin upgrade fail: diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_components.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_components.yml index db4411adbe1..635fc92737f 100644 --- a/playbooks/common/openshift-cluster/upgrades/upgrade_components.yml +++ b/playbooks/common/openshift-cluster/upgrades/upgrade_components.yml @@ -14,11 +14,13 @@ tasks_from: install.yml when: - openshift_enable_service_catalog | default(true) | bool + - ansible_service_broker_install | default(true) | bool - import_role: name: template_service_broker tasks_from: upgrade.yml when: - openshift_enable_service_catalog | default(true) | bool + - template_service_broker_install | default(true) | bool - import_playbook: ../../../olm/private/config.yml when: openshift_enable_olm | default(false) | bool diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml index 70666e9eebf..a71ed2476ee 100644 --- a/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml +++ b/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml @@ -23,7 +23,7 @@ # we merge upgrade functionality into the base roles and a normal config.yml playbook run. - name: Mark node unschedulable oc_adm_manage_node: - node: "{{ openshift.node.nodename | lower }}" + node: "{{ l_kubelet_node_name | lower }}" schedulable: False delegate_to: "{{ groups.oo_first_master.0 }}" retries: 10 @@ -33,7 +33,7 @@ - name: Drain Node for Kubelet upgrade command: > - {{ hostvars[groups.oo_first_master.0]['first_master_client_binary'] }} adm drain {{ openshift.node.nodename | lower }} + {{ hostvars[groups.oo_first_master.0]['first_master_client_binary'] }} adm drain {{ l_kubelet_node_name | lower }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets --timeout={{ openshift_upgrade_nodes_drain_timeout | default(0) }}s diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_scale_group.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_scale_group.yml index 8ccefdfbe38..92334623a5b 100644 --- a/playbooks/common/openshift-cluster/upgrades/upgrade_scale_group.yml +++ b/playbooks/common/openshift-cluster/upgrades/upgrade_scale_group.yml @@ -28,7 +28,7 @@ - name: Mark node unschedulable oc_adm_manage_node: - node: "{{ openshift.node.nodename | lower }}" + node: "{{ l_kubelet_node_name | lower }}" schedulable: False delegate_to: "{{ groups.oo_first_master.0 }}" retries: 10 @@ -45,7 +45,7 @@ tasks: - name: Drain Node for Kubelet upgrade command: > - {{ hostvars[groups.oo_first_master.0]['first_master_client_binary'] }} adm drain {{ openshift.node.nodename | lower }} + {{ hostvars[groups.oo_first_master.0]['first_master_client_binary'] }} adm drain {{ l_kubelet_node_name | lower }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets --timeout={{ openshift_upgrade_nodes_drain_timeout | default(0) }}s diff --git a/playbooks/common/openshift-cluster/upgrades/v3_11/master_config_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v4_0/master_config_upgrade.yml similarity index 100% rename from playbooks/common/openshift-cluster/upgrades/v3_11/master_config_upgrade.yml rename to playbooks/common/openshift-cluster/upgrades/v4_0/master_config_upgrade.yml diff --git a/playbooks/common/openshift-cluster/upgrades/v3_11/roles b/playbooks/common/openshift-cluster/upgrades/v4_0/roles similarity index 100% rename from playbooks/common/openshift-cluster/upgrades/v3_11/roles rename to playbooks/common/openshift-cluster/upgrades/v4_0/roles diff --git a/playbooks/common/openshift-cluster/upgrades/v3_11/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v4_0/upgrade.yml similarity index 100% rename from playbooks/common/openshift-cluster/upgrades/v3_11/upgrade.yml rename to playbooks/common/openshift-cluster/upgrades/v4_0/upgrade.yml diff --git a/playbooks/common/openshift-cluster/upgrades/v3_11/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/v4_0/upgrade_control_plane.yml similarity index 88% rename from playbooks/common/openshift-cluster/upgrades/v3_11/upgrade_control_plane.yml rename to playbooks/common/openshift-cluster/upgrades/v4_0/upgrade_control_plane.yml index 848d15b4a22..7a1af674d9d 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_11/upgrade_control_plane.yml +++ b/playbooks/common/openshift-cluster/upgrades/v4_0/upgrade_control_plane.yml @@ -18,13 +18,13 @@ l_base_packages_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config" l_upgrade_cert_check_hosts: "oo_masters_to_config:oo_etcd_to_config" -- name: Configure the upgrade target for the common upgrade tasks 3.11 +- name: Configure the upgrade target for the common upgrade tasks 4.0 hosts: oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config tasks: - set_fact: - openshift_upgrade_target: '3.11' - openshift_upgrade_min: '3.10' - openshift_release: '3.11' + openshift_upgrade_target: '4.0' + openshift_upgrade_min: '3.11' + openshift_release: '4.0' - import_playbook: ../pre/config.yml # These vars a meant to exclude oo_nodes from plays that would otherwise include @@ -87,7 +87,7 @@ - import_playbook: ../upgrade_control_plane.yml vars: - openshift_release: '3.11' + openshift_release: '4.0' - name: Update master nodes hosts: oo_masters @@ -99,6 +99,9 @@ - import_role: name: openshift_node tasks_from: upgrade.yml + - import_role: + name: openshift_control_plane + tasks_from: verify_api_server.yml - import_role: name: openshift_storage_glusterfs tasks_from: check_cluster_health.yml @@ -106,7 +109,6 @@ ('glusterfs' in groups and inventory_hostname in groups['glusterfs']) or ('glusterfs_registry' in groups and inventory_hostname in groups['glusterfs_registry']) - - import_playbook: ../post_control_plane.yml - hosts: oo_masters @@ -114,16 +116,3 @@ - import_role: name: openshift_web_console tasks_from: remove_old_asset_config.yml - -# This is a one time migration. No need to save it in the 3.11. -# https://bugzilla.redhat.com/show_bug.cgi?id=1565736 -- hosts: oo_first_master - tasks: - - import_role: - name: openshift_hosted - tasks_from: registry_service_account.yml - when: openshift_hosted_manage_registry | default(True) | bool - - import_role: - name: openshift_hosted - tasks_from: remove_legacy_env_variables.yml - when: openshift_hosted_manage_registry | default(True) | bool diff --git a/playbooks/common/openshift-cluster/upgrades/v3_11/upgrade_nodes.yml b/playbooks/common/openshift-cluster/upgrades/v4_0/upgrade_nodes.yml similarity index 89% rename from playbooks/common/openshift-cluster/upgrades/v3_11/upgrade_nodes.yml rename to playbooks/common/openshift-cluster/upgrades/v4_0/upgrade_nodes.yml index 86c6e0c86c8..d88fdef1f4e 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_11/upgrade_nodes.yml +++ b/playbooks/common/openshift-cluster/upgrades/v4_0/upgrade_nodes.yml @@ -12,9 +12,9 @@ hosts: oo_all_hosts tasks: - set_fact: - openshift_upgrade_target: '3.11' - openshift_upgrade_min: '3.10' - openshift_release: '3.11' + openshift_upgrade_target: '4.0' + openshift_upgrade_min: '3.11' + openshift_release: '4.0' - import_playbook: ../pre/config.yml vars: diff --git a/playbooks/common/private/components.yml b/playbooks/common/private/components.yml index f33a46368ea..823732781d1 100644 --- a/playbooks/common/private/components.yml +++ b/playbooks/common/private/components.yml @@ -41,14 +41,6 @@ - import_playbook: ../../openshift-logging/private/config.yml when: openshift_logging_install_logging | default(false) | bool -- import_playbook: ../../openshift-prometheus/private/config.yml - when: openshift_hosted_prometheus_deploy | default(false) | bool - -- import_playbook: ../../openshift-grafana/private/config.yml - when: - - openshift_hosted_prometheus_deploy | default(false) | bool - - openshift_hosted_grafana_deploy | default(false) | bool - - import_playbook: ../../openshift-monitor-availability/private/config.yml when: openshift_monitor_availability_install | default(false) | bool diff --git a/playbooks/gcp/openshift-cluster/build_base_image.yml b/playbooks/gcp/openshift-cluster/build_base_image.yml index 1dc7f79af9d..623b6b3c085 100644 --- a/playbooks/gcp/openshift-cluster/build_base_image.yml +++ b/playbooks/gcp/openshift-cluster/build_base_image.yml @@ -156,7 +156,6 @@ - iptables-services - bridge-utils - bash-completion - - atomic - name: Clean yum metadata command: yum clean all args: diff --git a/playbooks/gcp/openshift-cluster/upgrade.yml b/playbooks/gcp/openshift-cluster/upgrade.yml index 863a618a939..ce6482d0c4a 100644 --- a/playbooks/gcp/openshift-cluster/upgrade.yml +++ b/playbooks/gcp/openshift-cluster/upgrade.yml @@ -11,4 +11,4 @@ all_nodes: true - name: run the upgrade - import_playbook: ../../common/openshift-cluster/upgrades/v3_11/upgrade.yml + import_playbook: ../../common/openshift-cluster/upgrades/v4_0/upgrade.yml diff --git a/playbooks/init/base_packages.yml b/playbooks/init/base_packages.yml index c8b6b9a8fb3..970afa93431 100644 --- a/playbooks/init/base_packages.yml +++ b/playbooks/init/base_packages.yml @@ -11,8 +11,6 @@ failed_when: false register: chrony_installed - # chrony is installed on atomic host by default, so no need to worry about - # atomic here. - name: Install ntp package package: name: ntp @@ -27,21 +25,21 @@ command: timedatectl set-ntp true when: openshift_clock_enabled | default(True) | bool - - when: - - not openshift_is_atomic | bool - block: - - name: Ensure openshift-ansible installer package deps are installed - package: - name: "{{ pkg_list | join(',') }}" - state: present - vars: - pkg_list: - - iproute - - "{{ 'python3-dbus' if ansible_distribution == 'Fedora' else 'dbus-python' }}" - - "{{ 'python3-PyYAML' if ansible_distribution == 'Fedora' else 'PyYAML' }}" - - "{{ 'python-ipaddress' if ansible_distribution != 'Fedora' else '' }}" - - libsemanage-python - - yum-utils - - "{{ 'python3-docker' if ansible_distribution == 'Fedora' else 'python-docker' }}" - register: result - until: result is succeeded + - name: Ensure openshift-ansible installer package deps are installed + package: + name: "{{ pkg_list | join(',') }}" + state: present + vars: + pkg_list_temp: + - iproute + - "{{ 'python3-dbus' if ansible_distribution == 'Fedora' else 'dbus-python' }}" + - "{{ 'python3-PyYAML' if ansible_distribution == 'Fedora' else 'PyYAML' }}" + - libsemanage-python + - yum-utils + - "{{ 'python3-docker' if ansible_distribution == 'Fedora' else 'python-docker' }}" + pkg_list_non_fedora: + - 'python-ipaddress' + pkg_list_use_non_fedora: "{{ ansible_distribution != 'Fedora' | bool }}" + pkg_list: "{{ pkg_list_non_fedora | ternary(pkg_list_non_fedora, []) + pkg_list_temp }}" + register: result + until: result is succeeded diff --git a/playbooks/init/basic_facts.yml b/playbooks/init/basic_facts.yml index 901b86ef5d2..814389ada52 100644 --- a/playbooks/init/basic_facts.yml +++ b/playbooks/init/basic_facts.yml @@ -16,13 +16,10 @@ import_role: name: openshift_sanitize_inventory - - name: Detecting Operating System from ostree_booted - stat: - path: /run/ostree-booted - get_checksum: false - get_attributes: false - get_mime: false - register: ostree_booted + - name: Detect OS Variant from /etc/os-release + fail: + msg: Atomic Host installations are no longer supported + when: lookup('ini', 'VARIANT_ID type=properties file=/etc/os-release') == 'atomic.host' # TODO(michaelgugino) remove this line once CI is updated. - name: set openshift_deployment_type if unset @@ -32,33 +29,6 @@ - openshift_deployment_type is undefined - deployment_type is defined - - name: initialize_facts set fact openshift_is_atomic and openshift_is_containerized - set_fact: - openshift_is_atomic: "{{ ostree_booted.stat.exists }}" - openshift_is_containerized: "{{ ostree_booted.stat.exists or (containerized | default(false) | bool) }}" - - # TODO: Should this be moved into health checks?? - # Seems as though any check that happens with a corresponding fail should move into health_checks - # Fail as early as possible if Atomic and old version of Docker - - when: - - openshift_is_atomic | bool - block: - - # See https://access.redhat.com/articles/2317361 - # and https://github.com/ansible/ansible/issues/15892 - # NOTE: the "'s can not be removed at this level else the docker command will fail - # NOTE: When ansible >2.2.1.x is used this can be updated per - # https://github.com/openshift/openshift-ansible/pull/3475#discussion_r103525121 - - name: Determine Atomic Host Docker Version - shell: 'CURLY="{"; docker version --format "$CURLY{json .Server.Version}}"' - register: l_atomic_docker_version - - - name: assert atomic host docker version is 1.12 or later - assert: - that: - - l_atomic_docker_version.stdout | replace('"', '') is version('1.12','>=') - msg: Installation on Atomic Host requires Docker 1.12 or later. Please upgrade and restart the Atomic Host. - - name: Retrieve existing master configs and validate hosts: oo_masters_to_config gather_facts: no diff --git a/playbooks/init/cluster_facts.yml b/playbooks/init/cluster_facts.yml index 175f6e84432..c4880bc612a 100644 --- a/playbooks/init/cluster_facts.yml +++ b/playbooks/init/cluster_facts.yml @@ -28,7 +28,7 @@ openshift_facts: role: common local_facts: - hostname: "{{ openshift_hostname | default(None) }}" + hostname: "{{ openshift_kubelet_name_override | default(None) }}" ip: "{{ openshift_ip | default(None) }}" public_hostname: "{{ openshift_public_hostname | default(None) }}" public_ip: "{{ openshift_public_ip | default(None) }}" @@ -37,6 +37,7 @@ https_proxy: "{{ openshift_https_proxy | default(None) }}" no_proxy: "{{ openshift_no_proxy | default(None) }}" generate_no_proxy_hosts: "{{ openshift_generate_no_proxy_hosts | default(True) }}" + cloudprovider: "{{ openshift_cloudprovider_kind | default(None) }}" - name: Set fact of no_proxy_internal_hostnames openshift_facts: @@ -61,6 +62,9 @@ role: node local_facts: sdn_mtu: "{{ openshift_node_sdn_mtu | default(None) }}" + - name: set_fact l_kubelet_node_name + set_fact: + l_kubelet_node_name: "{{ openshift_kubelet_name_override | default(openshift.node.nodename) }}" - name: Initialize etcd host variables hosts: oo_masters_to_config diff --git a/playbooks/init/validate_hostnames.yml b/playbooks/init/validate_hostnames.yml index ede51a94f65..81fdf7c3cd7 100644 --- a/playbooks/init/validate_hostnames.yml +++ b/playbooks/init/validate_hostnames.yml @@ -10,19 +10,20 @@ changed_when: false failed_when: false - - name: Validate openshift_hostname when defined + - name: Validate openshift_kubelet_name_override when defined fail: msg: > The hostname {{ openshift.common.hostname }} for {{ ansible_nodename }} doesn't resolve to an IP address owned by this host. Please set - openshift_hostname variable to a hostname that when resolved on the host + openshift_kubelet_name_override variable to a hostname that when resolved on the host in question resolves to an IP address matching an interface on this host. This will ensure proper functionality of OpenShift networking features. - Inventory setting: openshift_hostname={{ openshift_hostname | default ('undefined') }} + Inventory setting: openshift_kubelet_name_override={{ openshift_kubelet_name_override | default ('undefined') }} This check can be overridden by setting openshift_hostname_check=false in the inventory. See https://docs.okd.io/latest/install_config/install/advanced_install.html#configuring-host-variables when: + - openshift_kubelet_name_override is defined - lookupip.stdout != '127.0.0.1' - lookupip.stdout not in ansible_all_ipv4_addresses - openshift_hostname_check | default(true) | bool diff --git a/playbooks/openshift-autoheal/private/config.yml b/playbooks/openshift-autoheal/private/config.yml index 54c6ab9e373..f43c75c2476 100644 --- a/playbooks/openshift-autoheal/private/config.yml +++ b/playbooks/openshift-autoheal/private/config.yml @@ -16,6 +16,7 @@ - name: Auto-heal hosts: oo_first_master roles: + - role: openshift_facts - role: openshift_autoheal - name: Auto-heal Install Checkpoint End diff --git a/playbooks/openshift-checks/certificate_expiry/default.yaml b/playbooks/openshift-checks/certificate_expiry/default.yaml index 630135caec2..56764c73429 100644 --- a/playbooks/openshift-checks/certificate_expiry/default.yaml +++ b/playbooks/openshift-checks/certificate_expiry/default.yaml @@ -5,6 +5,5 @@ - name: Check cert expirys hosts: nodes:masters:etcd become: yes - gather_facts: no roles: - role: openshift_certificate_expiry diff --git a/playbooks/openshift-checks/certificate_expiry/easy-mode-upload.yaml b/playbooks/openshift-checks/certificate_expiry/easy-mode-upload.yaml index 378d1f154b6..ddb94d0e1b3 100644 --- a/playbooks/openshift-checks/certificate_expiry/easy-mode-upload.yaml +++ b/playbooks/openshift-checks/certificate_expiry/easy-mode-upload.yaml @@ -11,7 +11,6 @@ --- - name: Generate certificate expiration reports hosts: nodes:masters:etcd - gather_facts: no vars: openshift_certificate_expiry_save_json_results: yes openshift_certificate_expiry_generate_html_report: yes diff --git a/playbooks/openshift-checks/certificate_expiry/easy-mode.yaml b/playbooks/openshift-checks/certificate_expiry/easy-mode.yaml index a0280917915..c5600afac6e 100644 --- a/playbooks/openshift-checks/certificate_expiry/easy-mode.yaml +++ b/playbooks/openshift-checks/certificate_expiry/easy-mode.yaml @@ -8,7 +8,6 @@ - name: Check cert expirys hosts: nodes:masters:etcd - gather_facts: no vars: openshift_certificate_expiry_save_json_results: yes openshift_certificate_expiry_generate_html_report: yes diff --git a/playbooks/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml b/playbooks/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml index c171835386f..66bbdb0e6d1 100644 --- a/playbooks/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml +++ b/playbooks/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml @@ -3,7 +3,6 @@ - name: Check cert expirys hosts: nodes:masters:etcd - gather_facts: no vars: openshift_certificate_expiry_generate_html_report: yes openshift_certificate_expiry_save_json_results: yes diff --git a/playbooks/openshift-checks/certificate_expiry/html_and_json_timestamp.yaml b/playbooks/openshift-checks/certificate_expiry/html_and_json_timestamp.yaml index 282d9783585..c5393911553 100644 --- a/playbooks/openshift-checks/certificate_expiry/html_and_json_timestamp.yaml +++ b/playbooks/openshift-checks/certificate_expiry/html_and_json_timestamp.yaml @@ -3,7 +3,6 @@ - name: Check cert expirys hosts: nodes:masters:etcd - gather_facts: no vars: openshift_certificate_expiry_generate_html_report: yes openshift_certificate_expiry_save_json_results: yes diff --git a/playbooks/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml b/playbooks/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml index d270fcc8567..6c07ba6947e 100644 --- a/playbooks/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml +++ b/playbooks/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml @@ -4,7 +4,6 @@ - name: Check cert expirys hosts: nodes:masters:etcd - gather_facts: no vars: openshift_certificate_expiry_warning_days: 1500 openshift_certificate_expiry_save_json_results: yes diff --git a/playbooks/openshift-checks/certificate_expiry/longer_warning_period.yaml b/playbooks/openshift-checks/certificate_expiry/longer_warning_period.yaml index 84e26d9fcee..fb22b4add8d 100644 --- a/playbooks/openshift-checks/certificate_expiry/longer_warning_period.yaml +++ b/playbooks/openshift-checks/certificate_expiry/longer_warning_period.yaml @@ -4,7 +4,6 @@ - name: Check cert expirys hosts: nodes:masters:etcd - gather_facts: no vars: openshift_certificate_expiry_warning_days: 1500 roles: diff --git a/playbooks/openshift-etcd/private/config.yml b/playbooks/openshift-etcd/private/config.yml index 6cde17f1af3..28531c2f1de 100644 --- a/playbooks/openshift-etcd/private/config.yml +++ b/playbooks/openshift-etcd/private/config.yml @@ -21,14 +21,6 @@ hosts: oo_etcd_to_config any_errors_fatal: true tasks: - - fail: - msg: > - etcd stand-alone hosts on atomic is no longer supported. Please - co-locate your etcd hosts with masters. - when: - - openshift_is_atomic | bool - - not inventory_hostname in groups['oo_masters'] - - import_role: name: etcd tasks_from: set_facts.yml diff --git a/playbooks/openshift-etcd/private/redeploy-ca.yml b/playbooks/openshift-etcd/private/redeploy-ca.yml index 76e931a1ba0..084b1c7d5b4 100644 --- a/playbooks/openshift-etcd/private/redeploy-ca.yml +++ b/playbooks/openshift-etcd/private/redeploy-ca.yml @@ -34,7 +34,7 @@ changed_when: false - name: Chmod local temp directory for syncing certs - local_action: command chmod 777 "{{ g_etcd_mktemp.stdout }}" + local_action: file path="{{ g_etcd_mktemp.stdout }}" mode=0777 changed_when: false - name: Distribute etcd CA to etcd hosts diff --git a/playbooks/openshift-etcd/private/remove-etcdv2-data.yml b/playbooks/openshift-etcd/private/remove-etcdv2-data.yml new file mode 100644 index 00000000000..8e8147218ae --- /dev/null +++ b/playbooks/openshift-etcd/private/remove-etcdv2-data.yml @@ -0,0 +1,8 @@ +--- +- name: Remove etcd v2 data + hosts: oo_etcd_to_config[0] + any_errors_fatal: true + tasks: + - import_role: + name: etcd + tasks_from: remove-etcd-v2-data.yml diff --git a/playbooks/openshift-etcd/private/scaleup.yml b/playbooks/openshift-etcd/private/scaleup.yml index 8e9e26c83b1..fdddb641c0c 100644 --- a/playbooks/openshift-etcd/private/scaleup.yml +++ b/playbooks/openshift-etcd/private/scaleup.yml @@ -1,26 +1,52 @@ --- +- name: Check for etcd stand-alone hosts on atomic + hosts: oo_etcd_to_config + any_errors_fatal: true + tasks: + - fail: + msg: > + etcd stand-alone hosts on atomic is no longer supported. Please + co-locate your etcd hosts with masters. + when: + - openshift_is_atomic | bool + - not inventory_hostname in groups['oo_masters'] + +- name: Set etcd facts for all hosts + hosts: oo_etcd_to_config:oo_new_etcd_to_config + tasks: + - import_role: + name: etcd + tasks_from: set_facts.yml + - name: Configure etcd hosts: oo_new_etcd_to_config serial: 1 any_errors_fatal: true - pre_tasks: + tasks: - import_role: name: etcd tasks_from: add_new_member.yml + vars: + etcd_peer: "{{ hostvars[etcd_ca_host].etcd_ip }}" + - import_role: name: etcd tasks_from: server_certificates.yml vars: etcd_peers: "{{ groups.oo_new_etcd_to_config | default([], true) }}" etcd_certificates_etcd_hosts: "{{ groups.oo_new_etcd_to_config | default([], true) }}" - tasks: + - import_role: name: os_firewall when: etcd_add_check.rc == 0 + # Setup etcd as a static pod if collocated with a master - import_role: name: etcd - when: etcd_add_check.rc == 0 + tasks_from: static.yml + when: + - etcd_add_check.rc == 0 + - inventory_hostname in groups['oo_masters'] vars: etcd_peers: "{{ groups.oo_etcd_to_config | union(groups.oo_new_etcd_to_config)| default([], true) }}" etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}" @@ -28,24 +54,27 @@ etcd_initial_cluster: "{{ etcd_add_check.stdout_lines[3] | regex_replace('ETCD_INITIAL_CLUSTER=','') | regex_replace('\"','') }}" etcd_ca_setup: False - # etcd_hostname fact is set in add_new_member.yml called above. - - name: Verify cluster is stable - command: > - {{ r_etcd_common_etcdctl_command }} - --cert-file {{ etcd_peer_cert_file }} - --key-file {{ etcd_peer_key_file }} - --ca-file {{ etcd_peer_ca_file }} - -C {{ etcd_peer_url_scheme }}://{{ hostvars[etcd_ca_host].etcd_hostname }}:{{ etcd_client_port }} - cluster-health - register: scaleup_health - retries: 3 - delay: 30 - until: scaleup_health.rc == 0 + - import_role: + name: etcd + tasks_from: rpm.yml + when: + - etcd_add_check.rc == 0 + - not inventory_hostname in groups['oo_masters'] + vars: + etcd_peers: "{{ groups.oo_etcd_to_config | union(groups.oo_new_etcd_to_config)| default([], true) }}" + etcd_certificates_etcd_hosts: "{{ groups.oo_etcd_to_config | default([], true) }}" + etcd_initial_cluster_state: "existing" + etcd_initial_cluster: "{{ etcd_add_check.stdout_lines[3] | regex_replace('ETCD_INITIAL_CLUSTER=','') | regex_replace('\"','') }}" + etcd_ca_setup: False + + - import_role: + name: etcd + tasks_from: verify_cluster_health.yml - name: Update master etcd client urls hosts: oo_masters_to_config serial: 1 - pre_tasks: + tasks: - set_fact: openshift_master_etcd_hosts: "{{ hostvars | lib_utils_oo_select_keys(groups['oo_etcd_to_config'] | union(groups['oo_new_etcd_to_config'] | default([]) )) @@ -62,7 +91,6 @@ vars: l_use_ssl: "{{ openshift_master_etcd_use_ssl | default(True) | bool}}" - post_tasks: - import_role: name: openshift_control_plane tasks_from: update_etcd_client_urls.yml diff --git a/playbooks/openshift-etcd/private/server_certificates.yml b/playbooks/openshift-etcd/private/server_certificates.yml index 24840d1740e..5e9d6bf1231 100644 --- a/playbooks/openshift-etcd/private/server_certificates.yml +++ b/playbooks/openshift-etcd/private/server_certificates.yml @@ -2,7 +2,7 @@ - name: Create etcd server certificates for etcd hosts hosts: oo_etcd_to_config any_errors_fatal: true - post_tasks: + tasks: - import_role: name: etcd tasks_from: server_certificates.yml diff --git a/playbooks/openshift-etcd/private/upgrade_rpm_members.yml b/playbooks/openshift-etcd/private/upgrade_rpm_members.yml index 95cfc141e5e..fd29cd896f6 100644 --- a/playbooks/openshift-etcd/private/upgrade_rpm_members.yml +++ b/playbooks/openshift-etcd/private/upgrade_rpm_members.yml @@ -10,7 +10,6 @@ tasks_from: upgrade_rpm.yml vars: r_etcd_upgrade_version: "{{ etcd_upgrade_version }}" - etcd_peer: "{{ openshift.common.hostname }}" when: - etcd_rpm_version.stdout | default('99') is version(etcd_upgrade_version, '<') - ansible_distribution == 'RedHat' diff --git a/playbooks/openshift-etcd/private/upgrade_static.yml b/playbooks/openshift-etcd/private/upgrade_static.yml index 88bfc46ac59..aeaec3cc998 100644 --- a/playbooks/openshift-etcd/private/upgrade_static.yml +++ b/playbooks/openshift-etcd/private/upgrade_static.yml @@ -6,6 +6,4 @@ - import_role: name: etcd tasks_from: upgrade_static.yml - vars: - etcd_peer: "{{ openshift.common.hostname }}" when: inventory_hostname in groups['oo_masters'] diff --git a/playbooks/openshift-etcd/remove-etcdv2-data.yml b/playbooks/openshift-etcd/remove-etcdv2-data.yml new file mode 100644 index 00000000000..bf57a631786 --- /dev/null +++ b/playbooks/openshift-etcd/remove-etcdv2-data.yml @@ -0,0 +1,8 @@ +--- +- import_playbook: ../init/main.yml + vars: + l_openshift_version_set_hosts: "all:!all" + l_init_fact_hosts: "oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config" + l_sanity_check_hosts: "{{ groups['oo_etcd_to_config'] | union(groups['oo_masters_to_config']) }}" + +- import_playbook: private/remove-etcdv2-data.yml diff --git a/playbooks/openshift-glusterfs/config.yml b/playbooks/openshift-glusterfs/config.yml index a5d840467f6..d2acb7381fc 100644 --- a/playbooks/openshift-glusterfs/config.yml +++ b/playbooks/openshift-glusterfs/config.yml @@ -1,10 +1,15 @@ --- - import_playbook: ../init/main.yml vars: - l_init_fact_hosts: "oo_masters_to_config:oo_nodes_to_config:oo_glusterfs_to_config" + # We need facts on all nodes since we need to check (on RPM installs) that + # glusterfs-fuse is available across the cluster. + l_init_fact_hosts: "oo_masters_to_config:oo_nodes_to_config" + # We only want sanity and base packages on OpenShift nodes that will be + # GlusterFS nodes, as they may be new nodes to the OpenShift cluster. + l_glusterfs_nodes: "{{ groups['oo_nodes_to_config'] | intersect(groups['oo_glusterfs_to_config']) }}" l_openshift_version_set_hosts: "oo_masters_to_config:!oo_first_master" - l_sanity_check_hosts: "{{ groups['oo_masters_to_config'] | union(groups['oo_glusterfs_to_config']) }}" + l_sanity_check_hosts: "{{ groups['oo_masters_to_config'] | union(l_glusterfs_nodes) }}" l_install_base_packages: True - l_base_packages_hosts: "oo_nodes_to_configi:&oo_glusterfs_to_config" + l_base_packages_hosts: "oo_nodes_to_config:&oo_glusterfs_to_config" - import_playbook: private/config.yml diff --git a/playbooks/openshift-glusterfs/private/add_hosts.yml b/playbooks/openshift-glusterfs/private/add_hosts.yml index b76df3daff1..c8b95fbcb3d 100644 --- a/playbooks/openshift-glusterfs/private/add_hosts.yml +++ b/playbooks/openshift-glusterfs/private/add_hosts.yml @@ -2,7 +2,7 @@ # This play runs when new gluster hosts are part of new_nodes group during # master or node scaleup. -# Need to gather facts on glusterfs hosts to ensure we collect openshift.node.nodename +# Need to gather facts on glusterfs hosts to ensure we collect l_kubelet_node_name # for topology file. - import_playbook: ../../init/basic_facts.yml vars: diff --git a/playbooks/openshift-glusterfs/private/registry.yml b/playbooks/openshift-glusterfs/private/registry.yml index 6ad2a12ea36..385ec68750c 100644 --- a/playbooks/openshift-glusterfs/private/registry.yml +++ b/playbooks/openshift-glusterfs/private/registry.yml @@ -7,10 +7,11 @@ - name: Create persistent volumes hosts: oo_first_master + vars: + openshift_hosted_registry_glusterfs_storage_create_pv: True + openshift_hosted_registry_glusterfs_storage_create_pvc: True roles: - role: openshift_persistent_volumes - when: - - openshift_hosted_registry_storage_kind | default(none) == 'glusterfs' or openshift_hosted_registry_storage_glusterfs_swap - import_playbook: ../../openshift-hosted/private/openshift_hosted_registry.yml diff --git a/playbooks/openshift-glusterfs/registry.yml b/playbooks/openshift-glusterfs/registry.yml index 06765f02743..d1cbc7c5a8f 100644 --- a/playbooks/openshift-glusterfs/registry.yml +++ b/playbooks/openshift-glusterfs/registry.yml @@ -1,10 +1,15 @@ --- - import_playbook: ../init/main.yml vars: - l_init_fact_hosts: "oo_masters_to_config:oo_glusterfs_to_config" + # We need facts on all nodes since we need to check (on RPM installs) that + # glusterfs-fuse is available across the cluster. + l_init_fact_hosts: "oo_masters_to_config:oo_nodes_to_config" + # We only want sanity and base packages on OpenShift nodes that will be + # GlusterFS nodes, as they may be new nodes to the OpenShift cluster. + l_glusterfs_nodes: "{{ groups['oo_nodes_to_config'] | intersect(groups['oo_glusterfs_to_config']) }}" l_openshift_version_set_hosts: "oo_masters_to_config:!oo_first_master" - l_sanity_check_hosts: "{{ groups['oo_masters_to_config'] | union(groups['oo_glusterfs_to_config']) }}" + l_sanity_check_hosts: "{{ groups['oo_masters_to_config'] | union(l_glusterfs_nodes) }}" l_install_base_packages: True - l_base_packages_hosts: "oo_glusterfs_to_config" + l_base_packages_hosts: "oo_nodes_to_config:&oo_glusterfs_to_config" - import_playbook: private/registry.yml diff --git a/playbooks/openshift-grafana/config.yml b/playbooks/openshift-grafana/config.yml deleted file mode 100644 index c9d964e9d26..00000000000 --- a/playbooks/openshift-grafana/config.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- import_playbook: ../init/main.yml - vars: - l_init_fact_hosts: "oo_masters_to_config" - l_openshift_version_set_hosts: "oo_masters_to_config:!oo_first_master" - l_sanity_check_hosts: "{{ groups['oo_masters_to_config'] }}" - -- import_playbook: private/config.yml diff --git a/playbooks/openshift-grafana/private/config.yml b/playbooks/openshift-grafana/private/config.yml deleted file mode 100644 index e1571fc229a..00000000000 --- a/playbooks/openshift-grafana/private/config.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: Grafana Install Checkpoint Start - hosts: all - gather_facts: false - tasks: - - name: Set Grafana install 'In Progress' - run_once: true - set_stats: - data: - installer_phase_grafana: - title: "Grafana Install" - playbook: "playbooks/openshift-grafana/config.yml" - status: "In Progress" - start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}" - -- name: OpenShift Grafana - hosts: oo_first_master - roles: - - role: openshift_grafana - -- name: Grafana Install Checkpoint End - hosts: all - gather_facts: false - tasks: - - name: Set Grafana install 'Complete' - run_once: true - set_stats: - data: - installer_phase_grafana: - status: "Complete" - end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}" diff --git a/playbooks/openshift-grafana/private/filter_plugins b/playbooks/openshift-grafana/private/filter_plugins deleted file mode 120000 index 99a95e4ca30..00000000000 --- a/playbooks/openshift-grafana/private/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins \ No newline at end of file diff --git a/playbooks/openshift-grafana/private/lookup_plugins b/playbooks/openshift-grafana/private/lookup_plugins deleted file mode 120000 index ac79701db88..00000000000 --- a/playbooks/openshift-grafana/private/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../lookup_plugins \ No newline at end of file diff --git a/playbooks/openshift-grafana/private/roles b/playbooks/openshift-grafana/private/roles deleted file mode 120000 index e2b799b9d70..00000000000 --- a/playbooks/openshift-grafana/private/roles +++ /dev/null @@ -1 +0,0 @@ -../../../roles/ \ No newline at end of file diff --git a/playbooks/openshift-grafana/private/uninstall.yml b/playbooks/openshift-grafana/private/uninstall.yml deleted file mode 100644 index 0e31dcae520..00000000000 --- a/playbooks/openshift-grafana/private/uninstall.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -- name: Uninstall Grafana - hosts: masters[0] - vars: - openshift_grafana_state: absent - tasks: - - name: Run the Grafana Uninstall Role Tasks - include_role: - name: openshift_grafana - tasks_from: uninstall_grafana.yaml diff --git a/playbooks/openshift-grafana/uninstall.yml b/playbooks/openshift-grafana/uninstall.yml deleted file mode 100644 index c92ade78658..00000000000 --- a/playbooks/openshift-grafana/uninstall.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -- import_playbook: private/uninstall.yml diff --git a/playbooks/openshift-hosted/private/openshift_hosted_registry_storage.yml b/playbooks/openshift-hosted/private/openshift_hosted_registry_storage.yml index cfc47c9b257..dfed64c4257 100644 --- a/playbooks/openshift-hosted/private/openshift_hosted_registry_storage.yml +++ b/playbooks/openshift-hosted/private/openshift_hosted_registry_storage.yml @@ -1,8 +1,5 @@ --- -# This playbook waits for registry and router pods after both have been -# created. It is intended to allow the tasks of deploying both to complete -# before polling to save time. -- name: Poll for hosted pod deployments +- name: Create Hosted Resources - registry storage hosts: oo_first_master tasks: - import_role: @@ -10,4 +7,3 @@ tasks_from: registry_storage.yml when: - openshift_hosted_manage_registry | default(True) | bool - - openshift_hosted_registry_registryurl is defined diff --git a/playbooks/openshift-logging/private/config.yml b/playbooks/openshift-logging/private/config.yml index 7dca5cbf47b..8ba073f0354 100644 --- a/playbooks/openshift-logging/private/config.yml +++ b/playbooks/openshift-logging/private/config.yml @@ -76,6 +76,13 @@ - set_fact: openshift_logging_elasticsearch_hosts: "{{ ( openshift_logging_es_hosts.stdout.split(' ') | default([]) + (openshift_logging_es_ops_hosts.stdout.split(' ') if openshift_logging_es_ops_hosts.stdout is defined else []) ) | unique }}" + #- name: Debug groups + # debug: + # var: groups + #- name: Debug hostvars + # debug: + # var: hostvars + # Check to see if the collected ip from the openshift facts above matches our node back to a # group entry in our inventory so we can maintain our group variables when updating the sysctl # files for specific nodes based on .status.addresses[@.type==InternalIP].address @@ -85,12 +92,12 @@ groups: oo_elasticsearch_nodes ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" ansible_become: "{{ g_sudo | default(omit) }}" - with_items: "{{ groups['oo_nodes_to_config'] }}" + with_items: "{{ groups.get('oo_nodes_to_config', groups['all']) }}" changed_when: no run_once: true delegate_to: localhost connection: local - when: hostvars[item]['openshift']['common']['ip'] in openshift_logging_elasticsearch_hosts + when: hostvars[item].get('openshift',{}).get('common',{}).get('ip', None) in openshift_logging_elasticsearch_hosts - name: Update vm.max_map_count for ES 5.x hosts: oo_elasticsearch_nodes diff --git a/playbooks/openshift-master/private/additional_config.yml b/playbooks/openshift-master/private/additional_config.yml index dde2f7f3c76..88b6c976414 100644 --- a/playbooks/openshift-master/private/additional_config.yml +++ b/playbooks/openshift-master/private/additional_config.yml @@ -37,7 +37,6 @@ when: openshift_use_manageiq | default(true) | bool - role: cockpit when: - - not openshift_is_atomic | bool - openshift_deployment_type == 'openshift-enterprise' - osm_use_cockpit is undefined or osm_use_cockpit | bool - (openshift_deployment_subtype | default('')) != 'registry' diff --git a/playbooks/openshift-master/private/config.yml b/playbooks/openshift-master/private/config.yml index 05eab628876..97a57554300 100644 --- a/playbooks/openshift-master/private/config.yml +++ b/playbooks/openshift-master/private/config.yml @@ -79,7 +79,7 @@ when: openshift_use_nuage | default(false) | bool - role: nuage_master when: openshift_use_nuage | default(false) | bool - - role: calico_master + - role: calico when: openshift_use_calico | default(false) | bool tasks: - import_role: diff --git a/playbooks/openshift-master/private/create_service_signer_cert.yml b/playbooks/openshift-master/private/create_service_signer_cert.yml index 6d82fa92849..4ad76467979 100644 --- a/playbooks/openshift-master/private/create_service_signer_cert.yml +++ b/playbooks/openshift-master/private/create_service_signer_cert.yml @@ -11,7 +11,7 @@ when: not (hostvars[groups.oo_first_master.0].service_signer_cert_stat.stat.exists | bool) - name: Chmod local temp directory - local_action: command chmod 777 "{{ local_cert_sync_tmpdir.stdout }}" + local_action: file path="{{ local_cert_sync_tmpdir.stdout }}" mode=0777 changed_when: false when: not (hostvars[groups.oo_first_master.0].service_signer_cert_stat.stat.exists | bool) diff --git a/playbooks/openshift-master/private/redeploy-openshift-ca.yml b/playbooks/openshift-master/private/redeploy-openshift-ca.yml index 2aa88ace064..3cc0d07c18a 100644 --- a/playbooks/openshift-master/private/redeploy-openshift-ca.yml +++ b/playbooks/openshift-master/private/redeploy-openshift-ca.yml @@ -132,7 +132,7 @@ changed_when: false - name: Chmod local temp directory for syncing certs - local_action: command chmod 777 "{{ g_master_mktemp.stdout }}" + local_action: file path="{{ g_master_mktemp.stdout }}" mode=0777 changed_when: false - name: Retrieve OpenShift CA @@ -234,7 +234,7 @@ tasks: - copy: src: "{{ hostvars['localhost'].g_master_mktemp.stdout }}/ca-bundle.crt" - dest: "{{ openshift.common.config_base }}/node/ca.crt" + dest: "{{ openshift.common.config_base }}/node/client-ca.crt" - name: Copy OpenShift CA to system CA trust copy: src: "{{ item.cert }}" @@ -242,13 +242,13 @@ remote_src: yes with_items: - id: openshift - cert: "{{ openshift.common.config_base }}/node/ca.crt" + cert: "{{ openshift.common.config_base }}/node/client-ca.crt" notify: - update ca trust - name: Update node client kubeconfig CA data kubeclient_ca: - client_path: "{{ openshift.common.config_base }}/node/system:node:{{ openshift.common.hostname }}.kubeconfig" - ca_path: "{{ openshift.common.config_base }}/node/ca.crt" + client_path: "{{ openshift.common.config_base }}/node/node.kubeconfig" + ca_path: "{{ openshift.common.config_base }}/node/client-ca.crt" handlers: # Normally this handler would restart docker after updating ca # trust. We'll do that when we restart nodes to avoid restarting @@ -284,7 +284,7 @@ - ('expired' not in hostvars | lib_utils_oo_select_keys(groups['oo_nodes_to_config']) | lib_utils_oo_collect('check_results.check_results.ocp_certs') - | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_nodes_to_config.0].openshift.common.config_base ~ "/node/ca.crt"})) + | lib_utils_oo_collect('health', {'path':hostvars[groups.oo_nodes_to_config.0].openshift.common.config_base ~ "/node/client-ca.crt"})) # masters - ('expired' not in hostvars | lib_utils_oo_select_keys(groups['oo_masters_to_config']) diff --git a/playbooks/openshift-master/private/upgrade.yml b/playbooks/openshift-master/private/upgrade.yml index 9eeb58085d6..ab930eefd57 100644 --- a/playbooks/openshift-master/private/upgrade.yml +++ b/playbooks/openshift-master/private/upgrade.yml @@ -16,20 +16,9 @@ get_mime: false register: service_signer_cert_stat changed_when: false - - name: verify api server - command: > - curl --silent --tlsv1.2 - --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt - {{ openshift.master.api_url }}/healthz/ready - args: - # Disables the following warning: - # Consider using get_url or uri module rather than running curl - warn: no - register: api_available_output - until: api_available_output.stdout == 'ok' - retries: 120 - delay: 1 - changed_when: false + - import_role: + name: openshift_control_plane + tasks_from: verify_api_server.yml - import_playbook: create_service_signer_cert.yml diff --git a/playbooks/openshift-node/imageconfig.yml b/playbooks/openshift-node/imageconfig.yml new file mode 100644 index 00000000000..9c9f03e186a --- /dev/null +++ b/playbooks/openshift-node/imageconfig.yml @@ -0,0 +1,9 @@ +--- +- import_playbook: ../init/main.yml + vars: + l_init_fact_hosts: "oo_masters_to_config" + l_openshift_version_determine_hosts: "all:!all" + l_openshift_version_set_hosts: "all:!all" + skip_sanity_checks: True + +- import_playbook: private/imageconfig.yml diff --git a/playbooks/openshift-node/private/clean_image.yml b/playbooks/openshift-node/private/clean_image.yml index 9402f4e8772..df18a0cdeb8 100644 --- a/playbooks/openshift-node/private/clean_image.yml +++ b/playbooks/openshift-node/private/clean_image.yml @@ -17,6 +17,11 @@ - name: Configure nodes hosts: oo_nodes_to_config tasks: + - name: Set gquota for slash filesystem + import_role: + name: openshift_aws + tasks_from: set_gquota_for_slashfs.yml + when: openshift_aws_ami_build_set_gquota_on_slashfs | default(false) - name: Remove any ansible facts created during AMI creation file: path: "/etc/ansible/facts.d/{{ item }}" @@ -27,24 +32,3 @@ file: state: absent path: "/var/lib/cloud/" - - when: openshift_aws_ami_set_gquota_on_slash | default(false) - block: - - name: fetch uuid of root vol - command: blkid /dev/xvda2 -s UUID -o value - register: rootvoluuid - - name: ensure gquota option for root vol in /etc/fstab - lineinfile: - line: "UUID={{ rootvoluuid.stdout }} / xfs defaults,gquota 0 0" - path: /etc/fstab - regexp: "^UUID={{ rootvoluuid.stdout }}" - state: present - - name: set rootvol flags in grub conf - lineinfile: - line: 'GRUB_CMDLINE_LINUX="console=ttyS0,115200n8 console=tty0 net.ifnames=0 crashkernel=auto rootflags=gquota"' - path: /etc/default/grub - regexp: 'GRUB_CMDLINE_LINUX="console=ttyS0,115200n8 console=tty0 net.ifnames=0 crashkernel=auto"' - state: present - register: etcdefaultgrub - - name: recreate grub2 config - command: grub2-mkconfig -o /boot/grub2/grub.cfg - when: etcdefaultgrub.changed diff --git a/playbooks/openshift-node/private/imageconfig.yml b/playbooks/openshift-node/private/imageconfig.yml new file mode 100644 index 00000000000..525d5d4b0b1 --- /dev/null +++ b/playbooks/openshift-node/private/imageconfig.yml @@ -0,0 +1,11 @@ +--- +- import_playbook: registry_auth.yml + vars: + l_reg_auth_restart_hosts: "all:!all" + +- name: Update node imageConfig.format + hosts: oo_first_master + tasks: + - import_role: + name: openshift_node_group + tasks_from: migrate_imageconfig.yml diff --git a/playbooks/openshift-node/private/join.yml b/playbooks/openshift-node/private/join.yml index 9e7dcc27a04..0638be4d4f3 100644 --- a/playbooks/openshift-node/private/join.yml +++ b/playbooks/openshift-node/private/join.yml @@ -31,7 +31,7 @@ - name: Find all hostnames for bootstrapping set_fact: - l_nodes_to_join: "{{ groups['oo_nodes_to_config'] | default([]) | map('extract', hostvars) | map(attribute='openshift.node.nodename') | list }}" + l_nodes_to_join: "{{ groups['oo_nodes_to_config'] | default([]) | map('extract', hostvars) | map(attribute='l_kubelet_node_name') | list }}" - name: Dump the bootstrap hostnames debug: @@ -57,6 +57,19 @@ openshift_master_host: "{{ groups.oo_first_master.0 }}" openshift_manage_node_is_master: "{{ ('oo_masters_to_config' in group_names) | bool }}" +- name: Create additional node network plugin groups + hosts: "{{ openshift_node_scale_up_group | default('oo_nodes_to_config') }}" + tasks: + - group_by: + key: oo_nodes_use_{{ (openshift_use_calico | default(False)) | ternary('calico','nothing') }} + changed_when: False + +- name: Additional calico node config + hosts: oo_nodes_use_calico + roles: + - role: calico_node + when: openshift_use_calico | default(false) | bool + - name: Node Join Checkpoint End hosts: all gather_facts: false diff --git a/playbooks/openshift-node/private/registry_auth.yml b/playbooks/openshift-node/private/registry_auth.yml index aa61fab25ea..67867fde4b6 100644 --- a/playbooks/openshift-node/private/registry_auth.yml +++ b/playbooks/openshift-node/private/registry_auth.yml @@ -7,16 +7,12 @@ - import_role: name: openshift_node tasks_from: registry_auth.yml - # If there were previously no authenticated registries, the credential file - # won't be mounted in the system container; Need to rerun this step to ensure - # additional mounts are provided. - - import_role: - name: openshift_node - tasks_from: node_system_container_install.yml - when: openshift_is_atomic +# l_reg_auth_restart_hosts is passed in via imageconfig.yml to prevent +# the nodes from restarting because the sync pod will be restarting them +# anyway. - name: Restart nodes - hosts: oo_nodes_to_config + hosts: "{{ l_reg_auth_restart_hosts | default('oo_nodes_to_config') }}" serial: "{{ openshift_restart_nodes_serial | default(1) }}" roles: - lib_openshift @@ -32,7 +28,7 @@ oc_obj: state: list kind: node - name: "{{ openshift.node.nodename | lower }}" + name: "{{ l_kubelet_node_name | lower }}" register: node_output delegate_to: "{{ groups.oo_first_master.0 }}" when: inventory_hostname in groups.oo_nodes_to_config diff --git a/playbooks/openshift-node/private/restart.yml b/playbooks/openshift-node/private/restart.yml index 411bfb66a4b..1a5c4c1d1c1 100644 --- a/playbooks/openshift-node/private/restart.yml +++ b/playbooks/openshift-node/private/restart.yml @@ -36,7 +36,7 @@ oc_obj: state: list kind: node - name: "{{ openshift.node.nodename | lower }}" + name: "{{ l_kubelet_node_name | lower }}" register: node_output delegate_to: "{{ groups.oo_first_master.0 }}" when: inventory_hostname in groups.oo_nodes_to_config diff --git a/playbooks/openshift-prometheus/OWNERS b/playbooks/openshift-prometheus/OWNERS deleted file mode 100644 index 4ee9ebe322b..00000000000 --- a/playbooks/openshift-prometheus/OWNERS +++ /dev/null @@ -1,16 +0,0 @@ -# approval == this is a good idea /approve -approvers: - - zgalor - - pgier - - michaelgugino - - mtnbikenc - - sdodson - - vrutkovs -# review == this code is good /lgtm -reviewers: - - zgalor - - pgier - - michaelgugino - - mtnbikenc - - sdodson - - vrutkovs diff --git a/playbooks/openshift-prometheus/config.yml b/playbooks/openshift-prometheus/config.yml deleted file mode 100644 index 4c0182d89ea..00000000000 --- a/playbooks/openshift-prometheus/config.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -- import_playbook: ../init/main.yml - vars: - l_init_fact_hosts: "oo_masters_to_config" - l_openshift_version_set_hosts: "oo_masters_to_config:!oo_first_master" - l_sanity_check_hosts: "{{ groups['oo_masters_to_config'] }}" - - -- import_playbook: private/config.yml diff --git a/playbooks/openshift-prometheus/private/config.yml b/playbooks/openshift-prometheus/private/config.yml deleted file mode 100644 index 3c05197c073..00000000000 --- a/playbooks/openshift-prometheus/private/config.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: Prometheus Install Checkpoint Start - hosts: all - gather_facts: false - tasks: - - name: Set Prometheus install 'In Progress' - run_once: true - set_stats: - data: - installer_phase_prometheus: - title: "Prometheus Install" - playbook: "playbooks/openshift-prometheus/config.yml" - status: "In Progress" - start: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}" - -- name: OpenShift Prometheus - hosts: oo_first_master - roles: - - role: openshift_prometheus - -- name: Prometheus Install Checkpoint End - hosts: all - gather_facts: false - tasks: - - name: Set Prometheus install 'Complete' - run_once: true - set_stats: - data: - installer_phase_prometheus: - status: "Complete" - end: "{{ lookup('pipe', 'date +%Y%m%d%H%M%SZ') }}" diff --git a/playbooks/openshift-prometheus/private/roles b/playbooks/openshift-prometheus/private/roles deleted file mode 120000 index 20c4c58cfad..00000000000 --- a/playbooks/openshift-prometheus/private/roles +++ /dev/null @@ -1 +0,0 @@ -../../../roles \ No newline at end of file diff --git a/playbooks/openshift-prometheus/private/uninstall.yml b/playbooks/openshift-prometheus/private/uninstall.yml deleted file mode 100644 index b2b83df9a7d..00000000000 --- a/playbooks/openshift-prometheus/private/uninstall.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Uninstall Prometheus - hosts: masters[0] - tasks: - - name: Run the Prometheus Uninstall Role Tasks - include_role: - name: openshift_prometheus - tasks_from: uninstall_prometheus.yaml diff --git a/playbooks/openshift-prometheus/uninstall.yml b/playbooks/openshift-prometheus/uninstall.yml deleted file mode 100644 index c92ade78658..00000000000 --- a/playbooks/openshift-prometheus/uninstall.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -- import_playbook: private/uninstall.yml diff --git a/playbooks/openstack/configuration.md b/playbooks/openstack/configuration.md index fc1d621fd39..8868647278f 100644 --- a/playbooks/openstack/configuration.md +++ b/playbooks/openstack/configuration.md @@ -16,7 +16,10 @@ Environment variables may also be used. * [OpenStack With SSL Configuration](#openstack-with-ssl-configuration) * [Stack Name Configuration](#stack-name-configuration) * [DNS Configuration](#dns-configuration) +* [Floating IP Address Configuration](#floating-ip-address-configuration) * [All-in-one Deployment Configuration](#all-in-one-deployment-configuration) +* [Separate etcd Deployment Configuration](#separate-etcd-deployment-configuration) +* [Multi-env Deployment Configuration](#multi-env-deployment-configuration) * [Building Node Images](#building-node-images) * [Kuryr Networking Configuration](#kuryr-networking-configuration) * [Provider Network Configuration](#provider-network-configuration) @@ -28,6 +31,7 @@ Environment variables may also be used. * [Scaling The OpenShift Cluster](#scaling-the-openshift-cluster) * [Deploying At Scale](#deploying-at-scale) * [Using A Static Inventory](#using-a-static-inventory) +* [Using CRI-O](#using-cri-o) ## OpenStack Configuration @@ -37,8 +41,14 @@ In `inventory/group_vars/all.yml`: * `openshift_openstack_keypair_name` OpenStack keypair to use. * Role Node Counts * `openshift_openstack_num_masters` Number of master nodes to create. + * `openshift_openstack_num_etcd` Number of etcd nodes to create (0 if co-hosted on master hosts). * `openshift_openstack_num_infra` Number of infra nodes to create. * `openshift_openstack_num_nodes` Number of app nodes to create. +* Role Node Floating IP Allocation + * `openshift_openstack_master_floating_ip` Assign floating IP to master nodes. Defaults to `True`. + * `openshift_openstack_etcd_floating_ip` Assign floating IP to etcd nodes (if any). Defaults to `True`. + * `openshift_openstack_infra_floating_ip` Assign floating IP to infra nodes. Defaults to `True`. + * `openshift_openstack_compute_floating_ip` Assign floating IP to app nodes. Defaults to `True`. * Role Images * `openshift_openstack_default_image_name` OpenStack image used by all VMs, unless a particular role image name is specified. * `openshift_openstack_master_image_name` @@ -131,7 +141,11 @@ configuration file locally and specify it in `inventory/group_vars/OSEv3.yml`: ## OpenStack With SSL Configuration In order to configure your OpenShift cluster to work properly with OpenStack with -SSL-endpoints, add the following to `inventory/group_vars/OSEv3.yml`: +SSL-endpoints, set the following in `inventory/group_vars/all.yml`: + +* `openshift_use_openstack_ssl`: True + +Then add the following to `inventory/group_vars/OSEv3.yml`: ``` openshift_certificates_redeploy: true @@ -264,6 +278,7 @@ do not have it either. Nor should they use any other internal DNS server. Put this in your `inventory/group_vars/all.yml`: ```yaml +openshift_openstack_use_neutron_internal_dns: True openshift_openstack_fqdn_nodes: false openshift_openstack_dns_nameservers: [] ``` @@ -299,6 +314,8 @@ are created, but before we install anything on them). Add this to your `inventory/group_vars/all.yml`: ``` + openshift_openstack_use_nsupdate: True + openshift_openstack_external_nsupdate_keys: private: key_secret: @@ -410,16 +427,98 @@ These must point to the publicly-accessible IP addresses of your master and infra nodes or preferably to the load balancers. +## Floating IP Address Configuration + +Every OpenShift node as well as the API and Router load balancer will receive a +floating IP address by default. This is to make the deployment and debugging +experience easier. + +You may want to change that behaviour, for example to prevent any possibility +of external access to the nodes (defense in depth) or if your floating IP pool +is not large enough. + +### Overview + +It possible to configure the playbooks to not asssign floating IP addresses. +However, the Ansible playbooks will then not be able to SSH and install +OpenShift. + +The nodes will only be accessible from the subnet they are assigned to. + +To solve this, we need to create the network the nodes will be placed in +beforehnd, then boot up a bastion host in the same network and run the +playbooks from there. + +### Node Network + +We will have to create a Neutron Network, Subnet and a Router for external +connectivity. Take note of any DNS servers you would normally put under +`openshift_openstack_dns_nameservers` -- they must be added to the subnet. + +In this example, we will call the network and its subnet `openshift` and configure +a DNS server with IP address `10.20.30.40`. The external network will be called `public`. + +``` +$ openstack network create openshift +$ openstack subnet create --subnet-range 192.168.0.0/24 --dns-nameserver 10.20.30.40 --network openshift openshift +$ openstack router create openshift-router +$ openstack router set --external-gateway public openshift-router +$ openstack router add subnet openshift-router openshift +``` + +### Bastion host + +To provide SSH connectivity (that Ansible requires) to the OpenShift nodes +without using floating IP addresses, the playbooks must be running on a server +inside the same subnet. + +This will create such server and place it into the subnet created above. + +We will use an image called `CentOS-7-x86_64-GenericCloud`, and assume that the +created floating IP address will be `172.24.4.10`. + +``` +$ openstack server create --wait --image CentOS-7-x86_64-GenericCloud --flavor m1.medium --key-name openshift --network openshift bastion +$ openstack floating ip create public +$ openstack server add floating ip bastion 172.24.4.10 +$ ping 172.24.4.10 +$ ssh centos@172.24.4.10 +``` + +### openshift-ansible Configuration + +In addition to the rest of openshift-ansible configuration, we will need to +specify the node subnet, the routerand that we do not want any floating IP +addresses. + +You must do this from inside the "bastion" host created in the previous step. + +Put the following to `inventory/group_vars/all.yml`: + +```yaml +openshift_openstack_use_no_floating_ip: True +openshift_openstack_router_name: openshift-router +openshift_openstack_node_subnet_name: openshift +openshift_openstack_master_floating_ip: false +openshift_openstack_infra_floating_ip: false +openshift_openstack_compute_floating_ip: false +openshift_openstack_load_balancer_floating_ip: false +``` + +And then run the `playbooks/openstack/openshift-cluster/*.yml` as usual. + + ## All-in-one Deployment Configuration If you want to deploy OpenShift on a single node (e.g. for quick evaluation), you can do so with a few configuration changes. -First, set the node counts and labels like so in -`inventory/group_vars/all.yml`: +First, set the following in `inventory/group_vars/all.yml`: ``` +openshift_use_all_in_one_cluster_deployment: True openshift_openstack_num_masters: 1 +openshift_openstack_num_etcd: 0 openshift_openstack_num_infra: 0 openshift_openstack_num_nodes: 0 @@ -447,6 +546,64 @@ this new group to it. Note that the "all in one" node must be the "master". openshift-ansible expects at least one node in the `masters` Ansible group. +Also keep in mind that if you don't use [LBaaS](#load-balancer-as-a-service) +with an all-in-one setup the DNS wildcard record for the apps domain will not be +added, because there are no dedicated infra nodes, so you will have to add it +manually. See +[Custom DNS Records Configuration](#custom-dns-records-configuration). + + +## Separate etcd Deployment Configuration + +If you want to deploy OpenShift Container Platform with the etcd running on separate hosts +appart from the master hosts, the following changes need to be made to the inventory: + +Single master and single etcd host: +``` + : +openshift_openstack_num_masters: 1 +openshift_openstack_num_etcd: 1 + : +``` + +Multiple master and multiple etcd hosts: +``` + : +openshift_openstack_num_masters: 3 +openshift_openstack_num_etcd: 3 + : +``` + + +## Multi-env Deployment Configuration + +If you want to deploy multiple OpenShift environments in the same OpenStack +project, you can do so with a few configuration changes. + +First, set the `openshift_openstack_clusterid` option in the +`inventory/group_vars/all.yml` file with specific unique name for cluster. + +``` +vi inventory/group_vars/all.yml + +openshift_openstack_clusterid: foobar +openshift_openstack_public_dns_domain: example.com +``` + +Second, set `OPENSHIFT_CLUSTER` environment variables. The `OPENSHIFT_CLUSTER` +environment variable has to consist of `openshift_openstack_clusterid` and +`openshift_openstack_public_dns_domain`, that's required because cluster_id +variable stored in the instance metadata is concatanated in the same way. +If value will be different then instances won't be accessible in ansible inventory. + +``` +export OPENSHIFT_CLUSTER='foobar.example.com' +``` + +Then run the deployment playbooks as usual. When you finish deployment of first +environment, please update above options that correspond to a new environment +and run the deployment playbooks. + ## Building Node Images @@ -606,6 +763,7 @@ openshift_node_groups: - name: node-config-master labels: - 'node-role.kubernetes.io/master=true' + - 'pod_vif=nested-vlan' edits: [] - name: node-config-infra labels: @@ -679,6 +837,12 @@ If your cloud uses the deprecated Neutron LBaaSv2 provider set: openshift_openstack_lbaasv2_provider: "Neutron::LBaaS" +The Octavia listeners connection timeout associated to the API can be modified +by setting the next variable in miliseconds (default value 500000): + + openshift_openstack_api_lb_listeners_timeout: 500000 + + ### VM-based Load Balancer If you can't use OpenStack's LBaaS, we can create and configure a virtual @@ -721,7 +885,7 @@ same arguments (private key, inventories, etc.) as your provision/install ones: playbooks/openstack/inventory.py openshift-ansible/playbooks/openstack/openshift-cluster/cluster-info.yml These addresses will depend on the load balancing solution. For LBaaS, they'll -be the the floating IPs of the load balancers. In the VM-based solution, +be the floating IPs of the load balancers. In the VM-based solution, the API address will be the public IP of the load balancer VM and the router IP will be the address of the first infra node that was created. If no load balancer is selected, the API will be the address of the first master node and @@ -745,12 +909,17 @@ resolve each other by name. In `inventory/group_vars/all.yml`: +* `openshift_openstack_use_provider_network` True * `openshift_openstack_provider_network_name` Provider network name. Setting this will cause the `openshift_openstack_external_network_name` and `openshift_openstack_private_network_name` parameters to be ignored. ## Cinder-Backed Persistent Volumes Configuration -In addition to [setting up an OpenStack cloud provider](#openstack-cloud-provider-configuration), +Set the following in `inventory/group_vars/all.yml`: + +* `openshift_use_cinder_persistent_volume`: True + +Then, in addition to [setting up an OpenStack cloud provider](#openstack-cloud-provider-configuration), you must set the following in `inventory/group_vars/OSEv3.yml`: * `openshift_cloudprovider_openstack_blockstorage_version`: v2 @@ -792,7 +961,11 @@ openstack volume create --size Alternatively, the playbooks can create the volume created automatically if you specify its name and size. -In either case, you have to [set up an OpenStack cloud provider](#openstack-cloud-provider-configuration), +Then, set the following in `inventory/group_vars/all.yml`: + +* `openshift_use_cinder_registry`: True + +And [set up an OpenStack cloud provider](#openstack-cloud-provider-configuration), and then set the following in `inventory/group_vars/OSEv3.yml`: * `openshift_hosted_registry_storage_kind`: openstack @@ -819,7 +992,11 @@ infra nodes when the registry pod gets started. ## Swift or Ceph Rados GW Backed Registry Configuration You can use OpenStack Swift or Ceph Rados GW to store your OpenShift registry. -In order to do so, set the following in `inventory/group_vars/OSEv3.yml`: +In order to do so, set the following in `inventory/group_vars/all.yml`: + +* `openshift_use_swift_registry`: true + +And the following in `inventory/group_vars/OSEv3.yml`: * `openshift_hosted_registry_storage_kind`: object * `openshift_hosted_registry_storage_provider`: swift @@ -832,6 +1009,7 @@ In order to do so, set the following in `inventory/group_vars/OSEv3.yml`: * `openshift_hosted_registry_storage_swift_tenantid`: "{{ lookup('env','OS_PROJECT_ID') }}" _# can also specify tenant_ * `openshift_hosted_registry_storage_swift_domain`: "{{ lookup('env','OS_USER_DOMAIN_NAME') }}" _# optional; can also specifiy domainid_ * `openshift_hosted_registry_storage_swift_domainid`: "{{ lookup('env','OS_USER_DOMAIN_ID') }}" _# optional; can also specifiy domain_ +* `openshift_hosted_registry_storage_swift_insecureskipverify`: "false" # optional; true to skip TLS verification Note that the exact environment variable names may vary depending on the contents of your OpenStack RC file. If you use Keystone v2, you may not need to set all of these @@ -932,3 +1110,234 @@ $ ansible-playbook --user openshift \ -i inventory \ openshift-ansible/playbooks/openstack/openshift-cluster/install.yml ``` + + +## Opening Optional Ports +There are certian optional and legacy features that require ports to be opened. The code provided in the following sections can be used to enable these features. + +### Metrics +If you want to enable metrics in your openshift cluster, then port 10255 must be open on all nodes in the cluster. The following code should be added to openshift_openstack_node_secgroup_rules in main.yml. + +``` + - direction: ingress + protocol: tcp + port_range_min: 10255 + port_range_max: 10255 + - direction: ingress + protocol: udp + port_range_min: 10255 + port_range_max: 10255 +``` + +### Prometheus +The following code to open ports for prometheus should also be added to the openshift_openstack_node_secgroup_rules section of main.yml. + +``` + - direction: ingress + protocol: tcp + port_range_min: 9100 + port_range_max: 9100 +``` + +### Elastic Search +Add this to the openshift_openstack_node_secgroup_rules section of main.yml to enable elastic search. + +``` + - direction: ingress + protocol: tcp + port_range_min: 9200 + port_range_max: 9200 + - direction: ingress + protocol: tcp + port_range_min: 9300 + port_range_max: 9300 +``` + +### Using Pacemaker HA +If you choose to use Pacemaker to manage the HA system on the master nodes, the following changes should be made to the openshift_openstack_master_secgroup_rules section. + +``` + - direction: ingress + protocol: tcp + port_range_min: 2224 + port_range_max: 2224 + - direction: ingress + protocol: udp + port_range_min: 5404 + port_range_max: 5405 +``` + +The following Documentation may prove helpful as well: +- https://docs.openshift.com/enterprise/3.1/architecture/infrastructure_components/kubernetes_infrastructure.html#high-availability-masters +- https://docs.openshift.com/enterprise/3.1/install_config/upgrading/pacemaker_to_native_ha.html + +### Template Router +If you are running a template router to expose your statistics, there are a few changes you need to make. First, add this to main.yml under the openshift_openstack_infra_secgroup_rules section. + +``` + # Required when running template router to access statistics + - direction: ingress + protocol: tcp + port_range_min: 1936 + port_range_max: 1936 +``` + +## Using CRI-O +There are some different scenarios to customize the container runtime in the +instances: + +* All hosts use docker (no changes required) +* All hosts using cri-o. + +Modify the OSEv3.yml file and add the following variables: + +``` +openshift_use_crio_only: true +openshift_use_crio: true +# cockpit-docker is installed if using cockpit docker as dependency +# setting osm_use_cockpit=false to avoid that +osm_use_cockpit=false +``` + +Modify the all.yml file and add the following variables: + +``` +openshift_openstack_master_group_name: node-config-master-crio +openshift_openstack_infra_group_name: node-config-infra-crio +openshift_openstack_compute_group_name: node-config-compute-crio +``` + +NOTE: Currently, OpenShift builds require docker. + +* Masters/app/infra_nodes use cri-o: + +Add the proper variables to the `~/inventory/group_vars/` files in the ansible host such as: + +* `~/inventory/group_vars/[masters|openstack_infra_nodes|openstack_compute_nodes].yml`: + +``` +openshift_use_crio_only: true/false +openshift_use_crio: true/false +openshift_openstack_[master|infra|compute]_group_name: node-config-[master|infra|compute]-crio +osm_use_cockpit: false +``` + +* Some app nodes using cri-o, some others docker, some others cri-o and docker. This scenario requires the following steps: + +* Create the `~/inventory/host_vars/.yml` depending on the hostname +of the instance you want to customize: + + * For cri-o only: + +``` +openshift_use_crio_only: true +openshift_use_crio: true +openshift_node_group_name: node-config-[master|infra|compute]-crio +osm_use_cockpit: false +``` + + * For docker only (optionally, by default it will install docker): + +``` +openshift_use_crio: false +``` + + * For both cri-o and docker (and want to use cri-o as container runtime) + +``` +openshift_use_crio_only: false +openshift_use_crio: true +openshift_node_group_name: node-config-[master|infra|compute]-crio +osm_use_cockpit: false +``` + +Also, it is required to configure the openshift_builddefaults_nodeselectors variable to the proper node selector for the builds to be executed in hosts +where docker is running as container runtime. + +Run the playbooks to provision and install the environment. + +Example: + +All hosts using docker as container runtime except: +* app-node-0 using cri-o +* app-node-1 using docker (explicitely) +* app-node-2 using cri-o and docker + +In this particular case, those are variable files: + +* `~/inventory/group_vars/OSEv3.yml` + +``` +# Avoid installing cockpit in all nodes +osm_use_cockpit: false +``` + +* `~/inventory/host_vars/app-node-0.${DOMAIN}.yml` + +``` +# CRI-O only +openshift_use_crio_only: true +openshift_use_crio: true +openshift_node_group_name: node-config-compute-crio +``` + +* `~/inventory/host_vars/app-node-1.${DOMAIN}.yml` + +``` +# Explicit docker +openshift_use_crio: false +# openshift_node_group_name: node-config-compute +``` + +* `~/inventory/host_vars/app-node-2.${DOMAIN}.yml` + +``` +# CRI-O and Docker side by side +openshift_use_crio_only: false +openshift_use_crio: true +# As we didn't modified the node_group, it will use docker +``` + +After a successful installation, the containerRuntimeVersion field says the CR +it uses: + +``` +$ oc get nodes -o=custom-columns=NAME:.metadata.name,CR:.status.nodeInfo.containerRuntimeVersion --selector='node-role.kubernetes.io/compute=true' +NAME CR +app-node-0.shiftstack.automated.lan cri-o://1.11.5 +app-node-1.shiftstack.automated.lan docker://1.13.1 +app-node-2.shiftstack.automated.lan docker://1.13.1 +``` + +Also, notice the host running cri-o has a label added automatically such as +`runtime=cri-o`: + +``` +$ oc get nodes app-node-0.shiftstack.automated.lan --show-labels +NAME STATUS ROLES AGE VERSION LABELS +app-node-0.shiftstack.automated.lan Ready compute 37m v1.11.0+d4cacc0 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/instance-type=1470ffe1-aea0-4806-a1be-e24c83c08e5f,beta.kubernetes.io/os=linux,failure-domain.beta.kubernetes.io/zone=nova,kubernetes.io/hostname=app-node-0.shiftstack.automated.lan,node-role.kubernetes.io/compute=true,runtime=cri-o +``` + +And there are some pods running: + +``` +$ kubectl get pods --all-namespaces --field-selector spec.nodeName=app-node-0.shiftstack.automated.lan -o wide +NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE +openshift-monitoring node-exporter-d4bq9 2/2 Running 0 24m 10.240.0.19 app-node-0.shiftstack.automated.lan +openshift-node sync-rsgrp 1/1 Running 0 40m 10.240.0.19 app-node-0.shiftstack.automated.lan +openshift-sdn ovs-t54s9 1/1 Running 0 40m 10.240.0.19 app-node-0.shiftstack.automated.lan +openshift-sdn sdn-64tz4 1/1 Running 0 40m 10.240.0.19 app-node-0.shiftstack.automated.lan +``` + +``` +[openshift@app-node-0 ~]$ sudo crictl ps +W1025 04:45:04.056296 13242 util_unix.go:75] Using "/var/run/crio/crio.sock" as endpoint is deprecated, please consider using full url format "unix:///var/run/crio/crio.sock". +CONTAINER ID IMAGE CREATED STATE NAME ATTEMPT +ddfd64fdfb6a3 registry.redhat.io/openshift3/ose-kube-rbac-proxy@sha256:16daf6802d5e88393c271f78037f7c002ff774cd52161c1c1a71f2a84df71868 26 minutes ago Running kube-rbac-proxy 0 +3463217a35030 registry.redhat.io/openshift3/prometheus-node-exporter@sha256:e9b47d1705eb027735d528342e0457e597e28e36f6e38a0262b65802156bfe9b 26 minutes ago Running node-exporter 0 +02652966e1180 074bf04571e220389b5f3afa7669ea07ddd53d281668820ebf537f054487191f 41 minutes ago Running openvswitch 0 +acf2afc99b950 registry.redhat.io/openshift3/ose-node@sha256:3da731d733cd4d67897d22bfdcb027b009494de667bd7a3c870557102ce10bf5 41 minutes ago Running sync 0 +6814b5f7a05d7 registry.redhat.io/openshift3/ose-node@sha256:3da731d733cd4d67897d22bfdcb027b009494de667bd7a3c870557102ce10bf5 41 minutes ago Running sdn 0 +[openshift@app-node-0 ~]$ sudo docker ps +Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running? +``` diff --git a/playbooks/openstack/openshift-cluster/build_image.yml b/playbooks/openstack/openshift-cluster/build_image.yml index b138fdecca3..c64c94db760 100644 --- a/playbooks/openstack/openshift-cluster/build_image.yml +++ b/playbooks/openstack/openshift-cluster/build_image.yml @@ -53,6 +53,7 @@ name: "{{ build_prefix }}-subnet" network_name: "{{ network.network.name }}" cidr: "{{ openshift_openstack_build_network_cidr | default('192.168.23.0/24') }}" + dns_nameservers: "{{ openshift_openstack_dns_nameservers }}" register: subnet - name: Create the router @@ -136,6 +137,8 @@ - cloud-init - cloud-utils-growpart +- name: run the init + import_playbook: ../../init/main.yml # This is the part that installs all of the software and configs for the instance # to become a node. @@ -171,7 +174,7 @@ command: openstack server image create --wait --name "{{ openshift_openstack_default_image_name }}" "{{ image_vm.id }}" # Remove the temporary OpenStack resources - - name: Remove the imabe build instance + - name: Remove the image build instance os_server: name: "{{ image_vm.id }}" state: absent diff --git a/playbooks/openstack/openshift-cluster/install.yml b/playbooks/openstack/openshift-cluster/install.yml index be5465d9e71..414deae27d8 100644 --- a/playbooks/openstack/openshift-cluster/install.yml +++ b/playbooks/openstack/openshift-cluster/install.yml @@ -8,6 +8,9 @@ # values here. We do it in the OSEv3 group vars. Do we need to add # some logic here? +- name: Run the init + import_playbook: ../../init/main.yml + - name: Evaluate basic OpenStack groups import_playbook: evaluate_groups.yml diff --git a/playbooks/openstack/openshift-cluster/master-scaleup.yml b/playbooks/openstack/openshift-cluster/master-scaleup.yml index 520e8fd732b..82f3f4b6f2c 100644 --- a/playbooks/openstack/openshift-cluster/master-scaleup.yml +++ b/playbooks/openstack/openshift-cluster/master-scaleup.yml @@ -27,7 +27,7 @@ # They'll be collected after `wait_for_connection`. gather_facts: no tasks: - - name: Wait for the the new nodes to come up + - name: Wait for the new nodes to come up wait_for_connection: - name: Gather facts for the new nodes diff --git a/playbooks/openstack/openshift-cluster/node-scaleup.yml b/playbooks/openstack/openshift-cluster/node-scaleup.yml index bd0790f9cbd..207fa994da9 100644 --- a/playbooks/openstack/openshift-cluster/node-scaleup.yml +++ b/playbooks/openstack/openshift-cluster/node-scaleup.yml @@ -27,7 +27,7 @@ # They'll be collected after `wait_for_connection`. gather_facts: no tasks: - - name: Wait for the the new nodes to come up + - name: Wait for the new nodes to come up wait_for_connection: - name: Gather facts for the new nodes diff --git a/playbooks/openstack/openshift-cluster/provision.yml b/playbooks/openstack/openshift-cluster/provision.yml index 5fe323c8557..fa402f3b535 100644 --- a/playbooks/openstack/openshift-cluster/provision.yml +++ b/playbooks/openstack/openshift-cluster/provision.yml @@ -2,7 +2,6 @@ - name: Create the OpenStack resources for cluster installation import_playbook: provision_resources.yml - - name: Evaluate OpenStack groups from the dynamic inventory import_playbook: evaluate_groups.yml @@ -17,7 +16,7 @@ # They'll be collected after `wait_for_connection`. gather_facts: no tasks: - - name: Wait for the the nodes to come up + - name: Wait for the nodes to come up wait_for_connection: - name: Gather facts for the new nodes @@ -43,6 +42,9 @@ - import_playbook: ../../init/basic_facts.yml +- name: Run the init + import_playbook: ../../init/main.yml + - name: Optionally subscribe the RHEL nodes any_errors_fatal: true hosts: oo_all_hosts diff --git a/playbooks/openstack/resources.py b/playbooks/openstack/resources.py index 39cd789017a..b7f141233eb 100644 --- a/playbooks/openstack/resources.py +++ b/playbooks/openstack/resources.py @@ -19,6 +19,8 @@ from keystoneauth1.exceptions.catalog import EndpointNotFound import shade +OPENSHIFT_CLUSTER = os.getenv('OPENSHIFT_CLUSTER') + def base_openshift_inventory(cluster_hosts): '''Set the base openshift inventory.''' @@ -47,10 +49,11 @@ def base_openshift_inventory(cluster_hosts): if server.metadata['host-type'] == 'lb'] # NOTE: everything that should go to the `[nodes]` group: - nodes = list(set(masters + etcd + infra_hosts + app + cns)) + nodes = list(set(masters + infra_hosts + app + cns)) - # NOTE: all OpenShift nodes, including `[lb]`, `[nfs]`, etc.: - osev3 = list(set(nodes + load_balancers)) + # NOTE: all OpenShift nodes + any "supporting" roles, + # i.e.: `[etcd]`, `[lb]`, `[nfs]`, etc.: + osev3 = list(set(nodes + etcd + load_balancers)) inventory['OSEv3'] = {'hosts': osev3, 'vars': {}} inventory['openstack_nodes'] = {'hosts': nodes} @@ -85,21 +88,15 @@ def _get_hostvars(server, docker_storage_mountpoints): } public_v4 = server.public_v4 or server.private_v4 + private_v4 = server.private_v4 or server.public_v4 if public_v4: - hostvars['public_v4'] = server.public_v4 - hostvars['openshift_public_ip'] = server.public_v4 + hostvars['public_v4'] = public_v4 + hostvars['openshift_public_ip'] = public_v4 # TODO(shadower): what about multiple networks? - if server.private_v4: - hostvars['private_v4'] = server.private_v4 - hostvars['openshift_ip'] = server.private_v4 - - # NOTE(shadower): Yes, we set both hostname and IP to the private - # IP address for each node. OpenStack doesn't resolve nodes by - # name at all, so using a hostname here would require an internal - # DNS which would complicate the setup and potentially introduce - # performance issues. - hostvars['openshift_hostname'] = server.metadata.get( - 'openshift_hostname', server.private_v4) + if private_v4: + hostvars['private_v4'] = private_v4 + hostvars['openshift_ip'] = private_v4 + hostvars['openshift_public_hostname'] = server.name if server.metadata['host-type'] == 'cns': @@ -123,11 +120,12 @@ def build_inventory(): # Use an environment variable to optionally skip returning the app nodes. show_compute_nodes = os.environ.get('OPENSTACK_SHOW_COMPUTE_NODES', 'true').lower() == "true" - # TODO(shadower): filter the servers based on the `OPENSHIFT_CLUSTER` - # environment variable. + # If `OPENSHIFT_CLUSTER` env variable is defined then it's used to + # filter servers by metadata.clusterid attribute value. cluster_hosts = [ server for server in cloud.list_servers() - if 'metadata' in server and 'clusterid' in server.metadata and + if 'clusterid' in server.get('metadata', []) and + (OPENSHIFT_CLUSTER is None or server.metadata.clusterid == OPENSHIFT_CLUSTER) and (show_compute_nodes or server.metadata.get('sub-host-type') != 'app')] inventory = base_openshift_inventory(cluster_hosts) @@ -182,7 +180,7 @@ def build_inventory(): def _get_stack_outputs(cloud_client): """Returns a dictionary with the stack outputs""" - cluster_name = os.getenv('OPENSHIFT_CLUSTER', 'openshift-cluster') + cluster_name = OPENSHIFT_CLUSTER or 'openshift-cluster' stack = cloud_client.get_stack(cluster_name) if stack is None or stack['stack_status'] not in ( diff --git a/playbooks/openstack/sample-inventory/group_vars/OSEv3.yml b/playbooks/openstack/sample-inventory/group_vars/OSEv3.yml index 956bc41ab2d..619617a0b03 100644 --- a/playbooks/openstack/sample-inventory/group_vars/OSEv3.yml +++ b/playbooks/openstack/sample-inventory/group_vars/OSEv3.yml @@ -33,6 +33,7 @@ openshift_hosted_registry_wait: True # - name: node-config-master # labels: # - 'node-role.kubernetes.io/master=true' +# - 'pod_vif=nested-vlan' # edits: [] # - name: node-config-infra # labels: diff --git a/playbooks/openstack/sample-inventory/group_vars/all.yml b/playbooks/openstack/sample-inventory/group_vars/all.yml index 1a90003c650..8efb23c662d 100644 --- a/playbooks/openstack/sample-inventory/group_vars/all.yml +++ b/playbooks/openstack/sample-inventory/group_vars/all.yml @@ -1,4 +1,25 @@ --- +# Uncomment if you plan on using these features. Doing so is not required, +# but enables pre-requisites checks that will confirm that the right parameters +# are set. + +# Note that these features require other parameters to be set in the inventory. +# It is highly recommended that you read the configuration documentation. + +#openshift_use_all_in_one_cluster_deployment: False +#openshift_use_cinder_persistent_volume: False +#openshift_use_cinder_registry: False +#openshift_use_kuryr: False +#openshift_use_openstack_ssl: False +#openshift_use_swift_registry: False + +#openshift_openstack_use_neutron_internal_dns: False +#openshift_openstack_use_no_floating_ip: False +#openshift_openstack_use_nsupdate: True +#openshift_openstack_use_provider_network: False + +############ + openshift_openstack_clusterid: "openshift" openshift_openstack_public_dns_domain: "example.com" openshift_openstack_dns_nameservers: [] @@ -25,7 +46,6 @@ openshift_openstack_external_network_name: "public" #openshift_openstack_kuryr_service_subnet_cidr: "172.30.0.0/16" ## You should set the following if you want to use Kuryr/Neutron as your SDN -#openshift_use_kuryr: True #openshift_use_openshift_sdn: False # NOTE: you must uncomment these for Kuryr to work properly as well: @@ -105,6 +125,16 @@ openshift_openstack_num_masters: 1 openshift_openstack_num_infra: 1 openshift_openstack_num_cns: 0 openshift_openstack_num_nodes: 2 +openshift_openstack_num_etcd: 0 + +# # Public IP Allocation +# # - manage which node roles are allocated public IP addresses +# # - by default, all roles are given Public IP addresses +#openshift_openstack_master_floating_ip: true +#openshift_openstack_infra_floating_ip: true +#openshift_openstack_etcd_floating_ip: true +#openshift_openstack_load_balancer_floating_ip: true +#openshift_openstack_compute_floating_ip: true # # Used Flavors # # - set specific flavors for roles by uncommenting corresponding lines @@ -161,6 +191,9 @@ openshift_openstack_pool_end: "192.168.99.254" #rhsub_pool: '' +# This parameter may need to be set if your nsupdate zone differs from the full OpenShift DNS name +#openshift_openstack_nsupdate_zone: example.com + # # Roll-your-own DNS #openshift_openstack_external_nsupdate_keys: # public: diff --git a/playbooks/ovirt/openshift-cluster/ovirt-vm-infra.yml b/playbooks/ovirt/openshift-cluster/ovirt-vm-infra.yml index 0ea77c8040a..13ceec00e70 100644 --- a/playbooks/ovirt/openshift-cluster/ovirt-vm-infra.yml +++ b/playbooks/ovirt/openshift-cluster/ovirt-vm-infra.yml @@ -20,7 +20,7 @@ tasks_from: build_vm_list.yml roles: - - oVirt.image-template + - { role: oVirt.image-template, when: qcow_url is defined } - oVirt.vm-infra post_tasks: diff --git a/playbooks/ovirt/provisioning-vars.yaml.example b/playbooks/ovirt/provisioning-vars.yaml.example index cf8f4b58f37..c29fa6c19a0 100644 --- a/playbooks/ovirt/provisioning-vars.yaml.example +++ b/playbooks/ovirt/provisioning-vars.yaml.example @@ -20,6 +20,7 @@ openshift_ovirt_ssh_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}" # Template Creation # https://github.com/oVirt/ovirt-ansible-image-template ########################## +# If you comment the 'qcow_url' variable the template upload role will not be loaded qcow_url: # https://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2c image_path: "{{ lookup('env', 'HOME') }}/Downloads/{{ template_name }}.qcow2" template_name: # rhel75 @@ -79,4 +80,40 @@ node_vm: name: localvol_disk interface: virtio state: running -... + +openshift_ovirt_vm_manifest: +###################################### +# Single Node Static Ip addresses +###################################### +- name: 'master' + count: 1 + profile: 'master_vm' + nic_mode: + master0: + nic_ip_address: '192.168.123.165' + nic_netmask: '255.255.255.0' + nic_gateway: '192.168.123.1' + nic_on_boot: True +####################################### +# Multiple Node Static Ip addresses +####################################### +- name: 'node' + count: 2 + profile: 'node_vm' + nic_mode: + node0: # This must fit the same name as this kind of vms. (e.g) if the name is test, this must be test0 + nic_ip_address: '192.168.123.166' + nic_netmask: '255.255.255.0' + nic_gateway: '192.168.123.1' + nic_on_boot: True + node1: + nic_ip_address: '192.168.123.168' + nic_netmask: '255.255.255.0' + nic_gateway: '192.168.123.1' + nic_on_boot: True +################################################ +# Multiple/Single Node Dynamic Ip addresses +################################################ +- name: 'lb' + count: 1 + profile: 'node_vm' diff --git a/playbooks/prerequisites.yml b/playbooks/prerequisites.yml index de7ac4f47fa..867b4008706 100644 --- a/playbooks/prerequisites.yml +++ b/playbooks/prerequisites.yml @@ -1,5 +1,12 @@ --- # l_scale_up_hosts may be passed in via various scaleup plays. +- name: Fail openshift_kubelet_name_override for new hosts + hosts: "{{ l_scale_up_hosts | default('nodes') }}" + tasks: + - name: Fail when openshift_kubelet_name_override is defined + fail: + msg: "openshift_kubelet_name_override Cannot be defined for new hosts" + when: openshift_kubelet_name_override is defined - import_playbook: init/main.yml vars: diff --git a/requirements.txt b/requirements.txt index afbc532114c..6d83963b7c2 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,6 +1,6 @@ # Versions are pinned to prevent pypi releases arbitrarily breaking # tests with new APIs/semantics. We want to update versions deliberately. -ansible==2.6.2 +ansible==2.6.5 boto==2.44.0 click==6.7 pyOpenSSL==17.5.0 diff --git a/roles/ansible_service_broker/defaults/main.yml b/roles/ansible_service_broker/defaults/main.yml index 741a3d8c3d9..ca44cb01dcd 100644 --- a/roles/ansible_service_broker/defaults/main.yml +++ b/roles/ansible_service_broker/defaults/main.yml @@ -14,7 +14,7 @@ ansible_service_broker_dev_broker: false ansible_service_broker_refresh_interval: 600s # Recommended you do not enable this for now ansible_service_broker_launch_apb_on_bind: false -ansible_service_broker_keep_namespace_on_error: true +ansible_service_broker_keep_namespace_on_error: false ansible_service_broker_keep_namespace: false ansible_service_broker_image_pull_policy: Always @@ -31,3 +31,9 @@ l_asb_default_images_default: "{{ l_asb_default_images_dict[openshift_deployment l_asb_image_url: "{{ oreg_url | default(l_asb_default_images_default) | regex_replace('${version}' | regex_escape, openshift_image_tag) }}" ansible_service_broker_image: "{{ l_asb_image_url | regex_replace('${component}' | regex_escape, 'ansible-service-broker') }}" +# Secrets to be mounted for APBs. Format: +# - title: Database credentials +# secret: db_creds +# apb_name: dh-rhscl-postgresql-apb +# https://github.com/openshift/ansible-service-broker/blob/master/docs/config.md#secrets-configuration +ansible_service_broker_secrets: [] diff --git a/roles/ansible_service_broker/templates/configmap.yaml.j2 b/roles/ansible_service_broker/templates/configmap.yaml.j2 index 8a98a6c7e32..9e238c044c1 100644 --- a/roles/ansible_service_broker/templates/configmap.yaml.j2 +++ b/roles/ansible_service_broker/templates/configmap.yaml.j2 @@ -53,4 +53,4 @@ data: auth: - type: basic enabled: false - + secrets: {{ ansible_service_broker_secrets | to_yaml }} diff --git a/roles/calico/README.md b/roles/calico/README.md index 5846abfbdd1..ada1509cb81 100644 --- a/roles/calico/README.md +++ b/roles/calico/README.md @@ -1,3 +1,48 @@ # Calico -Please see [calico_master](../calico_master/README.md) +Configure Calico components for the Master host. + +## Requirements + +* Ansible 2.2 + +## Installation + +To install, set the following inventory configuration parameters: + +* `openshift_use_calico=True` +* `openshift_use_openshift_sdn=False` +* `os_sdn_network_plugin_name='cni'` + +By default, Calico will share the etcd used by OpenShift. +To configure Calico to use a separate instance of etcd, place etcd SSL client certs on your master, +then set the following variables in your inventory.ini: + +* `calico_etcd_ca_cert_file=/path/to/etcd-ca.crt` +* `calico_etcd_cert_file=/path/to/etcd-client.crt` +* `calico_etcd_key_file=/path/to/etcd-client.key` +* `calico_etcd_endpoints=https://etcd:2379` + +## Upgrading + +OpenShift-Ansible installs Calico as a self-hosted install. Previously, Calico ran as a systemd service. Running Calico +in this manner is now deprecated, and must be upgraded to a hosted cluster. Please run the Legacy Upgrade playbook to +upgrade your existing Calico deployment to a hosted deployment: + + ansible-playbook -i inventory.ini playbooks/byo/calico/legacy_upgrade.yml + +## Additional Calico/Node and Felix Configuration Options + +Additional parameters that can be defined in the inventory are: + + +| Environment | Description | Schema | Default | +|---------|----------------------|---------|---------| +| CALICO_IPV4POOL_IPIP | IPIP Mode to use for the IPv4 POOL created at start up. | off, always, cross-subnet | always | +| CALICO_LOG_DIR | Directory on the host machine where Calico Logs are written.| String | /var/log/calico | + +### Contact Information + +Author: Dan Osborne + +For support, join the `#openshift` channel on the [calico users slack](calicousers.slack.com). diff --git a/roles/calico_master/defaults/main.yaml b/roles/calico/defaults/main.yaml similarity index 93% rename from roles/calico_master/defaults/main.yaml rename to roles/calico/defaults/main.yaml index 6c567df18c8..00ec9e3a3e2 100644 --- a/roles/calico_master/defaults/main.yaml +++ b/roles/calico/defaults/main.yaml @@ -7,3 +7,4 @@ calico_node_image: "quay.io/calico/node:v3.1.3" calico_cni_image: "quay.io/calico/cni:v3.1.3" calico_upgrade_image: "quay.io/calico/upgrade:v1.0.5" calico_ipv4pool_ipip: "always" +use_calico_etcd: False diff --git a/roles/calico/meta/main.yml b/roles/calico/meta/main.yml index eeb3909b2ce..2b36764c4a5 100644 --- a/roles/calico/meta/main.yml +++ b/roles/calico/meta/main.yml @@ -13,5 +13,5 @@ galaxy_info: - cloud - system dependencies: +- role: lib_utils - role: openshift_facts -- role: container_runtime diff --git a/roles/calico_master/tasks/certs.yml b/roles/calico/tasks/certs.yml similarity index 58% rename from roles/calico_master/tasks/certs.yml rename to roles/calico/tasks/certs.yml index c069ff59900..990d21cb321 100644 --- a/roles/calico_master/tasks/certs.yml +++ b/roles/calico/tasks/certs.yml @@ -10,6 +10,29 @@ - calico_certs_provided - not (calico_etcd_ca_cert_file is defined and calico_etcd_cert_file is defined and calico_etcd_key_file is defined and calico_etcd_endpoints is defined) +- name: Calico Node | Set separate Calico etcd flag + set_fact: + use_calico_etcd: "{{ calico_etcd_initial_cluster is defined or calico_etcd_generate_certs is defined or calico_etcd_service_ip is defined or calico_etcd_clients_port is defined or calico_etcd_peers_port is defined or calico_etcd_cert_dir is defined or calico_etcd_mount is defined | bool }}" + +- name: Calico Node | Error if using separate etcd with invalid arguments + fail: + msg: "Must provide all or none of the following etcd params: calico_etcd_initial_cluster, calico_etcd_generate_certs, calico_etcd_service_ip, calico_etcd_clients_port, calico_etcd_peers_port, calico_etcd_cert_dir, and calico_etcd_mount" + when: + - use_calico_etcd + - not (calico_certs_provided and calico_etcd_initial_cluster is defined and calico_etcd_generate_certs is defined and calico_etcd_service_ip is defined and calico_etcd_clients_port is defined and calico_etcd_peers_port is defined and calico_etcd_cert_dir is defined and calico_etcd_mount is defined) + +- name: Calico Node | Configure separate Calico etcd and certs + when: use_calico_etcd + become: yes + include_role: + name: etcd + tasks_from: server_certificates + vars: + etcd_cert_prefix: calico-etcd- + etcd_cert_config_dir: "{{ calico_etcd_cert_dir }}" + etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}" + etcd_cert_subdir: "calico-etcd-{{ openshift.common.hostname }}" + - name: Calico Node | Set etcd cert location facts when: not calico_certs_provided set_fact: diff --git a/roles/calico/tasks/main.yml b/roles/calico/tasks/main.yml index 9a1a7954752..fb9f4c59f84 100644 --- a/roles/calico/tasks/main.yml +++ b/roles/calico/tasks/main.yml @@ -1,47 +1,129 @@ --- -- name: Check for legacy service - stat: - path: /lib/systemd/system/calico.service - get_checksum: false - get_attributes: false - get_mime: false - register: sym -- fail: - msg: You are running a systemd based installation of Calico. Please run the calico upgrade playbook to upgrade to a self-hosted installation. - when: sym.stat.exists - -- name: Configure NetworkManager to ignore Calico interfaces - copy: - src: files/calico.conf - dest: /etc/NetworkManager/conf.d/ - when: using_network_manager | default(true) | bool - register: nm - -- name: restart NetworkManager - systemd: - name: NetworkManager - state: restarted - when: nm.changed - -# TODO: Move into shared vars file -- name: Load default node image +- name: Calico | Run kube proxy + run_once: true + import_role: + name: kube_proxy_and_dns + +- include_tasks: certs.yml + +- name: Calico | Clean Calico etcd data + when: calico_cleanup_path is defined and calico_cleanup_path != "" + file: + state: absent + path: "{{ calico_cleanup_path }}" + +- name: Calico | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico-node + oc_adm_policy_user: + user: system:serviceaccount:kube-system:calico-node + resource_kind: scc + resource_name: privileged + state: present + +- name: Calico | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico-kube-controllers + oc_adm_policy_user: + user: system:serviceaccount:kube-system:calico-kube-controllers + resource_kind: scc + resource_name: privileged + state: present + +- name: Calico | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico-upgrade-job + oc_adm_policy_user: + user: system:serviceaccount:kube-system:calico-upgrade-job + resource_kind: scc + resource_name: privileged + state: present + +- name: Calico | Set default selector for kube-system + command: > + {{ openshift_client_binary }} + --config={{ openshift.common.config_base }}/master/admin.kubeconfig + annotate ns kube-system openshift.io/node-selector="" --overwrite + +- name: Calico | Create temp directory + command: mktemp -d /tmp/openshift-ansible-XXXXXXX + register: mktemp + changed_when: False + +- name: Calico | Write separate Calico etcd manifest + when: use_calico_etcd + template: + dest: "{{ mktemp.stdout }}/calico-etcd.yml" + src: calico-etcd.yml.j2 + +- name: Calico | Launch separate Calico etcd + when: use_calico_etcd + command: > + {{ openshift_client_binary }} apply + -f {{ mktemp.stdout }}/calico-etcd.yml + --config={{ openshift.common.config_base }}/master/admin.kubeconfig + register: calico_etcd_create_output + failed_when: "calico_etcd_create_output.rc != 0" + changed_when: "('created' in calico_etcd_create_output.stdout) or ('configured' in calico_etcd_create_output.stdout)" + +- name: Calico | Parse node version + set_fact: + node_version: "{{ calico_node_image | regex_replace('^.*node:v?(.*)$', '\\1') }}" + cnx: "{{ calico_node_image | regex_replace('^.*/(.*)-node:.*$', '\\1') }}" + use_calico_credentials: "{{ calico_image_credentials is defined | bool }}" + +- name: Calico | Encode Docker Credentials + shell: > + cat {{ calico_image_credentials }} | openssl base64 -A + register: calico_encoded_credentials_output + failed_when: "calico_encoded_credentials_output.rc != 0 or calico_encoded_credentials_output.stdout == ''" + when: use_calico_credentials + +- name: Calico | Set Encoded Docker Credentials Fact set_fact: - calico_node_image: "quay.io/calico/node:v2.6.7" - when: calico_node_image is not defined + calico_encoded_credentials: "{{ calico_encoded_credentials_output.stdout }}" + when: use_calico_credentials -- name: Prepull Images - command: "{{ openshift_container_cli }} pull {{ calico_node_image }}" +- name: Calico | Write Calico Pull Secret + template: + dest: "{{ mktemp.stdout }}/calico-pull-secret.yml" + src: calico-pull-secret.yml.j2 + when: use_calico_credentials -- name: Apply node label - delegate_to: "{{ groups.oo_first_master.0 }}" +- name: Calico | Create Calico Pull Secret + when: use_calico_credentials command: > - {{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig label node {{ openshift.node.nodename | lower }} --overwrite projectcalico.org/ds-ready=true - -- name: Wait for node running - uri: - url: http://localhost:9099/readiness - status_code: 204 - delay: 3 - retries: 10 - register: result - until: result.status == 204 + {{ openshift_client_binary }} apply + -f {{ mktemp.stdout }}/calico-pull-secret.yml + --config={{ openshift.common.config_base }}/master/admin.kubeconfig + register: calico_pull_secret_create_output + failed_when: "calico_pull_secret_create_output.rc != 0" + changed_when: "('created' in calico_pull_secret_create_output.stdout) or ('configured' in calico_pull_secret_create_output.stdout)" + +- name: Calico | Set the correct liveness and readiness checks + set_fact: + calico_binary_checks: "{{ (node_version >= '3.2.0' and cnx != 'cnx') or (node_version >= '2.2.0' and cnx == 'cnx') | bool }}" + +- name: Calico | Write Calico v2 + template: + dest: "{{ mktemp.stdout }}/calico.yml" + src: calico.yml.j2 + when: + - node_version | regex_search('^[0-9]\.[0-9]\.[0-9]') and node_version < '3.0.0' + - cnx != "cnx" + +- name: Calico | Write Calico v3 + template: + dest: "{{ mktemp.stdout }}/calico.yml" + src: calicov3.yml.j2 + when: (node_version | regex_search('^[0-9]\.[0-9]\.[0-9]') and node_version >= '3.0.0') or (node_version == 'master') or (cnx == "cnx" and node_version >= '2.0.0') + +- name: Calico | Launch Calico + run_once: true + command: > + {{ openshift_client_binary }} apply + -f {{ mktemp.stdout }}/calico.yml + --config={{ openshift.common.config_base }}/master/admin.kubeconfig + register: calico_create_output + failed_when: "calico_create_output.rc != 0" + changed_when: "('created' in calico_create_output.stdout) or ('configured' in calico_create_output.stdout)" + +- name: Calico | Delete temp directory + file: + name: "{{ mktemp.stdout }}" + state: absent + changed_when: False diff --git a/roles/calico/templates/calico-etcd.yml.j2 b/roles/calico/templates/calico-etcd.yml.j2 new file mode 100644 index 00000000000..0cc3c41a61b --- /dev/null +++ b/roles/calico/templates/calico-etcd.yml.j2 @@ -0,0 +1,88 @@ +# This manifest installs the Calico etcd on the master. This uses a DaemonSet +# to force it to run on the master even when the master isn't schedulable, and uses +# nodeSelector to ensure it only runs on the master. +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: calico-etcd + namespace: kube-system + labels: + k8s-app: calico-etcd +spec: + template: + metadata: + labels: + k8s-app: calico-etcd + annotations: + # Mark this pod as a critical add-on; when enabled, the critical add-on scheduler + # reserves resources for critical add-on pods so that they can be rescheduled after + # a failure. This annotation works in tandem with the toleration below. + scheduler.alpha.kubernetes.io/critical-pod: '' + spec: + tolerations: + # this taint is set by all kubelets running `--cloud-provider=external` + # so we should tolerate it to schedule the calico pods + - key: node.cloudprovider.kubernetes.io/uninitialized + value: "true" + effect: NoSchedule + # Toleration allows the pod to run on master + - key: node-role.kubernetes.io/master + effect: NoSchedule + # Allow this pod to be rescheduled while the node is in "critical add-ons only" mode. + # This, along with the annotation above marks this pod as a critical add-on. + - key: CriticalAddonsOnly + operator: Exists + # Only run this pod on configure nodes with calico-etcd true in /etc/ansible/hosts. + nodeSelector: + calico-etcd: "true" + hostNetwork: true + serviceAccountName: calico-node + containers: + - name: calico-etcd + image: quay.io/coreos/etcd:v3.2.5 + env: + - name: CALICO_ETCD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: CALICO_ETCD_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + command: ["/bin/sh","-c"] + args: ["/usr/local/bin/etcd --name=$CALICO_ETCD_NAME --data-dir={{ calico_etcd_mount }}/calico-data --advertise-client-urls=https://$CALICO_ETCD_IP:{{ calico_etcd_clients_port }} --listen-client-urls=https://0.0.0.0:{{ calico_etcd_clients_port }} --listen-peer-urls=https://$CALICO_ETCD_IP:{{ calico_etcd_peers_port }} --cert-file={{ calico_etcd_cert_file }} --key-file={{ calico_etcd_key_file }} --trusted-ca-file={{ calico_etcd_ca_cert_file }} --initial-cluster-token=calico-cluster-1 --initial-cluster={{ calico_etcd_initial_cluster }} --initial-advertise-peer-urls=https://$CALICO_ETCD_IP:{{ calico_etcd_peers_port }} --peer-client-cert-auth --peer-trusted-ca-file={{ calico_etcd_ca_cert_file }} --peer-cert-file={{ calico_etcd_cert_file }} --peer-key-file={{ calico_etcd_key_file }}"] + securityContext: + privileged: true + volumeMounts: + - name: var-etcd + mountPath: {{ calico_etcd_mount }} + - name: etcd-certs + mountPath: {{ calico_etcd_cert_dir }} + volumes: + - name: var-etcd + hostPath: + path: {{ calico_etcd_mount }} + - name: etcd-certs + hostPath: + path: {{ calico_etcd_cert_dir }} + +--- + +# This manifest installs the Service which gets traffic to the Calico +# etcd. +apiVersion: v1 +kind: Service +metadata: + labels: + k8s-app: calico-etcd + name: calico-etcd + namespace: kube-system +spec: + # Select the calico-etcd pod running on the master. + selector: + k8s-app: calico-etcd + # This ClusterIP needs to be known in advance, since we cannot rely + # on DNS to get access to etcd. + clusterIP: {{ calico_etcd_service_ip }} + ports: + - port: {{ calico_etcd_clients_port }} diff --git a/roles/calico/templates/calico-pull-secret.yml.j2 b/roles/calico/templates/calico-pull-secret.yml.j2 new file mode 100644 index 00000000000..8fe234fe2f3 --- /dev/null +++ b/roles/calico/templates/calico-pull-secret.yml.j2 @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: calico-pull-secret + namespace: kube-system +data: + .dockerconfigjson: {{ calico_encoded_credentials }} +type: kubernetes.io/dockerconfigjson diff --git a/roles/calico_master/templates/calico.yml.j2 b/roles/calico/templates/calico.yml.j2 similarity index 99% rename from roles/calico_master/templates/calico.yml.j2 rename to roles/calico/templates/calico.yml.j2 index f8934845dba..883c8dc6d7c 100644 --- a/roles/calico_master/templates/calico.yml.j2 +++ b/roles/calico/templates/calico.yml.j2 @@ -126,8 +126,6 @@ spec: annotations: scheduler.alpha.kubernetes.io/critical-pod: '' spec: - nodeSelector: - projectcalico.org/ds-ready: "true" hostNetwork: true tolerations: # Make sure calico/node gets scheduled on all nodes. diff --git a/roles/calico_master/templates/calicov3.yml.j2 b/roles/calico/templates/calicov3.yml.j2 similarity index 97% rename from roles/calico_master/templates/calicov3.yml.j2 rename to roles/calico/templates/calicov3.yml.j2 index e7573296422..0b002d84bfe 100644 --- a/roles/calico_master/templates/calicov3.yml.j2 +++ b/roles/calico/templates/calicov3.yml.j2 @@ -14,6 +14,7 @@ rules: - namespaces - networkpolicies - nodes + - serviceaccounts verbs: - watch - list @@ -49,6 +50,7 @@ rules: - apiGroups: [""] resources: - pods + - namespaces - nodes verbs: - get @@ -181,8 +183,10 @@ spec: annotations: scheduler.alpha.kubernetes.io/critical-pod: '' spec: - nodeSelector: - projectcalico.org/ds-ready: "true" +{% if calico_image_credentials is defined %} + imagePullSecrets: + - name: calico-pull-secret +{% endif %} hostNetwork: true tolerations: # Make sure calico/node gets scheduled on all nodes. @@ -290,7 +294,7 @@ spec: # chosen from this range. Changing this value after installation will have # no effect. This should fall within '--cluster-cidr'. - name: CALICO_IPV4POOL_CIDR - value: "{{ openshift.master.sdn_cluster_network_cidr }}" + value: "{{ openshift_cluster_network_cidr }}" - name: CALICO_IPV4POOL_IPIP value: "{{ calico_ipv4pool_ipip }}" # Disable IPv6 on Kubernetes. @@ -339,13 +343,24 @@ spec: httpGet: path: /liveness port: 9099 +{% if calico_binary_checks %} + host: localhost +{% endif %} periodSeconds: 10 initialDelaySeconds: 10 failureThreshold: 6 readinessProbe: +{% if calico_binary_checks %} + exec: + command: + - /bin/calico-node + - -bird-ready + - -felix-ready +{% else %} httpGet: path: /readiness port: 9099 +{% endif %} periodSeconds: 10 volumeMounts: - mountPath: /lib/modules @@ -457,6 +472,10 @@ spec: labels: k8s-app: calico-kube-controllers spec: +{% if calico_image_credentials is defined %} + imagePullSecrets: + - name: calico-pull-secret +{% endif %} # The controllers must run in the host network namespace so that # it isn't governed by policy that would prevent it from working. hostNetwork: true diff --git a/roles/calico_master/README.md b/roles/calico_master/README.md deleted file mode 100644 index 310eabeec3f..00000000000 --- a/roles/calico_master/README.md +++ /dev/null @@ -1,48 +0,0 @@ -# Calico (Master) - -Configure Calico components for the Master host. - -## Requirements - -* Ansible 2.2 - -## Installation - -To install, set the following inventory configuration parameters: - -* `openshift_use_calico=True` -* `openshift_use_openshift_sdn=False` -* `os_sdn_network_plugin_name='cni'` - -By default, Calico will share the etcd used by OpenShift. -To configure Calico to use a separate instance of etcd, place etcd SSL client certs on your master, -then set the following variables in your inventory.ini: - -* `calico_etcd_ca_cert_file=/path/to/etcd-ca.crt` -* `calico_etcd_cert_file=/path/to/etcd-client.crt` -* `calico_etcd_key_file=/path/to/etcd-client.key` -* `calico_etcd_endpoints=https://etcd:2379` - -## Upgrading - -OpenShift-Ansible installs Calico as a self-hosted install. Previously, Calico ran as a systemd service. Running Calico -in this manner is now deprecated, and must be upgraded to a hosted cluster. Please run the Legacy Upgrade playbook to -upgrade your existing Calico deployment to a hosted deployment: - - ansible-playbook -i inventory.ini playbooks/byo/calico/legacy_upgrade.yml - -## Additional Calico/Node and Felix Configuration Options - -Additional parameters that can be defined in the inventory are: - - -| Environment | Description | Schema | Default | -|---------|----------------------|---------|---------| -| CALICO_IPV4POOL_IPIP | IPIP Mode to use for the IPv4 POOL created at start up. | off, always, cross-subnet | always | -| CALICO_LOG_DIR | Directory on the host machine where Calico Logs are written.| String | /var/log/calico | - -### Contact Information - -Author: Dan Osborne - -For support, join the `#openshift` channel on the [calico users slack](calicousers.slack.com). diff --git a/roles/calico_master/tasks/main.yml b/roles/calico_master/tasks/main.yml deleted file mode 100644 index 72c6f47b4c6..00000000000 --- a/roles/calico_master/tasks/main.yml +++ /dev/null @@ -1,68 +0,0 @@ ---- -- include_tasks: certs.yml - -- name: Calico Master | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico-node - oc_adm_policy_user: - user: system:serviceaccount:kube-system:calico-node - resource_kind: scc - resource_name: privileged - state: present - -- name: Calico Master | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico-kube-controllers - oc_adm_policy_user: - user: system:serviceaccount:kube-system:calico-kube-controllers - resource_kind: scc - resource_name: privileged - state: present - -- name: Calico Master | oc adm policy add-scc-to-user privileged system:serviceaccount:kube-system:calico-upgrade-job - oc_adm_policy_user: - user: system:serviceaccount:kube-system:calico-upgrade-job - resource_kind: scc - resource_name: privileged - state: present - -- name: Set default selector for kube-system - command: > - {{ openshift_client_binary }} - --config={{ openshift.common.config_base }}/master/admin.kubeconfig - annotate ns kube-system openshift.io/node-selector="" --overwrite - -- name: Calico Master | Create temp directory - command: mktemp -d /tmp/openshift-ansible-XXXXXXX - register: mktemp - changed_when: False - -- name: Calico Master | Parse node version - set_fact: - node_version: "{{ calico_node_image | regex_replace('^.*node:v?(.*)$', '\\1') }}" - cnx: "{{ calico_node_image | regex_replace('^.*/(.*)-node:.*$', '\\1') }}" - -- name: Calico Master | Write Calico v2 - template: - dest: "{{ mktemp.stdout }}/calico.yml" - src: calico.yml.j2 - when: - - node_version | regex_search('^[0-9]\.[0-9]\.[0-9]') and node_version < '3.0.0' - - cnx != "cnx" - -- name: Calico Master | Write Calico v3 - template: - dest: "{{ mktemp.stdout }}/calico.yml" - src: calicov3.yml.j2 - when: (node_version | regex_search('^[0-9]\.[0-9]\.[0-9]') and node_version >= '3.0.0') or (node_version == 'master') or (cnx == "cnx" and node_version >= '2.0.0') - -- name: Calico Master | Launch Calico - command: > - {{ openshift_client_binary }} apply - -f {{ mktemp.stdout }}/calico.yml - --config={{ openshift.common.config_base }}/master/admin.kubeconfig - register: calico_create_output - failed_when: "calico_create_output.rc != 0" - changed_when: "('created' in calico_create_output.stdout) or ('configured' in calico_create_output.stdout)" - -- name: Calico Master | Delete temp directory - file: - name: "{{ mktemp.stdout }}" - state: absent - changed_when: False diff --git a/roles/calico_node/README.md b/roles/calico_node/README.md new file mode 100644 index 00000000000..c5c6d07347c --- /dev/null +++ b/roles/calico_node/README.md @@ -0,0 +1,3 @@ +# Calico Node + +Please see [calico](../calico/README.md) diff --git a/roles/calico/files/calico.conf b/roles/calico_node/files/calico.conf similarity index 100% rename from roles/calico/files/calico.conf rename to roles/calico_node/files/calico.conf diff --git a/roles/calico_master/meta/main.yml b/roles/calico_node/meta/main.yml similarity index 86% rename from roles/calico_master/meta/main.yml rename to roles/calico_node/meta/main.yml index c460800de03..102b82bde21 100644 --- a/roles/calico_master/meta/main.yml +++ b/roles/calico_node/meta/main.yml @@ -13,6 +13,4 @@ galaxy_info: - cloud - system dependencies: -- role: lib_utils - role: openshift_facts -- role: kube_proxy_and_dns diff --git a/roles/calico_node/tasks/main.yml b/roles/calico_node/tasks/main.yml new file mode 100644 index 00000000000..0f6430b8dd9 --- /dev/null +++ b/roles/calico_node/tasks/main.yml @@ -0,0 +1,13 @@ +--- +- name: Calico Node | Configure NetworkManager to ignore Calico interfaces + copy: + src: files/calico.conf + dest: /etc/NetworkManager/conf.d/ + when: using_network_manager | default(true) | bool + register: nm + +- name: Calico Node | Restart NetworkManager + systemd: + name: NetworkManager + state: restarted + when: nm.changed diff --git a/roles/cockpit-ui/tasks/install.yml b/roles/cockpit-ui/tasks/install.yml index 1044378bc20..b9a2b09d8ed 100644 --- a/roles/cockpit-ui/tasks/install.yml +++ b/roles/cockpit-ui/tasks/install.yml @@ -17,7 +17,7 @@ - name: Create registry-console template command: > - {{ openshift_client_binary }} create + {{ openshift_client_binary }} apply -f {{ mktemp.stdout }}/registry-console.yaml --config={{ mktemp.stdout }}/admin.kubeconfig -n openshift @@ -48,14 +48,15 @@ register: registry_console_cockpit_kube - name: Deploy registry-console - command: > - {{ openshift_client_binary }} new-app --template=registry-console + shell: > + {{ openshift_client_binary }} process openshift//registry-console -p IMAGE_NAME="{{ openshift_cockpit_deployer_image }}" -p OPENSHIFT_OAUTH_PROVIDER_URL="{{ openshift.master.public_api_url }}" -p REGISTRY_HOST="{{ docker_registry_route.results[0].spec.host }}" -p COCKPIT_KUBE_URL="https://{{ registry_console_cockpit_kube.results.results[0].spec.host }}" --config={{ mktemp.stdout }}/admin.kubeconfig -n default + | {{ openshift_client_binary }} apply --config={{ mktemp.stdout }}/admin.kubeconfig -f - register: deploy_registry_console changed_when: "'already exists' not in deploy_registry_console.stderr" failed_when: diff --git a/roles/cockpit/tasks/main.yml b/roles/cockpit/tasks/main.yml index a319dbae7c7..eb54850af71 100644 --- a/roles/cockpit/tasks/main.yml +++ b/roles/cockpit/tasks/main.yml @@ -13,7 +13,6 @@ - cockpit-bridge - cockpit-docker - "{{ cockpit_plugins | join(',') }}" - when: not openshift_is_atomic | bool register: result until: result is succeeded @@ -22,4 +21,3 @@ name: cockpit.socket enabled: true state: started - when: not openshift_is_atomic | bool diff --git a/roles/container_runtime/tasks/common/atomic_proxy.yml b/roles/container_runtime/tasks/common/atomic_proxy.yml deleted file mode 100644 index dde099984b8..00000000000 --- a/roles/container_runtime/tasks/common/atomic_proxy.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -# Set http_proxy, https_proxy, and no_proxy in /etc/atomic.conf -# regexp: the line starts with or without #, followed by the string -# http_proxy, then either : or = -- block: - - - name: Add http_proxy to /etc/atomic.conf - lineinfile: - dest: /etc/atomic.conf - regexp: "^#?http_proxy[:=]{1}" - line: "http_proxy: {{ openshift.common.http_proxy | default('') }}" - when: - - openshift.common.http_proxy is defined - - openshift.common.http_proxy != '' - - - name: Add https_proxy to /etc/atomic.conf - lineinfile: - dest: /etc/atomic.conf - regexp: "^#?https_proxy[:=]{1}" - line: "https_proxy: {{ openshift.common.https_proxy | default('') }}" - when: - - openshift.common.https_proxy is defined - - openshift.common.https_proxy != '' - - - name: Add no_proxy to /etc/atomic.conf - lineinfile: - dest: /etc/atomic.conf - regexp: "^#?no_proxy[:=]{1}" - line: "no_proxy: {{ openshift.common.no_proxy | default('') }}" - when: - - openshift.common.no_proxy is defined - - openshift.common.no_proxy != '' diff --git a/roles/container_runtime/tasks/common/setup_docker_symlink.yml b/roles/container_runtime/tasks/common/setup_docker_symlink.yml index b95e45128ca..2ce522bd597 100644 --- a/roles/container_runtime/tasks/common/setup_docker_symlink.yml +++ b/roles/container_runtime/tasks/common/setup_docker_symlink.yml @@ -11,11 +11,6 @@ failed_when: - results.rc != 0 - - name: ensure the unmount of top level mount point - mount: - path: "{{ docker_default_storage_path }}" - state: unmounted - - name: "Set the selinux context on {{ docker_alt_storage_path }}" command: "semanage fcontext -a -e {{ docker_default_storage_path }} {{ docker_alt_storage_path }}" environment: @@ -28,6 +23,11 @@ - name: "restorecon the {{ docker_alt_storage_path }}" command: "restorecon -r {{ docker_alt_storage_path }}" + - name: ensure the unmount of top level mount point + mount: + path: "{{ docker_default_storage_path }}" + state: unmounted + - name: Remove the old docker location file: state: absent diff --git a/roles/container_runtime/tasks/docker_upgrade_check.yml b/roles/container_runtime/tasks/docker_upgrade_check.yml index f986a2d4847..3cf892e856e 100644 --- a/roles/container_runtime/tasks/docker_upgrade_check.yml +++ b/roles/container_runtime/tasks/docker_upgrade_check.yml @@ -21,7 +21,6 @@ retries: 4 until: curr_docker_version is succeeded changed_when: false - when: not openshift_is_atomic | bool - name: Get latest available version of Docker command: > @@ -31,17 +30,15 @@ until: avail_docker_version is succeeded # Don't expect docker rpm to be available on hosts that don't already have it installed: when: - - not openshift_is_atomic | bool - pkg_check.rc == 0 failed_when: false changed_when: false -- name: Required docker version not available (non-atomic) +- name: Required docker version not available fail: msg: "This playbook requires access to Docker {{ l_required_docker_version }} or later" # Disable the 1.12 requirement if the user set a specific Docker version when: - - not openshift_is_atomic | bool - docker_version is not defined - docker_upgrade | bool - pkg_check.rc == 0 @@ -55,7 +52,6 @@ - set_fact: docker_version: "{{ avail_docker_version.stdout }}" when: - - not openshift_is_atomic | bool - pkg_check.rc == 0 - docker_version is not defined @@ -63,23 +59,5 @@ set_fact: l_docker_upgrade: True when: - - not openshift_is_atomic | bool - pkg_check.rc == 0 - curr_docker_version.stdout is version(docker_version,'<') - -# Additional checks for Atomic hosts: -- name: Determine available Docker - shell: "rpm -q --queryformat '---\ncurr_version: %{VERSION}\navail_version: \n' docker" - register: g_atomic_docker_version_result - when: openshift_is_atomic | bool - -- set_fact: - l_docker_version: "{{ g_atomic_docker_version_result.stdout | from_yaml }}" - when: openshift_is_atomic | bool - -- name: Required docker version is unavailable (atomic) - fail: - msg: "This playbook requires access to Docker {{ l_required_docker_version }} or later" - when: - - openshift_is_atomic | bool - - l_docker_version.avail_version | default(l_docker_version.curr_version, true) is version(l_required_docker_version,'<') diff --git a/roles/container_runtime/tasks/package_crio.yml b/roles/container_runtime/tasks/package_crio.yml index b158d0ba6c3..cbbedcdbeef 100644 --- a/roles/container_runtime/tasks/package_crio.yml +++ b/roles/container_runtime/tasks/package_crio.yml @@ -1,9 +1,4 @@ --- -- name: Fail if Atomic Host since this is an rpm request - fail: msg='Cannot use CRI-O as a package on Atomic Host' - when: - - openshift_is_atomic | bool - - import_tasks: common/pre.yml - name: Check that overlay is in the kernel @@ -82,6 +77,11 @@ dest: /etc/sysconfig/crio-network src: crio-network.j2 +- name: Place registries.conf in /etc/containers/registries.conf + template: + dest: "{{ containers_registries_conf_path }}" + src: registries.conf.j2 + - name: Start the CRI-O service systemd: name: "cri-o" diff --git a/roles/container_runtime/tasks/package_docker.yml b/roles/container_runtime/tasks/package_docker.yml index e915df5bf83..0f55fe9076e 100644 --- a/roles/container_runtime/tasks/package_docker.yml +++ b/roles/container_runtime/tasks/package_docker.yml @@ -1,14 +1,8 @@ --- - import_tasks: common/pre.yml -# In some cases, some services may be run as containers and docker may still -# be installed via rpm. -- import_tasks: common/atomic_proxy.yml - when: openshift_is_atomic - - name: Get current installed Docker version command: "{{ repoquery_installed }} --qf '%{version}' docker" - when: not openshift_is_atomic | bool register: curr_docker_version retries: 4 until: curr_docker_version is succeeded @@ -24,14 +18,11 @@ package: name: "{{ pkg_list | join(',') }}" state: present - when: - - not (openshift_is_atomic | bool) register: result until: result is succeeded vars: pkg_list: - "docker{{ '-' + docker_version if docker_version is defined else '' }}" - - atomic - skopeo - block: @@ -80,7 +71,7 @@ - name: Place additional/blocked/insecure registries in /etc/containers/registries.conf template: dest: "{{ containers_registries_conf_path }}" - src: registries.conf + src: registries.conf.j2 when: openshift_docker_use_etc_containers | bool notify: - restart container runtime diff --git a/roles/container_runtime/tasks/registry_auth.yml b/roles/container_runtime/tasks/registry_auth.yml index ffb297941d7..8277c4da900 100644 --- a/roles/container_runtime/tasks/registry_auth.yml +++ b/roles/container_runtime/tasks/registry_auth.yml @@ -2,7 +2,7 @@ # docker_creds is a custom module from lib_utils # 'docker login' requires a docker.service running on the local host, this is an # alternative implementation that operates directly on config.json -- name: Create credentials for docker cli registry auth (alternative) +- name: Create credentials for oreg_url docker_creds: path: "{{ docker_cli_auth_config_path }}" registry: "{{ oreg_host }}" @@ -11,10 +11,30 @@ # Test that we can actually connect with provided info test_login: "{{ oreg_test_login | default(True) }}" proxy_vars: "{{ l_docker_creds_proxy_vars }}" - image_name: "{{ l_docker_creds_image_name }}" + test_image: "{{ l_docker_creds_test_image }}" when: - oreg_auth_user is defined register: crt_oreg_auth_credentials_create retries: 3 delay: 5 until: crt_oreg_auth_credentials_create is succeeded + +- name: Create for any additional registries + docker_creds: + path: "{{ docker_cli_auth_config_path }}" + registry: "{{ item.host }}" + username: "{{ item.user | default('openshift') }}" + password: "{{ item.password }}" + # Test that we can actually connect with provided info + test_login: "{{ item.test_login | default(omit) }}" + proxy_vars: "{{ l_docker_creds_proxy_vars }}" + test_image: "{{ item.test_image | default('openshift3/ose-pod') }}" + tls_verify: "{{ item.tls_verify | default(omit) }}" + when: + - openshift_additional_registry_credentials != [] + register: crt_addl_credentials_create + retries: 3 + delay: 5 + until: crt_addl_credentials_create is succeeded + with_items: + "{{ openshift_additional_registry_credentials }}" diff --git a/roles/container_runtime/templates/crio.conf.j2 b/roles/container_runtime/templates/crio.conf.j2 index 069897aeea4..56d607e2620 100644 --- a/roles/container_runtime/templates/crio.conf.j2 +++ b/roles/container_runtime/templates/crio.conf.j2 @@ -141,16 +141,18 @@ signature_policy = "" # The valid values are mkdir and ignore. image_volumes = "mkdir" +# CRI-O reads its configured registries defaults from the containers/image configuration +# file, /etc/containers/registries.conf. Modify registries.conf if you want to +# change default registries for all tools that use containers/image. If you +# want to modify just crio, you can change the registies configuration in this +# file. + # insecure_registries is used to skip TLS verification when pulling images. -insecure_registries = [ -{{ l_insecure_crio_registries|default("") }} -] +# insecure_registries = [] # registries is used to specify a comma separated list of registries to be used # when pulling an unqualified image (e.g. fedora:rawhide). -registries = [ -{{ l_additional_crio_registries|default("") }} -] +# registries = [] # The "crio.network" table contains settings pertaining to the # management of CNI plugins. diff --git a/roles/container_runtime/templates/registries.conf b/roles/container_runtime/templates/registries.conf deleted file mode 100644 index dfc28ea47b5..00000000000 --- a/roles/container_runtime/templates/registries.conf +++ /dev/null @@ -1,46 +0,0 @@ -# {{ ansible_managed }} -# This is a system-wide configuration file used to -# keep track of registries for various container backends. -# It adheres to YAML format and does not support recursive -# lists of registries. - -# The default location for this configuration file is /etc/containers/registries.conf. - -# The only valid categories are: 'registries', 'insecure_registries', -# and 'block_registries'. - - -#registries: -# - registry.redhat.io - -{% if l2_docker_additional_registries %} -registries: -{% for reg in l2_docker_additional_registries %} - - {{ reg }} -{% endfor %} -{% endif %} - -# If you need to access insecure registries, uncomment the section below -# and add the registries fully-qualified name. An insecure registry is one -# that does not have a valid SSL certificate or only does HTTP. -#insecure_registries: -# - - -{% if l2_docker_insecure_registries %} -insecure_registries: -{% for reg in l2_docker_insecure_registries %} - - {{ reg }} -{% endfor %} -{% endif %} - -# If you need to block pull access from a registry, uncomment the section below -# and add the registries fully-qualified name. -#block_registries: -# - - -{% if l2_docker_blocked_registries %} -block_registries: -{% for reg in l2_docker_blocked_registries %} - - {{ reg }} -{% endfor %} -{% endif %} diff --git a/roles/container_runtime/templates/registries.conf.j2 b/roles/container_runtime/templates/registries.conf.j2 new file mode 100644 index 00000000000..8316aef6dbe --- /dev/null +++ b/roles/container_runtime/templates/registries.conf.j2 @@ -0,0 +1,27 @@ +# {{ ansible_managed }} +# This is a system-wide configuration file used to +# keep track of registries for various container backends. +# It adheres to TOML format and does not support recursive +# lists of registries. + +# The default location for this configuration file is /etc/containers/registries.conf. + +# The only valid categories are: 'registries.search', 'registries.insecure', +# and 'registries.block'. + +[registries.search] +registries = [{{ l_additional_crio_registries|default("") }}] + + +# If you need to access insecure registries, add the registry's fully-qualified name. +# An insecure registry is one that does not have a valid SSL certificate or only does HTTP. +[registries.insecure] +registries = [{{ l_insecure_crio_registries|default("") }}] + + +# If you need to block pull access from a registry, uncomment the section below +# and add the registries fully-qualified name. +# +# Docker only +[registries.block] +registries = {{ l2_docker_blocked_registries | to_json }} diff --git a/roles/contiv/tasks/packageManagerInstall.yml b/roles/contiv/tasks/packageManagerInstall.yml index 8c8e7a7bd40..97f664cef25 100644 --- a/roles/contiv/tasks/packageManagerInstall.yml +++ b/roles/contiv/tasks/packageManagerInstall.yml @@ -4,7 +4,7 @@ did_install: false - include_tasks: pkgMgrInstallers/centos-install.yml - when: ansible_os_family == "RedHat" and not openshift_is_atomic | bool + when: ansible_os_family == "RedHat" - name: Package Manager | Set fact saying we did CentOS package install set_fact: diff --git a/roles/contiv_facts/tasks/main.yml b/roles/contiv_facts/tasks/main.yml index e7cd3c13db6..708a43cd8af 100644 --- a/roles/contiv_facts/tasks/main.yml +++ b/roles/contiv_facts/tasks/main.yml @@ -60,4 +60,4 @@ when: contiv_has_rpm - include_tasks: fedora-install.yml - when: not openshift_is_atomic and ansible_distribution == "Fedora" + when: ansible_distribution == "Fedora" diff --git a/roles/etcd/defaults/main.yaml b/roles/etcd/defaults/main.yaml index 5f3178a498c..247be652969 100644 --- a/roles/etcd/defaults/main.yaml +++ b/roles/etcd/defaults/main.yaml @@ -63,7 +63,6 @@ r_etcd_common_master_peer_ca_file: /etc/origin/master/master.etcd-ca.crt # etcd server & certificate vars etcd_hostname: "{{ openshift.common.hostname }}" etcd_ip: "{{ openshift.common.ip }}" -etcd_is_atomic: "{{ openshift_is_atomic }}" etcd_is_thirdparty: False # etcd dir vars @@ -83,9 +82,8 @@ etcd_listen_peer_urls: "{{ etcd_peer_url_scheme }}://{{ etcd_ip }}:{{ etcd_peer_ etcd_advertise_client_urls: "{{ etcd_url_scheme }}://{{ etcd_ip }}:{{ etcd_client_port }}" etcd_listen_client_urls: "{{ etcd_url_scheme }}://{{ etcd_ip }}:{{ etcd_client_port }}" -# required role variable -#etcd_peer: 127.0.0.1 -etcdctlv2: "{{ r_etcd_common_etcdctl_command }} --cert-file {{ etcd_peer_cert_file }} --key-file {{ etcd_peer_key_file }} --ca-file {{ etcd_peer_ca_file }} -C https://{{ etcd_peer }}:{{ etcd_client_port }}" +etcd_peer: "{{ openshift.common.hostname }}" +etcdctlv2: "{{ r_etcd_common_etcdctl_command }} --cert-file {{ etcd_peer_cert_file }} --key-file {{ etcd_peer_key_file }} --ca-file {{ etcd_peer_ca_file }} --endpoints {{ etcd_peer_url_scheme }}://{{ etcd_peer }}:{{ etcd_client_port }}" etcd_service: etcd # Location of the service file is fixed and not meant to be changed diff --git a/roles/etcd/etcdctl.sh b/roles/etcd/etcdctl.sh deleted file mode 100644 index 0e324a8a953..00000000000 --- a/roles/etcd/etcdctl.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -# Sets up handy aliases for etcd, need etcdctl2 and etcdctl3 because -# command flags are different between the two. Should work on stand -# alone etcd hosts and master + etcd hosts too because we use the peer keys. -etcdctl2() { - /usr/bin/etcdctl --cert-file /etc/etcd/peer.crt --key-file /etc/etcd/peer.key --ca-file /etc/etcd/ca.crt -C https://`hostname`:2379 ${@} -} - -etcdctl3() { - ETCDCTL_API=3 /usr/bin/etcdctl --cert /etc/etcd/peer.crt --key /etc/etcd/peer.key --cacert /etc/etcd/ca.crt --endpoints https://`hostname`:2379 ${@} -} diff --git a/roles/etcd/tasks/add_new_member.yml b/roles/etcd/tasks/add_new_member.yml index 930cf9e8b43..731cd6c22e6 100644 --- a/roles/etcd/tasks/add_new_member.yml +++ b/roles/etcd/tasks/add_new_member.yml @@ -3,17 +3,8 @@ - import_tasks: set_facts.yml - name: Add new etcd members to cluster - command: > - {{ r_etcd_common_etcdctl_command }} - --cert-file {{ etcd_peer_cert_file }} - --key-file {{ etcd_peer_key_file }} - --ca-file {{ etcd_peer_ca_file }} - -C {{ etcd_peer_url_scheme }}://{{ hostvars[etcd_ca_host].etcd_ip }}:{{ etcd_client_port }} - member add {{ etcd_hostname }} {{ etcd_peer_url_scheme }}://{{ etcd_ip }}:{{ etcd_peer_port }} + command: "{{ hostvars[etcd_ca_host].etcdctlv2 }} member add {{ etcd_hostname }} {{ etcd_peer_url_scheme }}://{{ etcd_ip }}:{{ etcd_peer_port }}" delegate_to: "{{ etcd_ca_host }}" - failed_when: - - etcd_add_check.rc == 1 - - ("peerURL exists" not in etcd_add_check.stderr) register: etcd_add_check retries: 3 delay: 10 diff --git a/roles/etcd/tasks/certificates/deploy_ca.yml b/roles/etcd/tasks/certificates/deploy_ca.yml index e7afaeb94ba..82b9f9700bd 100644 --- a/roles/etcd/tasks/certificates/deploy_ca.yml +++ b/roles/etcd/tasks/certificates/deploy_ca.yml @@ -3,7 +3,6 @@ package: name: openssl state: present - when: not etcd_is_atomic | bool delegate_to: "{{ etcd_ca_host }}" run_once: true register: result diff --git a/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml b/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml index 243072b57d2..f8a5e81b03f 100644 --- a/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml +++ b/roles/etcd/tasks/certificates/fetch_server_certificates_from_ca.yml @@ -3,8 +3,6 @@ package: name: "etcd" state: present - when: - - not etcd_is_atomic | bool register: result until: result is succeeded diff --git a/roles/etcd/tasks/remove-etcd-v2-data.yml b/roles/etcd/tasks/remove-etcd-v2-data.yml new file mode 100644 index 00000000000..1fc8e220d87 --- /dev/null +++ b/roles/etcd/tasks/remove-etcd-v2-data.yml @@ -0,0 +1,28 @@ +--- +- import_tasks: verify_cluster_health.yml + +- name: Check migrated status + command: "{{ etcdctlv2 }} get /kubernetes.io" + register: etcdv2_migrated_status + failed_when: ('stdout' not in etcdv2_migrated_status) + +- block: + - name: Remove etcdv2 kubernetes data + command: "{{ etcdctlv2 }} rm -r /kubernetes.io" + register: etcdv2_remove_k8s + when: ('Key not found' not in etcdv2_migrated_status.stderr) + + - name: Get openshift data + command: "{{ etcdctlv2 }} get /openshift.io" + register: etcdv2_openshift_data + failed_when: ('stdout' not in etcdv2_openshift_data) + + - name: Remove etcdv2 openshift data + command: "{{ etcdctlv2 }} rm -r /openshift.io" + register: etcdv2_remove_openshift + when: ('Key not found' not in etcdv2_openshift_data.stderr) + + - name: Set migrated mark + command: "{{ etcdctlv2 }} set /kubernetes.io migrated" + + when: (etcdv2_migrated_status.stdout != 'migrated') diff --git a/roles/etcd/tasks/set_facts.yml b/roles/etcd/tasks/set_facts.yml index 064729815e1..0dac2813c2b 100644 --- a/roles/etcd/tasks/set_facts.yml +++ b/roles/etcd/tasks/set_facts.yml @@ -3,3 +3,4 @@ set_fact: etcd_ip: "{{ etcd_ip }}" etcd_hostname: "{{ etcd_hostname }}" + etcdctlv2: "{{ etcdctlv2 }}" diff --git a/roles/etcd/tasks/static.yml b/roles/etcd/tasks/static.yml index cebe924174b..32d1678fc39 100644 --- a/roles/etcd/tasks/static.yml +++ b/roles/etcd/tasks/static.yml @@ -7,8 +7,7 @@ register: etcd_image_exists - name: Pre-pull etcd image - docker_image: - name: "{{ etcd_image }}" + command: "{{ openshift_container_cli }} pull {{ etcd_image }}" environment: NO_PROXY: "{{ openshift.common.no_proxy | default('') }}" when: etcd_image_exists.stdout_lines == [] @@ -84,7 +83,7 @@ - "{{ etcd_peer_key_file }}" - "--ca-file" - "{{ etcd_peer_ca_file }}" - - "-C" + - "--endpoints" - "{{ etcd_peer_url_scheme }}://{{ etcd_ip }}:{{ etcd_client_port }}" - "cluster-health" with_items: diff --git a/roles/etcd/tasks/upgrade_rpm.yml b/roles/etcd/tasks/upgrade_rpm.yml index b3a4c9e576f..b5c2ab191a5 100644 --- a/roles/etcd/tasks/upgrade_rpm.yml +++ b/roles/etcd/tasks/upgrade_rpm.yml @@ -8,8 +8,7 @@ # RHEL 7.3.3 with etcd-3.1.0-2.el7 # RHEL 7.3.2 with etcd-3.0.15-1.el7 -- name: Verify cluster is healthy pre-upgrade - command: "{{ etcdctlv2 }} cluster-health" +- import_tasks: verify_cluster_health.yml - set_fact: l_etcd_target_package: "{{ 'etcd' if r_etcd_upgrade_version is not defined else 'etcd-'+r_etcd_upgrade_version+'*' }}" @@ -26,9 +25,4 @@ - name: restart etcd command: "{{ l_etcd_restart_command }}" -- name: Verify cluster is healthy - command: "{{ etcdctlv2 }} cluster-health" - register: etcdctl - until: etcdctl.rc == 0 - retries: 3 - delay: 10 +- import_tasks: verify_cluster_health.yml diff --git a/roles/etcd/tasks/upgrade_static.yml b/roles/etcd/tasks/upgrade_static.yml index caba872ab20..0b144251aaf 100644 --- a/roles/etcd/tasks/upgrade_static.yml +++ b/roles/etcd/tasks/upgrade_static.yml @@ -3,8 +3,7 @@ # INPUT r_etcd_upgrade_version -- name: Verify cluster is healthy pre-upgrade - command: "{{ etcdctlv2 }} cluster-health" +- import_tasks: verify_cluster_health.yml - name: Check for old etcd service files stat: @@ -50,9 +49,4 @@ - set_fact: r_etcd_common_etcd_runtime: static_pod -- name: Verify cluster is healthy - command: "{{ etcdctlv2 }} cluster-health" - register: etcdctl - until: etcdctl.rc == 0 and 'stopped' not in etcdctl.stderr - retries: 30 - delay: 10 +- import_tasks: verify_cluster_health.yml diff --git a/roles/etcd/tasks/verify_cluster_health.yml b/roles/etcd/tasks/verify_cluster_health.yml new file mode 100644 index 00000000000..5c2ec8d46c1 --- /dev/null +++ b/roles/etcd/tasks/verify_cluster_health.yml @@ -0,0 +1,9 @@ +--- +- name: Verify cluster is healthy + command: "{{ etcdctlv2 }} cluster-health" + register: cluster_health + retries: 30 + delay: 6 + until: + - cluster_health.rc == 0 + - ('stopped' not in cluster_health.stderr) diff --git a/roles/etcd/templates/etcdctl.sh.j2 b/roles/etcd/templates/etcdctl.sh.j2 index b2860d3b39f..3f2ec113fad 100644 --- a/roles/etcd/templates/etcdctl.sh.j2 +++ b/roles/etcd/templates/etcdctl.sh.j2 @@ -4,7 +4,7 @@ # alone etcd hosts and master + etcd hosts too because we use the peer keys. etcdctl2() { - cmd="ETCDCTL_API=2 etcdctl --cert-file {{ etcd_peer_cert_file }} --key-file {{ etcd_peer_key_file }} --ca-file {{ etcd_peer_ca_file }} -C https://`hostname`:2379 ${@}" + cmd="ETCDCTL_API=2 etcdctl --cert-file {{ etcd_peer_cert_file }} --key-file {{ etcd_peer_key_file }} --ca-file {{ etcd_peer_ca_file }} --endpoints https://`hostname`:2379 ${@}" if [[ -f /usr/local/bin/master-exec ]]; then /usr/local/bin/master-exec etcd etcd /bin/sh -c "$cmd" else diff --git a/roles/flannel/tasks/main.yml b/roles/flannel/tasks/main.yml index 25300e6c44e..da707413646 100644 --- a/roles/flannel/tasks/main.yml +++ b/roles/flannel/tasks/main.yml @@ -4,7 +4,6 @@ package: name: flannel state: present - when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/installer_checkpoint/callback_plugins/installer_checkpoint.py b/roles/installer_checkpoint/callback_plugins/installer_checkpoint.py index c5ea29c1657..3a9e52b7e65 100644 --- a/roles/installer_checkpoint/callback_plugins/installer_checkpoint.py +++ b/roles/installer_checkpoint/callback_plugins/installer_checkpoint.py @@ -19,6 +19,10 @@ def __init__(self): def v2_playbook_on_stats(self, stats): + # Return if there are no custom stats to process + if stats.custom == {}: + return + phases = stats.custom['_run'] # Find the longest phase title diff --git a/roles/kuryr/templates/controller-deployment.yaml.j2 b/roles/kuryr/templates/controller-deployment.yaml.j2 index 30a36a0b54f..b1cdbcec5c2 100644 --- a/roles/kuryr/templates/controller-deployment.yaml.j2 +++ b/roles/kuryr/templates/controller-deployment.yaml.j2 @@ -57,4 +57,6 @@ spec: - name: certificates-volume secret: secretName: kuryr-certificates + nodeSelector: + node-role.kubernetes.io/infra: "true" restartPolicy: Always diff --git a/roles/lib_openshift/library/oc_atomic_container.py b/roles/lib_openshift/library/oc_atomic_container.py index a6b7af0acd3..e69de29bb2d 100644 --- a/roles/lib_openshift/library/oc_atomic_container.py +++ b/roles/lib_openshift/library/oc_atomic_container.py @@ -1,225 +0,0 @@ -#!/usr/bin/env python -# pylint: disable=missing-docstring -# flake8: noqa: T001 -# ___ ___ _ _ ___ ___ _ _____ ___ ___ -# / __| __| \| | __| _ \ /_\_ _| __| \ -# | (_ | _|| .` | _|| / / _ \| | | _|| |) | -# \___|___|_|\_|___|_|_\/_/_\_\_|_|___|___/_ _____ -# | \ / _ \ | \| |/ _ \_ _| | __| \_ _|_ _| -# | |) | (_) | | .` | (_) || | | _|| |) | | | | -# |___/ \___/ |_|\_|\___/ |_| |___|___/___| |_| -# -# Copyright 2016 Red Hat, Inc. and/or its affiliates -# and other contributors as indicated by the @author tags. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# -*- -*- -*- Begin included fragment: doc/atomic_container -*- -*- -*- - -DOCUMENTATION = ''' ---- -module: oc_atomic_container -short_description: Manage the container images on the atomic host platform -description: - - Manage the container images on the atomic host platform - - Allows to execute the commands on the container images -requirements: - - atomic - - "python >= 2.6" -options: - name: - description: - - Name of the container - required: True - default: null - image: - description: - - The image to use to install the container - required: True - default: null - state: - description: - - State of the container - required: True - choices: ["latest", "absent", "latest", "rollback"] - default: "latest" - values: - description: - - Values for the installation of the container - required: False - default: None -''' - -# -*- -*- -*- End included fragment: doc/atomic_container -*- -*- -*- - -# -*- -*- -*- Begin included fragment: ansible/oc_atomic_container.py -*- -*- -*- - -# pylint: disable=wrong-import-position,too-many-branches,invalid-name,no-name-in-module, import-error -import json -import os - -from distutils.version import StrictVersion - -from ansible.module_utils.basic import AnsibleModule - - -def _install(module, container, image, values_list): - ''' install a container using atomic CLI. values_list is the list of --set arguments. - container is the name given to the container. image is the image to use for the installation. ''' - # NOTE: system-package=no is hardcoded. This should be changed to an option in the future. - args = ['atomic', 'install', '--system', '--system-package=no', - '--name=%s' % container] + values_list + [image] - rc, out, err = module.run_command(args, check_rc=False) - if rc != 0: - return rc, out, err, False - else: - changed = "Extracting" in out or "Copying blob" in out - return rc, out, err, changed - -def _uninstall(module, name): - ''' uninstall an atomic container by its name. ''' - args = ['atomic', 'uninstall', name] - rc, out, err = module.run_command(args, check_rc=False) - return rc, out, err, False - -def _ensure_service_file_is_removed(container): - '''atomic install won't overwrite existing service file, so it needs to be removed''' - service_path = '/etc/systemd/system/{}.service'.format(container) - if not os.path.exists(service_path): - return - os.remove(service_path) - -def do_install(module, container, image, values_list): - ''' install a container and exit the module. ''' - _ensure_service_file_is_removed(container) - - rc, out, err, changed = _install(module, container, image, values_list) - if rc != 0: - module.fail_json(rc=rc, msg=err) - else: - module.exit_json(msg=out, changed=changed) - - -def do_uninstall(module, name): - ''' uninstall a container and exit the module. ''' - rc, out, err, changed = _uninstall(module, name) - if rc != 0: - module.fail_json(rc=rc, msg=err) - module.exit_json(msg=out, changed=changed) - - -def do_update(module, container, old_image, image, values_list): - ''' update a container and exit the module. If the container uses a different - image than the current installed one, then first uninstall the old one ''' - - # the image we want is different than the installed one - if old_image != image: - rc, out, err, _ = _uninstall(module, container) - if rc != 0: - module.fail_json(rc=rc, msg=err) - return do_install(module, container, image, values_list) - - # if the image didn't change, use "atomic containers update" - args = ['atomic', 'containers', 'update'] + values_list + [container] - rc, out, err = module.run_command(args, check_rc=False) - if rc != 0: - module.fail_json(rc=rc, msg=err) - else: - changed = "Extracting" in out or "Copying blob" in out - module.exit_json(msg=out, changed=changed) - - -def do_rollback(module, name): - ''' move to the previous deployment of the container, if present, and exit the module. ''' - args = ['atomic', 'containers', 'rollback', name] - rc, out, err = module.run_command(args, check_rc=False) - if rc != 0: - module.fail_json(rc=rc, msg=err) - else: - changed = "Rolling back" in out - module.exit_json(msg=out, changed=changed) - - -def core(module): - ''' entrypoint for the module. ''' - name = module.params['name'] - image = module.params['image'] - values = module.params['values'] - state = module.params['state'] - - module.run_command_environ_update = dict(LANG='C', LC_ALL='C', LC_MESSAGES='C') - out = {} - err = {} - rc = 0 - - values_list = ["--set=%s" % x for x in values] if values else [] - - args = ['atomic', 'containers', 'list', '--json', '--all', '-f', 'container=%s' % name] - rc, out, err = module.run_command(args, check_rc=False) - if rc != 0: - module.fail_json(rc=rc, msg=err) - return - - # NOTE: "or '[]' is a workaround until atomic containers list --json - # provides an empty list when no containers are present. - containers = json.loads(out or '[]') - present = len(containers) > 0 - old_image = containers[0]["image_name"] if present else None - - if state == 'present' and present: - module.exit_json(msg=out, changed=False) - elif (state in ['latest', 'present']) and not present: - do_install(module, name, image, values_list) - elif state == 'latest': - do_update(module, name, old_image, image, values_list) - elif state == 'absent': - if not present: - module.exit_json(msg="", changed=False) - else: - do_uninstall(module, name) - elif state == 'rollback': - do_rollback(module, name) - - -def main(): - module = AnsibleModule( - argument_spec=dict( - name=dict(default=None, required=True), - image=dict(default=None, required=True), - state=dict(default='latest', choices=['present', 'absent', 'latest', 'rollback']), - values=dict(type='list', default=[]), - ), - ) - - # Verify that the platform supports atomic command - rc, version_out, err = module.run_command('rpm -q --queryformat "%{VERSION}\n" atomic', check_rc=False) - if rc != 0: - module.fail_json(msg="Error in running atomic command", err=err) - # This module requires atomic version 1.17.2 or later - atomic_version = StrictVersion(version_out.replace('\n', '')) - if atomic_version < StrictVersion('1.17.2'): - module.fail_json( - msg="atomic version 1.17.2+ is required", - err=str(atomic_version)) - - try: - core(module) - except Exception as e: # pylint: disable=broad-except - module.fail_json(msg=str(e)) - - -if __name__ == '__main__': - main() - -# -*- -*- -*- End included fragment: ansible/oc_atomic_container.py -*- -*- -*- diff --git a/roles/lib_openshift/library/oc_csr_approve.py b/roles/lib_openshift/library/oc_csr_approve.py index c48be970d30..7d93f2c6240 100644 --- a/roles/lib_openshift/library/oc_csr_approve.py +++ b/roles/lib_openshift/library/oc_csr_approve.py @@ -53,60 +53,6 @@ CERT_MODE = {'client': 'client auth', 'server': 'server auth'} -def run_command(module, command, rc_opts=None): - '''Run a command using AnsibleModule.run_command, or fail''' - if rc_opts is None: - rc_opts = {} - rtnc, stdout, err = module.run_command(command, **rc_opts) - if rtnc: - result = {'failed': True, - 'changed': False, - 'msg': str(err), - 'state': 'unknown'} - module.fail_json(**result) - return stdout - - -def get_ready_nodes(module, oc_bin, oc_conf): - '''Get list of nodes currently ready vi oc''' - # json output is necessary for consistency here. - command = "{} {} get nodes -ojson".format(oc_bin, oc_conf) - stdout = run_command(module, command) - - try: - data = json.loads(stdout) - except JSONDecodeError as err: - result = {'failed': True, - 'changed': False, - 'msg': str(err), - 'state': 'unknown'} - module.fail_json(**result) - - ready_nodes = [] - for node in data['items']: - if node.get('status') and node['status'].get('conditions'): - for condition in node['status']['conditions']: - # "True" is a string here, not a boolean. - if condition['type'] == "Ready" and condition['status'] == 'True': - ready_nodes.append(node['metadata']['name']) - return ready_nodes - - -def get_csrs(module, oc_bin, oc_conf): - '''Retrieve csrs from cluster using oc get csr -ojson''' - command = "{} {} get csr -ojson".format(oc_bin, oc_conf) - stdout = run_command(module, command) - try: - data = json.loads(stdout) - except JSONDecodeError as err: - result = {'failed': True, - 'changed': False, - 'msg': str(err), - 'state': 'unknown'} - module.fail_json(**result) - return data['items'] - - def parse_subject_cn(subject_str): '''parse output of openssl req -noout -subject to retrieve CN. example input: @@ -125,114 +71,228 @@ def parse_subject_cn(subject_str): return item_parts[1] -def process_csrs(module, csrs, node_list, mode): - '''Return a dictionary of pending csrs where the format of the dict is - k=csr name, v=Subject Common Name''' - csr_dict = {} - for item in csrs: - status = item['status'].get('conditions') - if status: - # If status is not an empty dictionary, cert is not pending. - continue - if CERT_MODE[mode] not in item['spec']['usages']: - continue - name = item['metadata']['name'] - request_data = base64.b64decode(item['spec']['request']) - command = "openssl req -noout -subject" - # ansible's module.run_command accepts data to pipe via stdin as - # as 'data' kwarg. - rc_opts = {'data': request_data, 'binary_data': True} - stdout = run_command(module, command, rc_opts=rc_opts) - # parse common_name from subject string. - common_name = parse_subject_cn(stdout) - if common_name and common_name.startswith('system:node:'): - # common name is typically prepended with system:node:. - common_name = common_name.split('system:node:')[1] - # we only want to approve csrs from nodes we know about. - if common_name in node_list: - csr_dict[name] = common_name - - return csr_dict - - -def confirm_needed_requests_present(module, not_ready_nodes, csr_dict): - '''Ensure all non-Ready nodes have a csr, or fail''' - nodes_needed = set(not_ready_nodes) - for _, val in csr_dict.items(): - nodes_needed.discard(val) - - # check that we found all of our needed nodes - if nodes_needed: - missing_nodes = ', '.join(nodes_needed) - result = {'failed': True, - 'changed': False, - 'msg': "Could not find csr for nodes: {}".format(missing_nodes), - 'state': 'unknown'} - module.fail_json(**result) - - -def approve_csrs(module, oc_bin, oc_conf, csr_pending_list, mode): - '''Loop through csr_pending_list and call: - oc adm certificate approve ''' - res_mode = "{}_approve_results".format(mode) - base_command = "{} {} adm certificate approve {}" - approve_results = [] - for csr in csr_pending_list: - command = base_command.format(oc_bin, oc_conf, csr) - rtnc, stdout, err = module.run_command(command) - approve_results.append(stdout) +class CSRapprove(object): + """Approves csr requests""" + + def __init__(self, module, oc_bin, oc_conf, node_list): + '''init method''' + self.module = module + self.oc_bin = oc_bin + self.oc_conf = oc_conf + self.node_list = node_list + self.all_subjects_found = [] + self.unwanted_csrs = [] + # Build a dictionary to hold all of our output information so nothing + # is lost when we fail. + self.result = {'changed': False, 'rc': 0, + 'oc_get_nodes': None, + 'client_csrs': None, + 'server_csrs': None, + 'all_subjects_found': self.all_subjects_found, + 'client_approve_results': [], + 'server_approve_results': [], + 'unwanted_csrs': self.unwanted_csrs} + + def run_command(self, command, rc_opts=None): + '''Run a command using AnsibleModule.run_command, or fail''' + if rc_opts is None: + rc_opts = {} + rtnc, stdout, err = self.module.run_command(command, **rc_opts) if rtnc: - result = {'failed': True, - 'changed': False, - 'msg': str(err), - res_mode: approve_results, - 'state': 'unknown'} - module.fail_json(**result) - return approve_results - - -def get_ready_nodes_server(module, oc_bin, oc_conf, nodes_list): - '''Determine which nodes have working server certificates''' - ready_nodes_server = [] - base_command = "{} {} get --raw /api/v1/nodes/{}/proxy/healthz" - for node in nodes_list: - # need this to look like /api/v1/nodes//proxy/healthz - command = base_command.format(oc_bin, oc_conf, node) - rtnc, _, _ = module.run_command(command) - if not rtnc: - # if we can hit that api endpoint, the node has a valid server - # cert. - ready_nodes_server.append(node) - return ready_nodes_server - - -def verify_server_csrs(module, result, oc_bin, oc_conf, node_list): - '''We approved some server csrs, now we need to validate they are working. - This function will attempt to retry 10 times in case of failure.''' - # Attempt to try node endpoints a few times. - attempts = 0 - # Find not_ready_nodes for server-side again - nodes_server_ready = get_ready_nodes_server(module, oc_bin, oc_conf, - node_list) - # Create list of nodes that still aren't ready. - not_ready_nodes_server = set([item for item in node_list if item not in nodes_server_ready]) - while not_ready_nodes_server: - nodes_server_ready = get_ready_nodes_server(module, oc_bin, oc_conf, - not_ready_nodes_server) - - # if we have same number of nodes_server_ready now, all of the previous - # not_ready_nodes are now ready. - if not len(not_ready_nodes_server - set(nodes_server_ready)): - break - attempts += 1 - if attempts > 9: - result['failed'] = True - result['rc'] = 1 - missing_nodes = not_ready_nodes_server - set(nodes_server_ready) - msg = "Some nodes still not ready after approving server certs: {}" - msg = msg.format(", ".join(missing_nodes)) - result['msg'] = msg - module.fail_json(**result) + self.result['failed'] = True + self.result['msg'] = str(err) + self.result['state'] = 'unknown' + self.module.fail_json(**self.result) + return stdout + + def get_nodes(self): + '''Get all nodes via oc get nodes -ojson''' + # json output is necessary for consistency here. + command = "{} {} get nodes -ojson".format(self.oc_bin, self.oc_conf) + stdout = self.run_command(command) + try: + data = json.loads(stdout) + except JSONDecodeError as err: + self.result['failed'] = True + self.result['msg'] = str(err) + self.result['state'] = 'unknown' + self.module.fail_json(**self.result) + self.result['oc_get_nodes'] = data + return [node['metadata']['name'] for node in data['items']] + + def get_csrs(self): + '''Retrieve csrs from cluster using oc get csr -ojson''' + command = "{} {} get csr -ojson".format(self.oc_bin, self.oc_conf) + stdout = self.run_command(command) + try: + data = json.loads(stdout) + except JSONDecodeError as err: + self.result['failed'] = True + self.result['msg'] = str(err) + self.result['state'] = 'unknown' + self.module.fail_json(**self.result) + return data['items'] + + def process_csrs(self, csrs, mode): + '''Return a dictionary of pending csrs where the format of the dict is + k=csr name, v=Subject Common Name''' + csr_dict = {} + for item in csrs: + name = item['metadata']['name'] + request_data = base64.b64decode(item['spec']['request']) + command = "openssl req -noout -subject" + # ansible's module.run_command accepts data to pipe via stdin as + # as 'data' kwarg. + rc_opts = {'data': request_data, 'binary_data': True} + stdout = self.run_command(command, rc_opts=rc_opts) + self.all_subjects_found.append(stdout) + + status = item['status'].get('conditions') + if status: + # If status is not an empty dictionary, cert is not pending. + self.unwanted_csrs.append(item) + continue + if CERT_MODE[mode] not in item['spec']['usages']: + self.unwanted_csrs.append(item) + continue + # parse common_name from subject string. + common_name = parse_subject_cn(stdout) + if common_name and common_name.startswith('system:node:'): + # common name is typically prepended with system:node:. + common_name = common_name.split('system:node:')[1] + # we only want to approve csrs from nodes we know about. + if common_name in self.node_list: + csr_dict[name] = common_name + else: + self.unwanted_csrs.append(item) + + return csr_dict + + def confirm_needed_requests_present(self, not_ready_nodes, csr_dict): + '''Ensure all non-Ready nodes have a csr, or fail''' + nodes_needed = set(not_ready_nodes) + for _, val in csr_dict.items(): + nodes_needed.discard(val) + + # check that we found all of our needed nodes + if nodes_needed: + missing_nodes = ', '.join(nodes_needed) + self.result['failed'] = True + self.result['msg'] = "Could not find csr for nodes: {}".format(missing_nodes) + self.result['state'] = 'unknown' + self.module.fail_json(**self.result) + + def approve_csrs(self, csr_pending_list, mode): + '''Loop through csr_pending_list and call: + oc adm certificate approve ''' + res_mode = "{}_approve_results".format(mode) + base_command = "{} {} adm certificate approve {}" + approve_results = [] + for csr in csr_pending_list: + command = base_command.format(self.oc_bin, self.oc_conf, csr) + rtnc, stdout, err = self.module.run_command(command) + approve_results.append(stdout) + if rtnc: + self.result['failed'] = True + self.result['msg'] = str(err) + self.result[res_mode] = approve_results + self.result['state'] = 'unknown' + self.module.fail_json(**self.result) + self.result[res_mode] = approve_results + # We set changed for approved client or server csrs. + self.result['changed'] = bool(approve_results) or bool(self.result['changed']) + + def get_ready_nodes_server(self, nodes_list): + '''Determine which nodes have working server certificates''' + ready_nodes_server = [] + base_command = "{} {} get --raw /api/v1/nodes/{}/proxy/healthz" + for node in nodes_list: + # need this to look like /api/v1/nodes//proxy/healthz + command = base_command.format(self.oc_bin, self.oc_conf, node) + rtnc, _, _ = self.module.run_command(command) + if not rtnc: + # if we can hit that api endpoint, the node has a valid server + # cert. + ready_nodes_server.append(node) + return ready_nodes_server + + def verify_server_csrs(self): + '''We approved some server csrs, now we need to validate they are working. + This function will attempt to retry 10 times in case of failure.''' + # Attempt to try node endpoints a few times. + attempts = 0 + # Find not_ready_nodes for server-side again + nodes_server_ready = self.get_ready_nodes_server(self.node_list) + # Create list of nodes that still aren't ready. + not_ready_nodes_server = set([item for item in self.node_list if item not in nodes_server_ready]) + while not_ready_nodes_server: + nodes_server_ready = self.get_ready_nodes_server(not_ready_nodes_server) + + # if we have same number of nodes_server_ready now, all of the previous + # not_ready_nodes are now ready. + if not len(not_ready_nodes_server - set(nodes_server_ready)): + break + attempts += 1 + if attempts > 9: + self.result['failed'] = True + self.result['rc'] = 1 + missing_nodes = not_ready_nodes_server - set(nodes_server_ready) + msg = "Some nodes still not ready after approving server certs: {}" + msg = msg.format(", ".join(missing_nodes)) + self.result['msg'] = msg + self.module.fail_json(**self.result) + + def run(self): + '''execute the csr approval process''' + all_nodes = self.get_nodes() + # don't need to check nodes that have already joined the cluster because + # client csr needs to be approved for now to show in output of + # oc get nodes. + not_found_nodes = [item for item in self.node_list + if item not in all_nodes] + + # Get all csrs, no good way to filter on pending. + client_csrs = self.get_csrs() + # process data in csrs and build a dictionary of client requests + client_csr_dict = self.process_csrs(client_csrs, "client") + self.result['client_csrs'] = client_csr_dict + + # This method is fail-happy and expects all not found nodes have available + # csrs. Handle failure for this method via ansible retry/until. + self.confirm_needed_requests_present(not_found_nodes, + client_csr_dict) + # If for some reason a node is found in oc get nodes but it still needs + # a client csr approved, this method will approve all outstanding + # client csrs for any node in our self.node_list. + self.approve_csrs(client_csr_dict, 'client') + + # # Server Cert Section # # + # Find not_ready_nodes for server-side + nodes_server_ready = self.get_ready_nodes_server(self.node_list) + # Create list of nodes that definitely need a server cert approved. + not_ready_nodes_server = [item for item in self.node_list + if item not in nodes_server_ready] + + # Get all csrs again, no good way to filter on pending. + server_csrs = self.get_csrs() + # process data in csrs and build a dictionary of server requests + server_csr_dict = self.process_csrs(server_csrs, "server") + self.result['server_csrs'] = server_csr_dict + + # This will fail if all server csrs are not present, but probably shouldn't + # at this point since we spent some time hitting the api to see if the + # nodes are already responding. + self.confirm_needed_requests_present(not_ready_nodes_server, + server_csr_dict) + self.approve_csrs(server_csr_dict, 'server') + + self.verify_server_csrs() + + # We made it here, everything was successful, cleanup some debug info + # so we don't spam logs. + for key in ('client_csrs', 'server_csrs', 'unwanted_csrs'): + self.result.pop(key) + self.module.exit_json(**self.result) def run_module(): @@ -250,53 +310,8 @@ def run_module(): oc_conf = '--config={}'.format(module.params['oc_conf']) node_list = module.params['node_list'] - result = {'changed': False, 'rc': 0} - - nodes_ready = get_ready_nodes(module, oc_bin, oc_conf) - # don't need to check nodes that are already ready. - not_ready_nodes = [item for item in node_list if item not in nodes_ready] - - # Get all csrs, no good way to filter on pending. - csrs = get_csrs(module, oc_bin, oc_conf) - - # process data in csrs and build a dictionary of client requests - csr_dict = process_csrs(module, csrs, node_list, "client") - - # This method is fail-happy and expects all non-Ready nodes have available - # csrs. Handle failure for this method via ansible retry/until. - confirm_needed_requests_present(module, not_ready_nodes, csr_dict) - - # save client_approve_results so we can report later. - client_approve_results = approve_csrs(module, oc_bin, oc_conf, csr_dict, - 'client') - result['client_approve_results'] = client_approve_results - - # # Server Cert Section # # - # Find not_ready_nodes for server-side - nodes_server_ready = get_ready_nodes_server(module, oc_bin, oc_conf, - node_list) - # Create list of nodes that definitely need a server cert approved. - not_ready_nodes_server = [item for item in node_list if item not in nodes_server_ready] - - # Get all csrs again, no good way to filter on pending. - csrs = get_csrs(module, oc_bin, oc_conf) - - # process data in csrs and build a dictionary of server requests - csr_dict = process_csrs(module, csrs, node_list, "server") - - # This will fail if all server csrs are not present, but probably shouldn't - # at this point since we spent some time hitting the api to see if the - # nodes are already responding. - confirm_needed_requests_present(module, not_ready_nodes_server, csr_dict) - server_approve_results = approve_csrs(module, oc_bin, oc_conf, csr_dict, - 'server') - result['server_approve_results'] = server_approve_results - - result['changed'] = bool(client_approve_results) or bool(server_approve_results) - - verify_server_csrs(module, result, oc_bin, oc_conf, node_list) - - module.exit_json(**result) + approver = CSRapprove(module, oc_bin, oc_conf, node_list) + approver.run() def main(): diff --git a/roles/lib_openshift/library/oc_group.py b/roles/lib_openshift/library/oc_group.py index afab1d86df0..98c7ebe5b1b 100644 --- a/roles/lib_openshift/library/oc_group.py +++ b/roles/lib_openshift/library/oc_group.py @@ -1522,7 +1522,7 @@ def get(self): result = self._get(self.kind, self.config.name) if result['returncode'] == 0: self.group = Group(content=result['results'][0]) - elif 'groups \"{}\" not found'.format(self.config.name) in result['stderr']: + elif 'groups.user.openshift.io \"{}\" not found'.format(self.config.name) in result['stderr']: result['returncode'] = 0 result['results'] = [{}] diff --git a/roles/lib_openshift/src/ansible/oc_atomic_container.py b/roles/lib_openshift/src/ansible/oc_atomic_container.py deleted file mode 100644 index b77902548cd..00000000000 --- a/roles/lib_openshift/src/ansible/oc_atomic_container.py +++ /dev/null @@ -1,159 +0,0 @@ -# pylint: skip-file -# flake8: noqa - -# pylint: disable=wrong-import-position,too-many-branches,invalid-name,no-name-in-module, import-error -import json -import os - -from distutils.version import StrictVersion - -from ansible.module_utils.basic import AnsibleModule - - -def _install(module, container, image, values_list): - ''' install a container using atomic CLI. values_list is the list of --set arguments. - container is the name given to the container. image is the image to use for the installation. ''' - # NOTE: system-package=no is hardcoded. This should be changed to an option in the future. - args = ['atomic', 'install', '--system', '--system-package=no', - '--name=%s' % container] + values_list + [image] - rc, out, err = module.run_command(args, check_rc=False) - if rc != 0: - return rc, out, err, False - else: - changed = "Extracting" in out or "Copying blob" in out - return rc, out, err, changed - -def _uninstall(module, name): - ''' uninstall an atomic container by its name. ''' - args = ['atomic', 'uninstall', name] - rc, out, err = module.run_command(args, check_rc=False) - return rc, out, err, False - -def _ensure_service_file_is_removed(container): - '''atomic install won't overwrite existing service file, so it needs to be removed''' - service_path = '/etc/systemd/system/{}.service'.format(container) - if not os.path.exists(service_path): - return - os.remove(service_path) - -def do_install(module, container, image, values_list): - ''' install a container and exit the module. ''' - _ensure_service_file_is_removed(container) - - rc, out, err, changed = _install(module, container, image, values_list) - if rc != 0: - module.fail_json(rc=rc, msg=err) - else: - module.exit_json(msg=out, changed=changed) - - -def do_uninstall(module, name): - ''' uninstall a container and exit the module. ''' - rc, out, err, changed = _uninstall(module, name) - if rc != 0: - module.fail_json(rc=rc, msg=err) - module.exit_json(msg=out, changed=changed) - - -def do_update(module, container, old_image, image, values_list): - ''' update a container and exit the module. If the container uses a different - image than the current installed one, then first uninstall the old one ''' - - # the image we want is different than the installed one - if old_image != image: - rc, out, err, _ = _uninstall(module, container) - if rc != 0: - module.fail_json(rc=rc, msg=err) - return do_install(module, container, image, values_list) - - # if the image didn't change, use "atomic containers update" - args = ['atomic', 'containers', 'update'] + values_list + [container] - rc, out, err = module.run_command(args, check_rc=False) - if rc != 0: - module.fail_json(rc=rc, msg=err) - else: - changed = "Extracting" in out or "Copying blob" in out - module.exit_json(msg=out, changed=changed) - - -def do_rollback(module, name): - ''' move to the previous deployment of the container, if present, and exit the module. ''' - args = ['atomic', 'containers', 'rollback', name] - rc, out, err = module.run_command(args, check_rc=False) - if rc != 0: - module.fail_json(rc=rc, msg=err) - else: - changed = "Rolling back" in out - module.exit_json(msg=out, changed=changed) - - -def core(module): - ''' entrypoint for the module. ''' - name = module.params['name'] - image = module.params['image'] - values = module.params['values'] - state = module.params['state'] - - module.run_command_environ_update = dict(LANG='C', LC_ALL='C', LC_MESSAGES='C') - out = {} - err = {} - rc = 0 - - values_list = ["--set=%s" % x for x in values] if values else [] - - args = ['atomic', 'containers', 'list', '--json', '--all', '-f', 'container=%s' % name] - rc, out, err = module.run_command(args, check_rc=False) - if rc != 0: - module.fail_json(rc=rc, msg=err) - return - - # NOTE: "or '[]' is a workaround until atomic containers list --json - # provides an empty list when no containers are present. - containers = json.loads(out or '[]') - present = len(containers) > 0 - old_image = containers[0]["image_name"] if present else None - - if state == 'present' and present: - module.exit_json(msg=out, changed=False) - elif (state in ['latest', 'present']) and not present: - do_install(module, name, image, values_list) - elif state == 'latest': - do_update(module, name, old_image, image, values_list) - elif state == 'absent': - if not present: - module.exit_json(msg="", changed=False) - else: - do_uninstall(module, name) - elif state == 'rollback': - do_rollback(module, name) - - -def main(): - module = AnsibleModule( - argument_spec=dict( - name=dict(default=None, required=True), - image=dict(default=None, required=True), - state=dict(default='latest', choices=['present', 'absent', 'latest', 'rollback']), - values=dict(type='list', default=[]), - ), - ) - - # Verify that the platform supports atomic command - rc, version_out, err = module.run_command('rpm -q --queryformat "%{VERSION}\n" atomic', check_rc=False) - if rc != 0: - module.fail_json(msg="Error in running atomic command", err=err) - # This module requires atomic version 1.17.2 or later - atomic_version = StrictVersion(version_out.replace('\n', '')) - if atomic_version < StrictVersion('1.17.2'): - module.fail_json( - msg="atomic version 1.17.2+ is required", - err=str(atomic_version)) - - try: - core(module) - except Exception as e: # pylint: disable=broad-except - module.fail_json(msg=str(e)) - - -if __name__ == '__main__': - main() diff --git a/roles/lib_openshift/src/class/oc_group.py b/roles/lib_openshift/src/class/oc_group.py index 8906afa1016..739f6173e57 100644 --- a/roles/lib_openshift/src/class/oc_group.py +++ b/roles/lib_openshift/src/class/oc_group.py @@ -39,7 +39,7 @@ def get(self): result = self._get(self.kind, self.config.name) if result['returncode'] == 0: self.group = Group(content=result['results'][0]) - elif 'groups \"{}\" not found'.format(self.config.name) in result['stderr']: + elif 'groups.user.openshift.io \"{}\" not found'.format(self.config.name) in result['stderr']: result['returncode'] = 0 result['results'] = [{}] diff --git a/roles/lib_openshift/src/doc/atomic_container b/roles/lib_openshift/src/doc/atomic_container deleted file mode 100644 index 53fc40f362a..00000000000 --- a/roles/lib_openshift/src/doc/atomic_container +++ /dev/null @@ -1,36 +0,0 @@ -# flake8: noqa -# pylint: skip-file - -DOCUMENTATION = ''' ---- -module: oc_atomic_container -short_description: Manage the container images on the atomic host platform -description: - - Manage the container images on the atomic host platform - - Allows to execute the commands on the container images -requirements: - - atomic - - "python >= 2.6" -options: - name: - description: - - Name of the container - required: True - default: null - image: - description: - - The image to use to install the container - required: True - default: null - state: - description: - - State of the container - required: True - choices: ["latest", "absent", "latest", "rollback"] - default: "latest" - values: - description: - - Values for the installation of the container - required: False - default: None -''' diff --git a/roles/lib_openshift/src/sources.yml b/roles/lib_openshift/src/sources.yml index 4636f6b9bf9..96252e67030 100644 --- a/roles/lib_openshift/src/sources.yml +++ b/roles/lib_openshift/src/sources.yml @@ -83,12 +83,6 @@ oc_adm_router.py: - class/oc_adm_router.py - ansible/oc_adm_router.py -oc_atomic_container.py: -- doc/generated -- doc/license -- doc/atomic_container -- ansible/oc_atomic_container.py - oc_configmap.py: - doc/generated - doc/license diff --git a/roles/lib_openshift/src/test/unit/test_oc_group.py b/roles/lib_openshift/src/test/unit/test_oc_group.py index 8eef3781071..b09ec3137f8 100755 --- a/roles/lib_openshift/src/test/unit/test_oc_group.py +++ b/roles/lib_openshift/src/test/unit/test_oc_group.py @@ -46,8 +46,8 @@ def test_create_group(self, mock_run, mock_tmpfile_copy): }''' mock_run.side_effect = [ - (1, '', 'Error from server: groups "acme" not found'), - (1, '', 'Error from server: groups "acme" not found'), + (1, '', 'Error from server: groups.user.openshift.io "acme" not found'), + (1, '', 'Error from server: groups.user.openshift.io "acme" not found'), (0, '', ''), (0, group, ''), ] @@ -70,7 +70,7 @@ def test_failed_get_group(self, mock_run, mock_tmpfile_copy): params['name'] = 'noexist' mock_run.side_effect = [ - (1, '', 'Error from server: groups "acme" not found'), + (1, '', 'Error from server: groups.user.openshift.io "acme" not found'), ] mock_tmpfile_copy.side_effect = [ diff --git a/roles/lib_openshift/test/test_oc_csr_approve.py b/roles/lib_openshift/test/test_oc_csr_approve.py index e9916316109..5b33d97a31c 100755 --- a/roles/lib_openshift/test/test_oc_csr_approve.py +++ b/roles/lib_openshift/test/test_oc_csr_approve.py @@ -16,6 +16,7 @@ sys.path.insert(1, MODULE_PATH) import oc_csr_approve # noqa +from oc_csr_approve import CSRapprove # noqa # base path for text files with sample outputs. ASSET_PATH = os.path.realpath(os.path.join(__file__, os.pardir, 'test_data')) @@ -42,21 +43,23 @@ def test_parse_subject_cn(): assert oc_csr_approve.parse_subject_cn(subject) == 'test.io' -def test_get_ready_nodes(): +def test_get_nodes(): output_file = os.path.join(ASSET_PATH, 'oc_get_nodes.json') with open(output_file) as stdoutfile: oc_get_nodes_stdout = stdoutfile.read() module = DummyModule({}) + approver = CSRapprove(module, 'oc', '/dev/null', []) with patch(RUN_CMD_MOCK) as call_mock: call_mock.return_value = (0, oc_get_nodes_stdout, '') - ready_nodes = oc_csr_approve.get_ready_nodes(module, 'oc', '/dev/null') - assert ready_nodes == ['fedora1.openshift.io', 'fedora3.openshift.io'] + all_nodes = approver.get_nodes() + assert all_nodes == ['fedora1.openshift.io', 'fedora2.openshift.io', 'fedora3.openshift.io'] def test_get_csrs(): module = DummyModule({}) + approver = CSRapprove(module, 'oc', '/dev/null', []) output_file = os.path.join(ASSET_PATH, 'oc_csr_approve_pending.json') with open(output_file) as stdoutfile: oc_get_csr_out = stdoutfile.read() @@ -64,7 +67,7 @@ def test_get_csrs(): # mock oc get csr call to cluster with patch(RUN_CMD_MOCK) as call_mock: call_mock.return_value = (0, oc_get_csr_out, '') - csrs = oc_csr_approve.get_csrs(module, 'oc', '/dev/null') + csrs = approver.get_csrs() assert csrs[0]['kind'] == "CertificateSigningRequest" @@ -74,50 +77,46 @@ def test_get_csrs(): # mock openssl req call. node_list = ['fedora2.mguginolocal.com'] + approver = CSRapprove(module, 'oc', '/dev/null', node_list) with patch(RUN_CMD_MOCK) as call_mock: call_mock.return_value = (0, openssl_out, '') - csr_dict = oc_csr_approve.process_csrs(module, csrs, node_list, "client") + csr_dict = approver.process_csrs(csrs, "client") # actually run openssl req call. - csr_dict = oc_csr_approve.process_csrs(module, csrs, node_list, "client") + csr_dict = approver.process_csrs(csrs, "client") assert csr_dict['node-csr-TkefytQp8Dz4Xp7uzcw605MocvI0gWuEOGNrHhOjGNQ'] == 'fedora2.mguginolocal.com' def test_confirm_needed_requests_present(): module = DummyModule({}) csr_dict = {'some-csr': 'fedora1.openshift.io'} - not_ready_nodes = ['host1'] + not_found_nodes = ['host1'] + approver = CSRapprove(module, 'oc', '/dev/null', []) with pytest.raises(Exception) as err: - oc_csr_approve.confirm_needed_requests_present( - module, not_ready_nodes, csr_dict) - assert 'Exception: Could not find csr for nodes: host1' in str(err) + approver.confirm_needed_requests_present(not_found_nodes, csr_dict) + assert 'Exception: Could not find csr for nodes: host1' in str(err) - not_ready_nodes = ['fedora1.openshift.io'] + not_found_nodes = ['fedora1.openshift.io'] # this should complete silently - oc_csr_approve.confirm_needed_requests_present( - module, not_ready_nodes, csr_dict) + approver.confirm_needed_requests_present(not_found_nodes, csr_dict) def test_approve_csrs(): module = DummyModule({}) - oc_bin = 'oc' - oc_conf = '/dev/null' csr_dict = {'csr-1': 'example.openshift.io'} + approver = CSRapprove(module, 'oc', '/dev/null', []) with patch(RUN_CMD_MOCK) as call_mock: call_mock.return_value = (0, 'csr-1 ok', '') - client_approve_results = oc_csr_approve.approve_csrs( - module, oc_bin, oc_conf, csr_dict, 'client') - assert client_approve_results == ['csr-1 ok'] + approver.approve_csrs(csr_dict, 'client') + assert approver.result['client_approve_results'] == ['csr-1 ok'] def test_get_ready_nodes_server(): module = DummyModule({}) - oc_bin = 'oc' - oc_conf = '/dev/null' nodes_list = ['fedora1.openshift.io'] + approver = CSRapprove(module, 'oc', '/dev/null', nodes_list) with patch(RUN_CMD_MOCK) as call_mock: call_mock.return_value = (0, 'ok', '') - ready_nodes_server = oc_csr_approve.get_ready_nodes_server( - module, oc_bin, oc_conf, nodes_list) + ready_nodes_server = approver.get_ready_nodes_server(nodes_list) assert ready_nodes_server == ['fedora1.openshift.io'] @@ -127,10 +126,11 @@ def test_get_csrs_server(): with open(output_file) as stdoutfile: oc_get_csr_out = stdoutfile.read() + approver = CSRapprove(module, 'oc', '/dev/null', []) # mock oc get csr call to cluster with patch(RUN_CMD_MOCK) as call_mock: call_mock.return_value = (0, oc_get_csr_out, '') - csrs = oc_csr_approve.get_csrs(module, 'oc', '/dev/null') + csrs = approver.get_csrs() assert csrs[0]['kind'] == "CertificateSigningRequest" @@ -139,43 +139,41 @@ def test_get_csrs_server(): openssl_out = stdoutfile.read() node_list = ['fedora1.openshift.io'] - + approver = CSRapprove(module, 'oc', '/dev/null', node_list) # mock openssl req call. with patch(RUN_CMD_MOCK) as call_mock: call_mock.return_value = (0, openssl_out, '') - csr_dict = oc_csr_approve.process_csrs(module, csrs, node_list, "server") + csr_dict = approver.process_csrs(csrs, "server") # actually run openssl req call. node_list = ['fedora2.mguginolocal.com'] - csr_dict = oc_csr_approve.process_csrs(module, csrs, node_list, "server") + approver = CSRapprove(module, 'oc', '/dev/null', node_list) + csr_dict = approver.process_csrs(csrs, "server") assert csr_dict['csr-2cxkp'] == 'fedora2.mguginolocal.com' def test_verify_server_csrs(): module = DummyModule({}) - oc_bin = 'oc' - oc_conf = '/dev/null' - result = {} ready_nodes_server = ['fedora1.openshift.io'] node_list = ['fedora1.openshift.io'] - with patch('oc_csr_approve.get_ready_nodes_server') as call_mock: + approver = CSRapprove(module, 'oc', '/dev/null', node_list) + with patch('oc_csr_approve.CSRapprove.get_ready_nodes_server') as call_mock: call_mock.return_value = ready_nodes_server # This should silently return - oc_csr_approve.verify_server_csrs(module, result, oc_bin, oc_conf, - node_list) + approver.verify_server_csrs() node_list = ['fedora1.openshift.io', 'fedora2.openshift.io'] - with patch('oc_csr_approve.get_ready_nodes_server') as call_mock: + approver = CSRapprove(module, 'oc', '/dev/null', node_list) + with patch('oc_csr_approve.CSRapprove.get_ready_nodes_server') as call_mock: call_mock.return_value = ready_nodes_server with pytest.raises(Exception) as err: - oc_csr_approve.verify_server_csrs(module, result, oc_bin, oc_conf, - node_list) + approver.verify_server_csrs() assert 'after approving server certs: fedora2.openshift.io' in str(err) if __name__ == '__main__': test_parse_subject_cn() - test_get_ready_nodes() + test_get_nodes() test_get_csrs() test_confirm_needed_requests_present() test_approve_csrs() diff --git a/roles/lib_utils/action_plugins/generate_pv_pvcs_list.py b/roles/lib_utils/action_plugins/generate_pv_pvcs_list.py index dea4a991687..4a77b02c29b 100644 --- a/roles/lib_utils/action_plugins/generate_pv_pvcs_list.py +++ b/roles/lib_utils/action_plugins/generate_pv_pvcs_list.py @@ -188,6 +188,7 @@ def run(self, tmp=None, task_vars=None): result["failed"] = False result["msg"] = "persistent_volumes list and persistent_volume_claims list created" vars_to_check = ['openshift_hosted_registry_storage', + 'openshift_hosted_registry_glusterfs_storage', 'openshift_hosted_router_storage', 'openshift_hosted_etcd_storage', 'openshift_logging_storage', diff --git a/roles/lib_utils/action_plugins/master_check_paths_in_config.py b/roles/lib_utils/action_plugins/master_check_paths_in_config.py index d7ad3a0e233..1ba67f68720 100644 --- a/roles/lib_utils/action_plugins/master_check_paths_in_config.py +++ b/roles/lib_utils/action_plugins/master_check_paths_in_config.py @@ -29,11 +29,13 @@ MIGRATED_ITEMS = ", ".join([".".join(x) for x in ITEMS_TO_POP]) ALLOWED_DIRS = ( + '/dev/null', '/etc/origin/master/', '/var/lib/origin', '/etc/origin/cloudprovider', '/etc/origin/kubelet-plugins', '/usr/libexec/kubernetes/kubelet-plugins', + '/var/log/origin', ) ALLOWED_DIRS_STRING = ', '.join(ALLOWED_DIRS) @@ -117,7 +119,7 @@ def run(self, tmp=None, task_vars=None): # We migrate some paths for users automatically, so we pop those. pop_migrated_fields(mastercfg) - # Create an empty list to append strings from our config file to to check + # Create an empty list to append strings from our config file to check # later. strings_to_check = [] diff --git a/roles/lib_utils/action_plugins/sanity_checks.py b/roles/lib_utils/action_plugins/sanity_checks.py index 2b335cf6804..5792135fb85 100644 --- a/roles/lib_utils/action_plugins/sanity_checks.py +++ b/roles/lib_utils/action_plugins/sanity_checks.py @@ -2,6 +2,7 @@ Ansible action plugin to ensure inventory variables are set appropriately and no conflicting options have been provided. """ +import fnmatch import json import re @@ -54,15 +55,13 @@ STORAGE_KIND_TUPLE = ( 'openshift_loggingops_storage_kind', 'openshift_logging_storage_kind', - 'openshift_metrics_storage_kind', - 'openshift_prometheus_alertbuffer_storage_kind', - 'openshift_prometheus_alertmanager_storage_kind', - 'openshift_prometheus_storage_kind') + 'openshift_metrics_storage_kind') IMAGE_POLICY_CONFIG_VAR = "openshift_master_image_policy_config" ALLOWED_REGISTRIES_VAR = "openshift_master_image_policy_allowed_registries_for_import" REMOVED_VARIABLES = ( + ('openshift_hostname', 'Removed: See documentation'), # TODO(michaelgugino): Remove in 3.12 ('oreg_auth_credentials_replace', 'Removed: Credentials are now always updated'), ('oreg_url_master', 'oreg_url'), @@ -330,10 +329,10 @@ def network_plugin_check(self, hostvars, host): raise errors.AnsibleModuleError(msg) def check_hostname_vars(self, hostvars, host): - """Checks to ensure openshift_hostname + """Checks to ensure openshift_kubelet_name_override and openshift_public_hostname conform to the proper length of 63 characters or less""" - for varname in ('openshift_public_hostname', 'openshift_hostname'): + for varname in ('openshift_public_hostname', 'openshift_kubelet_name_override'): var_value = self.template_var(hostvars, host, varname) if var_value and len(var_value) > 63: msg = '{} must be 63 characters or less'.format(varname) @@ -384,7 +383,7 @@ def check_unsupported_nfs_configs(self, hostvars, host): if kind == 'nfs': raise errors.AnsibleModuleError( 'nfs is an unsupported type for {}. ' - 'openshift_enable_unsupported_configurations=True must' + 'openshift_enable_unsupported_configurations=True must ' 'be specified to continue with this configuration.' ''.format(storage)) return None @@ -442,9 +441,9 @@ def validate_json_format_vars(self, hostvars, host): def check_for_oreg_password(self, hostvars, host, odt): """Ensure oreg_password is defined when using registry.redhat.io""" reg_to_check = 'registry.redhat.io' - err_msg = ("oreg_auth_user and oreg_auth_password must be provided when" + err_msg = ("oreg_auth_user and oreg_auth_password must be provided when " "deploying openshift-enterprise") - err_msg2 = ("oreg_auth_user and oreg_auth_password must be provided when using" + err_msg2 = ("oreg_auth_user and oreg_auth_password must be provided when using " "{}".format(reg_to_check)) oreg_password = self.template_var(hostvars, host, 'oreg_auth_password') @@ -534,23 +533,6 @@ def is_registry_match(item, pattern): of the registries will be listed without the port and insecure flag. """ item = "schema://" + item.split('://', 1)[-1] - return is_match(urlparse(item).hostname, pattern.rsplit(':', 1)[0]) - - -# taken from https://leetcode.com/problems/wildcard-matching/discuss/17845/python-dp-solution -# (the same source as for openshift/origin/pkg/util/strings/wildcard.go) -def is_match(item, pattern): - """implements DP algorithm for string matching""" - length = len(item) - if len(pattern) - pattern.count('*') > length: - return False - matches = [True] + [False] * length - for i in pattern: - if i != '*': - for index in reversed(range(length)): - matches[index + 1] = matches[index] and (i == item[index] or i == '?') - else: - for index in range(1, length + 1): - matches[index] = matches[index - 1] or matches[index] - matches[0] = matches[0] and i == '*' - return matches[-1] + pat = pattern.rsplit(':', 1)[0] + name = urlparse(item).hostname + return fnmatch.fnmatch(name, pat) diff --git a/roles/lib_utils/callback_plugins/aa_version_requirement.py b/roles/lib_utils/callback_plugins/aa_version_requirement.py index 66da9ec045c..cae1b148e0f 100644 --- a/roles/lib_utils/callback_plugins/aa_version_requirement.py +++ b/roles/lib_utils/callback_plugins/aa_version_requirement.py @@ -7,6 +7,8 @@ first (alphanumerically) by Ansible. """ import sys +from distutils import version + from ansible import __version__ if __version__ < '2.0': @@ -29,13 +31,15 @@ def display(*args, **kwargs): # Set to minimum required Ansible version -REQUIRED_VERSION = '2.6.2' +REQUIRED_VERSION = version.StrictVersion('2.5.7') DESCRIPTION = "Supported versions: %s or newer" % REQUIRED_VERSION -def version_requirement(version): +def version_requirement(ver): """Test for minimum required version""" - return version >= REQUIRED_VERSION + if not isinstance(ver, version.StrictVersion): + ver = version.StrictVersion(ver) + return ver >= REQUIRED_VERSION class CallbackModule(CallbackBase): diff --git a/roles/lib_utils/filter_plugins/oo_filters.py b/roles/lib_utils/filter_plugins/oo_filters.py index 5c720dc9ae6..14d9288626f 100644 --- a/roles/lib_utils/filter_plugins/oo_filters.py +++ b/roles/lib_utils/filter_plugins/oo_filters.py @@ -655,7 +655,7 @@ def lib_utils_oo_oreg_image(image_default, oreg_url): # if no oreg_url is specified, we just return the original default if oreg_url == 'None': return image_default - oreg_parts = oreg_url.split('/') + oreg_parts = oreg_url.rsplit('/', 2) if len(oreg_parts) < 2: raise errors.AnsibleFilterError("oreg_url malformed: {}".format(oreg_url)) if not (len(oreg_parts) >= 3 and '.' in oreg_parts[0]): diff --git a/roles/lib_utils/filter_plugins/openshift_master.py b/roles/lib_utils/filter_plugins/openshift_master.py index 3d2b33df6c1..e9e02d54d0e 100644 --- a/roles/lib_utils/filter_plugins/openshift_master.py +++ b/roles/lib_utils/filter_plugins/openshift_master.py @@ -454,7 +454,9 @@ class GitHubIdentityProvider(IdentityProviderOauthBase): def __init__(self, api_version, idp): IdentityProviderOauthBase.__init__(self, api_version, idp) self._optional += [['organizations'], - ['teams']] + ['teams'], + ['ca'], + ['hostname']] def validate(self): ''' validate this idp instance ''' @@ -462,6 +464,8 @@ def validate(self): raise errors.AnsibleFilterError("|failed provider {0} does not " "allow challenge authentication".format(self.__class__.__name__)) + self._idp['ca'] = '/etc/origin/master/{}_github_ca.crt'.format(self.name) + class FilterModule(object): ''' Custom ansible filters for use by the openshift_control_plane role''' diff --git a/roles/lib_utils/library/docker_creds.py b/roles/lib_utils/library/docker_creds.py index 0493a739538..009ddc1050a 100644 --- a/roles/lib_utils/library/docker_creds.py +++ b/roles/lib_utils/library/docker_creds.py @@ -58,6 +58,11 @@ - Attempt to connect to registry with username + password provided. default: true required: false + test_timeout: + description: + - Timeout in seconds for each attempt to connect to registry. + default: 20 + required: false author: - "Michael Gugino " @@ -72,6 +77,7 @@ username: myuser password: mypassword test_login: True + test_timeout: 30 ''' @@ -131,14 +137,16 @@ def load_config_file(module, dest): return {} -def gen_skopeo_cmd(registry, username, password, proxy_vars, image_name): +# pylint: disable=too-many-arguments +def gen_skopeo_cmd(registry, username, password, proxy_vars, test_timeout, test_image, tls_verify): '''Generate skopeo command to run''' - skopeo_temp = ("{proxy_vars} timeout 10 skopeo inspect" - " {creds} docker://{registry}/{image_name}") + skopeo_temp = ("{proxy_vars} timeout {test_timeout} skopeo inspect" + " {creds} docker://{registry}/{test_image}") # this will quote the entire creds argument to account for special chars. creds = pipes.quote('--creds={}:{}'.format(username, password)) - skopeo_args = {'proxy_vars': proxy_vars, 'creds': creds, - 'registry': registry, 'image_name': image_name} + skopeo_args = {'proxy_vars': proxy_vars, 'test_timeout': test_timeout, 'creds': creds, + 'registry': registry, 'test_image': test_image, + 'tls_verify': tls_verify} return skopeo_temp.format(**skopeo_args).strip() @@ -196,9 +204,11 @@ def run_module(): registry=dict(type='str', required=True), username=dict(type='str', required=True), password=dict(type='str', required=True, no_log=True), - test_login=dict(type='str', required=False, default=True), + test_login=dict(type='bool', required=False, default=True), proxy_vars=dict(type='str', required=False, default=''), - image_name=dict(type='str', required=True), + test_timeout=dict(type='int', required=False, default=20), + test_image=dict(type='str', required=True), + tls_verify=dict(type='bool', required=False, default=True) ) module = AnsibleModule( @@ -213,7 +223,9 @@ def run_module(): password = module.params['password'] test_login = module.params['test_login'] proxy_vars = module.params['proxy_vars'] - image_name = module.params['image_name'] + test_timeout = module.params['test_timeout'] + test_image = module.params['test_image'] + tls_verify = module.params['tls_verify'] if not check_dest_dir_exists(module, dest): create_dest_dir(module, dest) @@ -226,7 +238,7 @@ def run_module(): # Test the credentials if test_login: skopeo_command = gen_skopeo_cmd(registry, username, password, - proxy_vars, image_name) + proxy_vars, test_timeout, test_image, tls_verify) validate_registry_login(module, skopeo_command) # base64 encode our username:password string diff --git a/roles/lib_utils/library/openshift_cert_expiry.py b/roles/lib_utils/library/openshift_cert_expiry.py index ef265f8e7da..d2d3668eb18 100644 --- a/roles/lib_utils/library/openshift_cert_expiry.py +++ b/roles/lib_utils/library/openshift_cert_expiry.py @@ -10,6 +10,7 @@ import os import subprocess import yaml +import dateutil.parser # pylint import-error disabled because pylint cannot find the package # when installed in a virtualenv @@ -145,7 +146,7 @@ def _parse_cert(self): # => 20190207181935Z not_after_raw = l.partition(' : ')[-1] # Last item: ('Not After', ' : ', 'Feb 7 18:19:35 2019 GMT') - not_after_parsed = datetime.datetime.strptime(not_after_raw, '%b %d %H:%M:%S %Y %Z') + not_after_parsed = dateutil.parser.parse(not_after_raw) self.not_after = not_after_parsed.strftime('%Y%m%d%H%M%SZ') elif l.startswith('X509v3 Subject Alternative Name:'): diff --git a/roles/lib_utils/library/openshift_container_binary_sync.py b/roles/lib_utils/library/openshift_container_binary_sync.py deleted file mode 100644 index afd01a3f9b4..00000000000 --- a/roles/lib_utils/library/openshift_container_binary_sync.py +++ /dev/null @@ -1,202 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# pylint: disable=missing-docstring,invalid-name - -import random -import tempfile -import shutil -import os.path - -# pylint: disable=redefined-builtin,wildcard-import,unused-wildcard-import -from ansible.module_utils.basic import * # noqa: F403 - - -DOCUMENTATION = ''' ---- -module: openshift_container_binary_sync -short_description: Copies OpenShift binaries out of the given image tag to host system. -''' - - -class BinarySyncError(Exception): - def __init__(self, msg): - super(BinarySyncError, self).__init__(msg) - self.msg = msg - - -# pylint: disable=too-few-public-methods,too-many-instance-attributes -class BinarySyncer(object): - """ - Syncs the openshift, oc, and kubectl binaries/symlinks out of - a container onto the host system. - """ - - def __init__(self, module, image, backend): - self.module = module - self.changed = False - self.output = [] - self.bin_dir = '/usr/local/bin' - self._image = image - self.backend = backend - self.temp_dir = None # TBD - - def sync(self): - if self.backend == 'atomic': - return self._sync_atomic() - - return self._sync_docker() - - def _sync_atomic(self): - self.temp_dir = tempfile.mkdtemp() - temp_dir_mount = tempfile.mkdtemp() - try: - image_spec = self.image - rc, stdout, stderr = self.module.run_command(['atomic', 'mount', - '--storage', "ostree", - image_spec, temp_dir_mount]) - if rc: - raise BinarySyncError("Error mounting image. stdout=%s, stderr=%s" % - (stdout, stderr)) - for i in ["openshift", "oc"]: - src_file = os.path.join(temp_dir_mount, "usr/bin", i) - shutil.copy(src_file, self.temp_dir) - - self._sync_binaries() - finally: - self.module.run_command(['atomic', 'umount', temp_dir_mount]) - shutil.rmtree(temp_dir_mount) - shutil.rmtree(self.temp_dir) - - def _sync_docker(self): - container_name = "openshift-cli-%s" % random.randint(1, 100000) - rc, stdout, stderr = self.module.run_command(['docker', 'create', '--name', - container_name, self.image]) - if rc: - raise BinarySyncError("Error creating temporary docker container. stdout=%s, stderr=%s" % - (stdout, stderr)) - self.output.append(stdout) - try: - self.temp_dir = tempfile.mkdtemp() - self.output.append("Using temp dir: %s" % self.temp_dir) - - rc, stdout, stderr = self.module.run_command(['docker', 'cp', "%s:/usr/bin/openshift" % container_name, - self.temp_dir]) - if rc: - raise BinarySyncError("Error copying file from docker container: stdout=%s, stderr=%s" % - (stdout, stderr)) - - rc, stdout, stderr = self.module.run_command(['docker', 'cp', "%s:/usr/bin/oc" % container_name, - self.temp_dir]) - if rc: - raise BinarySyncError("Error copying file from docker container: stdout=%s, stderr=%s" % - (stdout, stderr)) - - self._sync_binaries() - finally: - shutil.rmtree(self.temp_dir) - self.module.run_command(['docker', 'rm', container_name]) - - def _sync_binaries(self): - self._sync_binary('openshift') - - # In older versions, oc was a symlink to openshift: - if os.path.islink(os.path.join(self.temp_dir, 'oc')): - self._sync_symlink('oc', 'openshift') - else: - self._sync_binary('oc') - - # Ensure correct symlinks created: - self._sync_symlink('kubectl', 'oc') - - # Remove old oadm binary - if os.path.exists(os.path.join(self.bin_dir, 'oadm')): - os.remove(os.path.join(self.bin_dir, 'oadm')) - - def _sync_symlink(self, binary_name, link_to): - """ Ensure the given binary name exists and links to the expected binary. """ - - # The symlink we are creating: - link_path = os.path.join(self.bin_dir, binary_name) - - # The expected file we should be linking to: - link_dest = os.path.join(self.bin_dir, link_to) - - if not os.path.exists(link_path) or \ - not os.path.islink(link_path) or \ - os.path.realpath(link_path) != os.path.realpath(link_dest): - if os.path.exists(link_path): - os.remove(link_path) - os.symlink(link_to, os.path.join(self.bin_dir, binary_name)) - self.output.append("Symlinked %s to %s." % (link_path, link_dest)) - self.changed = True - - def _sync_binary(self, binary_name): - src_path = os.path.join(self.temp_dir, binary_name) - dest_path = os.path.join(self.bin_dir, binary_name) - incoming_checksum = self.module.run_command(['sha256sum', src_path])[1] - if not os.path.exists(dest_path) or self.module.run_command(['sha256sum', dest_path])[1] != incoming_checksum: - - # See: https://github.com/openshift/openshift-ansible/issues/4965 - if os.path.islink(dest_path): - os.unlink(dest_path) - self.output.append('Removed old symlink {} before copying binary.'.format(dest_path)) - shutil.move(src_path, dest_path) - self.output.append("Moved %s to %s." % (src_path, dest_path)) - self.changed = True - - @property - def raw_image(self): - """ - Returns the image as it was originally passed in to the instance. - - .. note:: - This image string will only work directly with the atomic command. - - :returns: The original image passed in. - :rtype: str - """ - return self._image - - @property - def image(self): - """ - Returns the image without atomic prefixes used to map to skopeo args. - - :returns: The image string without prefixes - :rtype: str - """ - image = self._image - for remove in ('oci:', 'http:', 'https:'): - if image.startswith(remove): - image = image.replace(remove, '') - return image - - -def main(): - module = AnsibleModule( # noqa: F405 - argument_spec=dict( - image=dict(required=True), - backend=dict(required=True), - ), - supports_check_mode=True - ) - - image = module.params['image'] - backend = module.params['backend'] - - if backend not in ["docker", "atomic"]: - module.fail_json(msg="unknown backend") - - binary_syncer = BinarySyncer(module, image, backend) - - try: - binary_syncer.sync() - except BinarySyncError as ex: - module.fail_json(msg=ex.msg) - - return module.exit_json(changed=binary_syncer.changed, - output=binary_syncer.output) - - -if __name__ == '__main__': - main() diff --git a/roles/lib_utils/lookup_plugins/openshift_master_facts_default_predicates.py b/roles/lib_utils/lookup_plugins/openshift_master_facts_default_predicates.py index ddecf9cc601..8619f48ebf8 100644 --- a/roles/lib_utils/lookup_plugins/openshift_master_facts_default_predicates.py +++ b/roles/lib_utils/lookup_plugins/openshift_master_facts_default_predicates.py @@ -27,11 +27,11 @@ def run(self, terms, variables=None, regions_enabled=True, short_version=None, # pylint: disable=line-too-long raise AnsibleError("Either OpenShift needs to be installed or openshift_release needs to be specified") - if short_version not in ['3.6', '3.7', '3.8', '3.9', '3.10', '3.11', 'latest']: + if short_version not in ['3.6', '3.7', '3.8', '3.9', '3.10', '3.11', '4.0', '4.1', '4.2', 'latest']: raise AnsibleError("Unknown short_version %s" % short_version) if short_version == 'latest': - short_version = '3.11' + short_version = '4.0' # Predicates ordered according to OpenShift Origin source: # origin/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/defaults/defaults.go @@ -64,7 +64,7 @@ def run(self, terms, variables=None, regions_enabled=True, short_version=None, {'name': 'NoVolumeNodeConflict'}, ]) - if short_version in ['3.9', '3.10', '3.11']: + if short_version in ['3.9', '3.10', '3.11', '4.0', '4.1', '4.2']: predicates.extend([ {'name': 'NoVolumeZoneConflict'}, {'name': 'MaxEBSVolumeCount'}, diff --git a/roles/lib_utils/lookup_plugins/openshift_master_facts_default_priorities.py b/roles/lib_utils/lookup_plugins/openshift_master_facts_default_priorities.py index cabd51ea303..307ef61daf8 100644 --- a/roles/lib_utils/lookup_plugins/openshift_master_facts_default_priorities.py +++ b/roles/lib_utils/lookup_plugins/openshift_master_facts_default_priorities.py @@ -27,13 +27,13 @@ def run(self, terms, variables=None, zones_enabled=True, short_version=None, # pylint: disable=line-too-long raise AnsibleError("Either OpenShift needs to be installed or openshift_release needs to be specified") - if short_version not in ['3.6', '3.7', '3.8', '3.9', '3.10', '3.11', 'latest']: + if short_version not in ['3.6', '3.7', '3.8', '3.9', '3.10', '3.11', '4.0', '4.1', '4.2', 'latest']: raise AnsibleError("Unknown short_version %s" % short_version) if short_version == 'latest': - short_version = '3.11' + short_version = '4.0' - if short_version in ['3.6', '3.7', '3.8', '3.9', '3.10', '3.11']: + if short_version in ['3.6', '3.7', '3.8', '3.9', '3.10', '3.11', '4.0', '4.1', '4.2']: priorities.extend([ {'name': 'SelectorSpreadPriority', 'weight': 1}, {'name': 'InterPodAffinityPriority', 'weight': 1}, diff --git a/roles/lib_utils/test/openshift_master_facts_default_predicates_tests.py b/roles/lib_utils/test/openshift_master_facts_default_predicates_tests.py index 4348f56c51d..e38b61391f8 100644 --- a/roles/lib_utils/test/openshift_master_facts_default_predicates_tests.py +++ b/roles/lib_utils/test/openshift_master_facts_default_predicates_tests.py @@ -46,7 +46,7 @@ {'name': 'CheckVolumeBinding'}, ] -DEFAULT_PREDICATES_3_11 = DEFAULT_PREDICATES_3_10 = DEFAULT_PREDICATES_3_9 +DEFAULT_PREDICATES_4_0 = DEFAULT_PREDICATES_3_11 = DEFAULT_PREDICATES_3_10 = DEFAULT_PREDICATES_3_9 REGION_PREDICATE = { 'name': 'Region', @@ -64,6 +64,7 @@ ('3.9', DEFAULT_PREDICATES_3_9), ('3.10', DEFAULT_PREDICATES_3_10), ('3.11', DEFAULT_PREDICATES_3_11), + ('4.0', DEFAULT_PREDICATES_4_0), ] diff --git a/roles/lib_utils/test/openshift_master_facts_default_priorities_tests.py b/roles/lib_utils/test/openshift_master_facts_default_priorities_tests.py index 410730d346a..46775e2f136 100644 --- a/roles/lib_utils/test/openshift_master_facts_default_priorities_tests.py +++ b/roles/lib_utils/test/openshift_master_facts_default_priorities_tests.py @@ -11,7 +11,7 @@ {'name': 'TaintTolerationPriority', 'weight': 1} ] DEFAULT_PRIORITIES_3_8 = DEFAULT_PRIORITIES_3_7 = DEFAULT_PRIORITIES_3_6 -DEFAULT_PRIORITIES_3_11 = DEFAULT_PRIORITIES_3_10 = DEFAULT_PRIORITIES_3_9 = DEFAULT_PRIORITIES_3_8 +DEFAULT_PRIORITIES_4_0 = DEFAULT_PRIORITIES_3_11 = DEFAULT_PRIORITIES_3_10 = DEFAULT_PRIORITIES_3_9 = DEFAULT_PRIORITIES_3_8 ZONE_PRIORITY = { 'name': 'Zone', @@ -30,6 +30,7 @@ ('3.9', DEFAULT_PRIORITIES_3_9), ('3.10', DEFAULT_PRIORITIES_3_10), ('3.11', DEFAULT_PRIORITIES_3_11), + ('4.0', DEFAULT_PRIORITIES_4_0), ] diff --git a/roles/lib_utils/test/test_master_check_paths_in_config.py b/roles/lib_utils/test/test_master_check_paths_in_config.py index bbfcafdb218..b65c5390211 100644 --- a/roles/lib_utils/test/test_master_check_paths_in_config.py +++ b/roles/lib_utils/test/test_master_check_paths_in_config.py @@ -24,6 +24,8 @@ def loaded_config(): 'oauthConfig': {'identityProviders': ['1', '2', '/this/will/fail']}, + 'auditConfig': + {'auditFilePath': "/var/log/origin/audit-ocp.log"}, 'fake_top_item': {'fake_item': {'fake_item2': diff --git a/roles/lib_utils/test/test_oo_filters.py b/roles/lib_utils/test/test_oo_filters.py new file mode 100644 index 00000000000..0d49fc6d93a --- /dev/null +++ b/roles/lib_utils/test/test_oo_filters.py @@ -0,0 +1,37 @@ +''' + Unit tests for oo_filters +''' +import os +import sys + +MODULE_PATH = os.path.realpath(os.path.join(__file__, os.pardir, os.pardir, 'filter_plugins')) +sys.path.insert(0, MODULE_PATH) + +# pylint: disable=import-error,wrong-import-position,missing-docstring +import oo_filters # noqa: E402 + + +def test_lib_utils_oo_oreg_image(): + default_url = "quay.io/coreos/etcd:v99" + + oreg_url = "None" + output_image = oo_filters.lib_utils_oo_oreg_image(default_url, oreg_url) + assert output_image == default_url + + oreg_url = "example.com/openshift/origin-${component}:${version}" + expected_output = "example.com/coreos/etcd:v99" + output_image = oo_filters.lib_utils_oo_oreg_image(default_url, oreg_url) + assert output_image == expected_output + + oreg_url = "example.com/subdir/openshift/origin-${component}:${version}" + expected_output = "example.com/subdir/coreos/etcd:v99" + output_image = oo_filters.lib_utils_oo_oreg_image(default_url, oreg_url) + assert output_image == expected_output + + +def main(): + test_lib_utils_oo_oreg_image() + + +if __name__ == '__main__': + main() diff --git a/roles/lib_utils/test/test_sanity_checks.py b/roles/lib_utils/test/test_sanity_checks.py index ac6bdbd4101..40f0a24033b 100644 --- a/roles/lib_utils/test/test_sanity_checks.py +++ b/roles/lib_utils/test/test_sanity_checks.py @@ -46,3 +46,7 @@ def test_is_registry_match(): assert not is_registry_match("https://example.com:443/prefix", pat_matchport) assert not is_registry_match("docker.io/library/my", pat_matchport) assert not is_registry_match("https://hello.registry/myapp", pat_matchport) + + +if __name__ == '__main__': + test_is_registry_match() diff --git a/roles/nickhammond.logrotate/tasks/main.yml b/roles/nickhammond.logrotate/tasks/main.yml index 82f5b6db5ad..b8f0b0a4314 100644 --- a/roles/nickhammond.logrotate/tasks/main.yml +++ b/roles/nickhammond.logrotate/tasks/main.yml @@ -3,7 +3,6 @@ package: name: logrotate state: present - when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/nuage_ca/tasks/main.yaml b/roles/nuage_ca/tasks/main.yaml index 4340201b645..9b418baabc5 100644 --- a/roles/nuage_ca/tasks/main.yaml +++ b/roles/nuage_ca/tasks/main.yaml @@ -3,7 +3,6 @@ package: name: openssl state: present - when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/nuage_common/tasks/main.yml b/roles/nuage_common/tasks/main.yml index ec42518ffdc..ada390ad90c 100644 --- a/roles/nuage_common/tasks/main.yml +++ b/roles/nuage_common/tasks/main.yml @@ -1,19 +1,4 @@ --- -- name: Set the Nuage plugin openshift directory fact to handle Atomic host install - set_fact: - nuage_node_plugin_dir: /var/usr/share/vsp-openshift - when: openshift_is_atomic | bool - -- name: Set the Nuage CNI network config directory fact to handle Atomic host install - set_fact: - nuage_node_cni_netconf_dir: /var/etc/cni/net.d/ - when: openshift_is_atomic | bool - -- name: Set the Nuage CNI binary directory fact to handle Atomic host install - set_fact: - nuage_node_cni_bin_dir: /var/opt/cni/bin/ - when: openshift_is_atomic | bool - - name: Assure CNI plugin config dir exists before daemon set install become: yes file: path="{{ nuage_node_plugin_dir }}" state=directory diff --git a/roles/nuage_master/tasks/main.yaml b/roles/nuage_master/tasks/main.yaml index 6d91e772356..ace8a98dd62 100644 --- a/roles/nuage_master/tasks/main.yaml +++ b/roles/nuage_master/tasks/main.yaml @@ -2,26 +2,6 @@ - name: setup firewall import_tasks: firewall.yml -- name: Set the Nuage certificate directory fact for Atomic hosts - set_fact: - cert_output_dir: /var/usr/share/nuage-openshift-monitor - when: openshift_is_atomic | bool - -- name: Set the Nuage kubeconfig file path fact for Atomic hosts - set_fact: - kube_config: /var/usr/share/nuage-openshift-monitor/nuage.kubeconfig - when: openshift_is_atomic | bool - -- name: Set the Nuage monitor yaml location fact for Atomic hosts - set_fact: - kubemon_yaml: /var/usr/share/nuage-openshift-monitor/nuage-openshift-monitor.yaml - when: openshift_is_atomic | bool - -- name: Set the Nuage monitor certs location fact for Atomic hosts - set_fact: - nuage_master_crt_dir: /var/usr/share/nuage-openshift-monitor/ - when: openshift_is_atomic | bool - - name: Set the Nuage master config directory for daemon sets install set_fact: nuage_master_config_dsets_mount_dir: /var/usr/share/ @@ -32,36 +12,11 @@ nuage_node_config_dsets_mount_dir: /var/usr/share/ when: slave_host_type == "is_atomic" -- name: Set the Nuage CNI plugin binary directory for daemon sets install - set_fact: - nuage_cni_bin_dsets_mount_dir: /var/opt/cni/bin - when: openshift_is_atomic | bool - - name: Set the Nuage VRS mount dir for daemon sets install set_fact: nuage_vrs_mount_dir: /etc/default when: nuage_personality == "evdf" -- name: Create directory /usr/share/nuage-openshift-monitor - become: yes - file: path=/usr/share/nuage-openshift-monitor state=directory - when: not openshift_is_atomic | bool - -- name: Create directory /var/usr/share/nuage-openshift-monitor - become: yes - file: path=/var/usr/share/nuage-openshift-monitor state=directory - when: openshift_is_atomic | bool - -- name: Create directory /var/usr/bin for monitor binary on atomic - become: yes - file: path=/var/usr/bin state=directory - when: openshift_is_atomic | bool - -- name: Create CNI bin directory /var/opt/cni/bin - become: yes - file: path=/var/opt/cni/bin state=directory - when: openshift_is_atomic | bool - - name: Create the log directory become: yes file: path={{ nuage_mon_rest_server_logdir }} state=directory diff --git a/roles/nuage_node/tasks/main.yaml b/roles/nuage_node/tasks/main.yaml index 1f1bd1653f9..cee470bebb5 100644 --- a/roles/nuage_node/tasks/main.yaml +++ b/roles/nuage_node/tasks/main.yaml @@ -1,19 +1,4 @@ --- -- name: Set the Nuage plugin openshift directory fact for Atomic hosts - set_fact: - vsp_openshift_dir: /var/usr/share/vsp-openshift - when: openshift_is_atomic | bool - -- name: Set the Nuage CNI binary directory fact for Atomic hosts - set_fact: - cni_bin_dir: /var/opt/cni/bin/ - when: openshift_is_atomic | bool - -- name: Set the Nuage plugin certs directory fact for Atomic hosts - set_fact: - nuage_plugin_crt_dir: /var/usr/share/vsp-openshift - when: openshift_is_atomic | bool - - name: Assure CNI conf dir exists become: yes file: path="{{ cni_conf_dir }}" state=directory @@ -33,11 +18,6 @@ - include_tasks: certificates.yml -- name: Add additional Docker mounts for Nuage for atomic hosts - become: yes - lineinfile: dest="{{ openshift_atomic_node_config_file }}" line="{{ nuage_atomic_docker_additional_mounts }}" - when: openshift_is_atomic | bool - - name: Restart node services command: /bin/true notify: diff --git a/roles/olm/files/catalogsource.crd.yaml b/roles/olm/files/catalogsource.crd.yaml index 88600e49877..c88d512ea58 100644 --- a/roles/olm/files/catalogsource.crd.yaml +++ b/roles/olm/files/catalogsource.crd.yaml @@ -37,14 +37,17 @@ spec: - name: Age type: date JSONPath: .metadata.creationTimestamp + subresources: + # status enables the status subresource. + status: {} validation: openAPIV3Schema: - type: object - description: Represents a subscription to a source and channel - required: - - spec properties: spec: + type: object + description: Represents a subscription to a source and channel + required: + - spec type: object description: Spec for a catalog source. required: diff --git a/roles/olm/files/certified-operators.catalogsource.yaml b/roles/olm/files/certified-operators.catalogsource.yaml new file mode 100644 index 00000000000..7241bed506c --- /dev/null +++ b/roles/olm/files/certified-operators.catalogsource.yaml @@ -0,0 +1,11 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: certified-operators + namespace: operator-lifecycle-manager +spec: + sourceType: internal + configMap: certified-operators + displayName: Certified Operators + publisher: Red Hat + diff --git a/roles/olm/files/certified-operators.configmap.yaml b/roles/olm/files/certified-operators.configmap.yaml new file mode 100644 index 00000000000..6ed50a74fee --- /dev/null +++ b/roles/olm/files/certified-operators.configmap.yaml @@ -0,0 +1,1249 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: certified-operators + namespace: operator-lifecycle-manager +data: + customResourceDefinitions: |- + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: couchbaseclusters.couchbase.com + spec: + group: couchbase.com + version: v1 + names: + plural: couchbaseclusters + singular: couchbasecluster + shortNames: + - couchbase + - cbc + kind: CouchbaseCluster + listKind: CouchbaseClusterList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - baseImage + - version + - authSecret + - cluster + - servers + properties: + adminConsoleServices: + type: array + items: + type: string + enum: + - data + - index + - query + - search + - eventing + - analytics + buckets: + type: array + items: + type: object + required: + - name + - type + - memoryQuota + properties: + enableFlush: + type: boolean + enableIndexReplica: + type: boolean + ioPriority: + type: string + enum: + - high + - low + name: + type: string + pattern: '^[a-zA-Z0-9._\-%]*$' + evictionPolicy: + type: string + enum: + - valueOnly + - fullEviction + - noEviction + - nruEviction + memoryQuota: + type: integer + minimum: 100 + type: + type: string + enum: + - couchbase + - ephemeral + - memcached + replicas: + type: integer + maximum: 3 + minimum: 0 + conflictResolution: + type: string + enum: + - seqno + - lww + baseImage: + type: string + antiAffinity: + type: boolean + exposeAdminConsole: + type: boolean + paused: + type: boolean + servers: + type: array + minLength: 1 + items: + type: object + required: + - size + - name + - services + properties: + name: + type: string + minLength: 1 + pattern: '^[-_a-zA-Z0-9]+$' + pod: + type: object + properties: + automountServiceAccountToken: + type: boolean + couchbaseEnv: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + labels: + type: object + nodeSelector: + type: object + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + requests: + type: object + properties: + cpu: + type: string + memory: + type: string + storage: + type: string + tolerations: + type: array + items: + type: object + required: + - key + - operator + - value + - effect + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + volumeMounts: + type: object + required: + - default + properties: + analytics: + type: array + items: + type: string + data: + type: string + default: + type: string + index: + type: string + serverGroups: + type: array + items: + type: string + services: + type: array + minLength: 1 + items: + type: string + enum: + - data + - index + - query + - search + - eventing + - analytics + size: + type: integer + minimum: 1 + disableBucketManagement: + type: boolean + volumeClaimTemplates: + type: array + items: + type: object + required: + - metadata + - spec + properties: + metadata: + type: object + required: + - name + properties: + name: + type: string + spec: + type: object + required: + - resources + - storageClassName + properties: + resources: + type: object + properties: + limits: + type: object + required: + - storage + properties: + storage: + type: string + requests: + type: object + required: + - storage + properties: + storage: + type: string + storageClassName: + type: string + serverGroups: + type: array + items: + type: string + version: + type: string + pattern: '^([\w\d]+-)?\d+\.\d+.\d+(-[\w\d]+)?$' + softwareUpdateNotifications: + type: boolean + authSecret: + type: string + minLength: 1 + cluster: + type: object + required: + - dataServiceMemoryQuota + - indexServiceMemoryQuota + - searchServiceMemoryQuota + - eventingServiceMemoryQuota + - analyticsServiceMemoryQuota + - indexStorageSetting + - autoFailoverTimeout + - autoFailoverMaxCount + properties: + autoFailoverTimeout: + type: integer + maximum: 3600 + minimum: 5 + autoFailoverOnDataDiskIssues: + type: boolean + clusterName: + type: string + indexStorageSetting: + type: string + enum: + - plasma + - memory_optimized + analyticsServiceMemoryQuota: + type: integer + minimum: 1024 + eventingServiceMemoryQuota: + type: integer + minimum: 256 + searchServiceMemoryQuota: + type: integer + minimum: 256 + autoFailoverMaxCount: + type: integer + maximum: 3 + minimum: 1 + dataServiceMemoryQuota: + type: integer + minimum: 256 + autoFailoverOnDataDiskIssuesTimePeriod: + type: integer + maximum: 3600 + minimum: 5 + indexServiceMemoryQuota: + type: integer + minimum: 256 + autoFailoverServerGroup: + type: boolean + tls: + type: object + properties: + static: + type: object + properties: + member: + type: object + properties: + serverSecret: + type: string + operatorSecret: + type: string + exposedFeatures: + type: array + items: + type: string + enum: + - admin + - xdcr + - client + versions: + - name: v1 + served: true + storage: true + additionalPrinterColumns: + - name: Age + type: date + description: >- + CreationTimestamp is a timestamp representing the server time when this + object was created. It is not guaranteed to be set in happens-before + order across separate operations. Clients may not set this value. It is + represented in RFC3339 form and is in UTC. + + + Populated by the system. Read-only. Null for lists. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + JSONPath: .metadata.creationTimestamp + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: oneagents.dynatrace.com + spec: + group: dynatrace.com + names: + kind: OneAgent + listKind: OneAgentList + plural: oneagents + singular: oneagent + scope: Namespaced + version: v1alpha1 + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: mongodbreplicasets.mongodb.com + spec: + group: mongodb.com + version: v1 + names: + plural: mongodbreplicasets + singular: mongodbreplicaset + shortNames: + - mrs + kind: MongoDbReplicaSet + listKind: MongoDbReplicaSetList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - credentials + - project + - version + - members + properties: + members: + type: integer + maximum: 50 + minimum: 1 + spec: + properties: + credentials: + type: string + project: + type: string + version: + type: string + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: mongodbshardedclusters.mongodb.com + spec: + group: mongodb.com + version: v1 + names: + plural: mongodbshardedclusters + singular: mongodbshardedcluster + shortNames: + - msc + kind: MongoDbShardedCluster + listKind: MongoDbShardedClusterList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - credentials + - project + - version + - shardCount + - mongodsPerShardCount + - mongosCount + - configServerCount + properties: + configServerCount: + type: integer + maximum: 50 + minimum: 1 + mongodsPerShardCount: + type: integer + maximum: 50 + minimum: 1 + mongosCount: + type: integer + minimum: 1 + shardCount: + type: integer + minimum: 1 + spec: + properties: + credentials: + type: string + project: + type: string + version: + type: string + - kind: CustomResourceDefinition + apiVersion: apiextensions.k8s.io/v1beta1 + metadata: + name: mongodbstandalones.mongodb.com + spec: + group: mongodb.com + version: v1 + names: + plural: mongodbstandalones + singular: mongodbstandalone + shortNames: + - mst + kind: MongoDbStandalone + listKind: MongoDbStandaloneList + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + required: + - credentials + - project + - version + properties: + spec: + properties: + credentials: + type: string + project: + type: string + version: + type: string + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + annotations: + alm-examples: >- + [{"apiVersion":"couchbase.com/v1","kind":"CouchbaseCluster","metadata":{"name":"cb-example","namespace":"default"},"spec":{"authSecret":"cb-example-auth","baseImage":"registry.connect.redhat.com/couchbase/server","buckets":[{"conflictResolution":"seqno","enableFlush":true,"evictionPolicy":"fullEviction","ioPriority":"high","memoryQuota":128,"name":"default","replicas":1,"type":"couchbase"}],"cluster":{"analyticsServiceMemoryQuota":1024,"autoFailoverMaxCount":3,"autoFailoverOnDataDiskIssues":true,"autoFailoverOnDataDiskIssuesTimePeriod":120,"autoFailoverServerGroup":false,"autoFailoverTimeout":120,"clusterName":"cb-example","dataServiceMemoryQuota":256,"eventingServiceMemoryQuota":256,"indexServiceMemoryQuota":256,"indexStorageSetting":"memory_optimized","searchServiceMemoryQuota":256},"servers":[{"name":"all_services","services":["data","index","query","search","eventing","analytics"],"size":3}],"version":"5.5.1-1"}}] + name: couchbase-operator.v1.0.0 + namespace: placeholder + spec: + customresourcedefinitions: + owned: + - description: Manages Couchbase clusters + displayName: Couchbase Operator + kind: CouchbaseCluster + name: couchbaseclusters.couchbase.com + resources: + - kind: Service + name: '' + version: v1 + - kind: Pod + name: '' + version: v1 + specDescriptors: + - description: The name of the secret object that stores the admin credentials. + displayName: Auth Secret + path: authSecret + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:Secret' + statusDescriptors: + - description: The desired number of member Pods for the deployment. + displayName: Size + path: size + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The current status of the Couchbase cluster. + displayName: Status + path: phase + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase' + - description: Explanation for the current status of the application. + displayName: Status Details + path: reason + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.phase:reason' + - description: The status of each of the member Pods for the Couchbase cluster. + displayName: Member Status + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podStatuses' + - description: The current version of the Couchbase cluster. + displayName: Current Version + path: currentVersion + - description: >- + The port the Couchbase Admin Console can be accessed on from any + node in the OpenShift cluster. + displayName: Admin Console Port + path: adminConsolePort + - description: >- + The SSL port the Couchbase Admin Console can be accessed on from + any node in the OpenShift cluster. + displayName: SSL Admin Console Port + path: adminConsolePortSSL + version: v1 + keywords: + - couchbase + - database + - key value + - nosql + - open source + displayName: Couchbase Operator + provider: + name: Couchbase + maturity: stable + version: 1.0.0 + icon: + - base64data: >- + iVBORw0KGgoAAAANSUhEUgAAAK4AAACvCAYAAABkUOVLAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAOxAAADsQBlSsOGwAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAABLSSURBVHic7d17cFz1dQfw77l39ZZlgbHNpH7IxliPlVaStX7gMEVOmeCQQBoIpjNtKYmhbtJ0KFACbdOZlDZMYSAuk0AYDKVDMgVMgU5CsGlpbFLHD7wrrx4rycaWReIkY2wj62FJ1t77O/1DMjEeW3ufe3dX5zPjGY907+93bH/90+7de88PEEIIIYQQQggROAq6gHywr6ZmjlZQMJtSKCOgEABMhMp1GCMAwMAEF+CMSqUGV/f2ngq22vwgwU1jR2trqOLk0NWsVD2Il4JRxUAVgReD6Aow5gDQbAypQDgF5pMM+oCAfmY6SoSj0M3Ovs6a9zfgVdOvP0++kOCehwGKNzRUs6mtJcJagJrAHAZQnMEyxkGUBDhBjF+wrvZEOzt7Mzh/TpjxwX2vvn6hzqH1SvF6Ir4OoDlB13QRJwl4l5m3GwXYvqaj41jQBQVtRgY3VtPQAF3bAOCLYDQEXY9tTB0g/i8FbF3V3Z4MupwgzJjgxsIti4hTX2HgdoBqg67HQ0kQXlFk/vuqrq5fBV1MpuR1cHe0toYqjg/cBKK7GXwD7L2Jyi0EE8xvg7Utw/Mr31y3c6cRdEl+ysvg7qqunlWsFX0VhPsAWhR0PQH4LYOeLdLNJyOdnQNBF+OHvAru3vr6+SGlfxPAXQAqgq4ncIRBBj9bqOPxxo6OD4Mux0t5Edx9NTVzNK34rwh8H4BZQdeThc4AeN7QzEfWdHUdD7oYL+R0cHcvuKakYNbYfUT8ICSwVgwB/C/Do0Ob1/X3jwddjBs5G9x4OHITg54EY0nQteSgXzHzt6I9HT8kgIMuxomcC248vGIZs/ksgHVB15LrCPyO0nnTys7OvqBrsStngrujtTU06/hHfwmi7wAoC7qevEEYY6bHqET/TjQeTwVdjlU5EdxYQ0MNG/RDIooGXUu+ImC/ofAnq3vbDwVdixVZf0F+f23kDphaTELrLwZW6joSsdrIPUHXYkXWrrgHmpoqzQl+AcAfBl3LTMOM181U8VfWHN43FHQtl5KVwY01NNTApNfz7J6CXPM+M9+ysqejK+hCLibrXirEaxtvh6nFJLSBu5qI9sTqmm4LupCLyargxmoj9zDhPyBXDbJFOcCv7K9r+nbQhVwoK14q7GhtDVV8OPB9BjYFXYu4OAZeoJLQpmy5ZBZ4cGMtLaUYM14HcEPQtYh0+K2JobIvrz22ZyzoSgINbnskUpYy6McAPhNkHcI6Bv3cnCi6KegrDoEFt6Oh4bIJU9sGYHVQNQjH9uqF9LnmROJ0UAUE8uasPRIpmzC1H0NCm6vWmBO8fVd1dWB35GU8uLsXXFOSStGbAK7N9NzCU6uL9eJt7ZFIIFeAMhrcWEtLQWHF6BsgtGZyXuGbT6cMbN3R2hrK9MQZDS6NGd+DXD3IM3TjrBMDz2R61owFNxZu/Ae5TpunGBtj4caHMjllRq4qxGsbb2fCS5maTwSCmfi2lcmO1zIxme9BitU0NEDT9kA+xp0JRhSwJhPddXx9qbCrunoWNG0rJLQzRbkGvB5b2jLb74l8DW6xXvwigBo/5xBZZzmKzef8nsS34MbqGv8CchP4DMVf3l8b2ejnDL68xp16EvcAgHI/xhc54Qyb3LLyYMdBPwb3fMXd0doaUsp4CRLama6MdHpxK27T/Rjc8+DOOjFwvzzYKKasWho+5MvDl56+VNhXHVmi69QJuYogfmcUmhmJdnUd8XJQT1dcXafnIaEVn1QKU3/a60E9C268rnEDpC2SuBjCZ+O1jV/ydkgP7KiqKp5VOrsHQJUX44m81Dc8Ohj2qkukJytueUnl/ZDQiuktnVU227M3aq5X3H01NXN0ragP0gFcpEMYnICxdG0y+ZHboVyvuJpe+CAktMIKxuwi6Pd5MZSrFbdtWfNcVaj6IB82COtGCkJ8lds9KVytuKpQPQgJrbCnPJUi16uu4xV377LVFaGi8V+C4fstbCLvDGE8tCjaFx90OoDjFbeg4OwmCa1wqIJLjK+6GcDRihtraSnAmHEEwEI3k4sZ7YPheZctc7oDpqMVl84aN0FCK9xZXH7ioxudnuwouErhbqcTCnEOKXKcI9svFWLhlkVg4yiyrLfulBEAKYCHATIAFAJYEHBNmWYAOAZAAagAoQyMkoBrujiCaehctaaj45jdUx10IDHuRCZDSxgD4+fE6IZGR5jxITMN6DpOK6QGTMM4rZeVDV2qb2t7JDLPMOl+ZjyA/H48/iyAByaGSp+7sA0oA9TZ0FA5SlRGE1Sq6TSXFOaC+EoCz1dMczXClYp5MRE1AijISMUMvcDAHQAesXuq/RW3LtKdoTb3bQQ8yiWhN6Px+KjbwWLhpi1gvsuLwrIS4aFosv1Rt8PEWlpKeTR1MxHdC2CVB5VNj9AZTbZH7J9mw1SPhA67k9h0hhlfi/a0/8jL7Trb6pujSqn9Xo2XbUIGFjQdav+1V+MxQPG6xk0AngBQ6tW4F0OaXtfS1dZj5xx7P/J1bYOt4+07Tpq5dmVPu+d7zA6ODGTl7jEeGW881P4bLwckgKPd7c+AcAMIjj8osEQZtnNlL7js6+PmZ5VGt7R0dfmyok/dBzrhx9hZ4KRfm0lHk+27oOiP4eNm1QyyfZO55eC+V1+/EEC93QmsIuLHV3Uldvs1/pSc3CncAl//XNGexE8Z2OLjFJG26uZP2TnBcnB1Dq23X49FhEGtQHvct/GFa2aI/wmTVy78QKaubOXLcnCVYt+CS8C2IPcTEOlNXmvl//VrfAK8Dy4DRITfd1aSpQn+27exhZfe9nHs69jGVS5LwW2rX1ED4ArHJaVhKq3Pr7GFh1jztDfCBeYlapuWWT3YUnCVMq9xXk96IR0n/BxfeENpcPXUgoXxP231WEvBJcJa5+Wkpyjl14t+4aEQka9XL1gpyzmz9uaM0ey4GiEsIqImq8emDe7UVkB1rioSwgIm1Fvt7pg2uLNPDC4HUOy6KiHSYZQsrjl0lZVD0wZXMYfdVySENaGQtU9n07/GJbb0P0AIL7DipVaOSxtcYukJJjKHmaqsHJc2uCzN7EQGEfESK8dZuBzGi9wWI4R1tNjKUVau485zWYkQdsy1ctC0wWVAA1GlN/UIYcnlVm62mTa4e8LhSjB82e5HiEsIJZqa0rb2mja4RSi63Lt6hLDGMM20uZu2r4LJZlE2dv1wikA/A1RmegZkELOWV3fX6SqU9pPaaYOrMReB8qeHRkt3wnGvKpE5Brgw3THTLqg02cJIiIzSWBWlPWa6b7JGDlo0CeESUdqXc9OvuIod9S4Vwg220P8i3XXcfG2gIbIYgyS4IvfopKV9lGva4GpayJPtK4Www8oziNMG9yzOut4BUAi76EzhqXTHTBvca5LJ0yCY3pUkRFqplr74ULqD0l3HVWAMeFeTEGl9ZKXzpJX7cfPq40SR9U5aOchCcOmXbisRwjr+wMpRVu6hOeqyEiEsYyZLebPwlC/63RYjhFVE1hZKCw9Lsp8d+oT4BGJY6tyZ/vF0jfN50w+RbTS909Jh6Q7o66x5H4SxdMe5oZuhfLpfXTg3uiLZ5s2KuwGvmgB1u6/p0kyoWX6OL7xhgst9nqKLJrdyTcvqSnfARTFpkUaWHkkWwdIU+9qqgIGE5VosDci8x3k5FsYHLPdFFcFRxL52pgfzL6weam3FNa0P6IjCZ3wdX7jGgEZMX/BzjhA0ywukpeBGD3YcgsWP4hwhXL+vOmKpZ5QIRiwcuR2A5c1FHDje3JN43+rB1vaAAJiAd53XlL4OXcf3fRxfuBBb3nIFMbnemT0NW/myfBmKmbfbr8UOunF/OPKYnb2uhP9iLS2lHDJeBrDQz3kIsJUvy8E1CrAdPu8ZS0wPxMONr03tGywCFgu3LOLx1DsE/IHPUzFzyFZwba1usXBjBxgN9mpyZBSElxj0QjSZ2GP12p7wRmJ54+8ZBdgIxjcBlGViymh3u62dnez1TWC8AWQkuKVgbCTwxnhd4+kYYxcIbcx8hDTq0wytb8XBA7/JQB15a0dVVXFlSeVCU+MFrHghaVQFxhIQNRjgpow2OyS8Yf8UG96rawxrQLbcuzAOoA+Eo1B8EkQnQTjBjBMgPsmknaSUOqVo4uSq3t6BmbJqb8VtelW4e65manM1jeYp0uYDfCUYiwEsYuYFRLQQwPyga/2YrmqjnZ29dk6x/UYoVtfYBSAXd+IZBTAC0DAIp6F4GMAIaRhRjCEQj5Kis9BwBsAEgUYApBTUMLFmMOMMLnjen3Ue1Q3T1q6YrGsVrDQdAIj4MmCq1RVN/kjmyY9VCwAQFCrPfV9NfZ/A5QAVMEPXiCsYVIHJH+flACoAVCKX3uAydUR7Eo12T7PfYonwChgP2z4veKWTv3geGB//0/K5yxhMk7+ZevvJU7+hqS9O9v775HtTUgBrNu8PYoBIXfili7/tpd99ny74IhHAOZTPSyL1spPTbN+VZej8gjz5KzxihAx60cmJtoO7pqPjGJjfdjKZEOcj0FtNh9p/7eRcZ/fBsrbF0XlCnI/Uc05PdRTc4fmVbwIsT/8KN/qH5l6+zenJjoK7budOA0RPOp1UCIA3r9u503EbW8ePzIwb41tAGHR6vpjRBkrI/Dc3AzgO7rUHDw4z+Fk3k4uZiUE/CCeTI27GcPWQIqUKHgMw7GYMMeOM6BP0r24HcRXc6KH4SQBPuS1CzCCMzSsOH3Ddj871Y+F6IT0K4LTbccQMQBgsDKnNXgzlOrjNicRpgB/zohiR55j/OdLZ6UnbWk8acZSQ+QQAy88LiZmIjsyeGP2eV6N5EtxwMjlBGh7yYiyRn4jUvVcfPmzrTrppx/NqIACI10X+h0HXezmmyH0E2ub1drSe9uzSlHY3gDNejily3qjSzW94PainwW3uTfQT0z96OabIbcT09ys7Oy01srPD8y6JQ/MrNxOw3+txRU7ae6Tnas/ekJ3Pl1voY/X1V0HpBwBIF8aZ64ypsGJ1b/shPwb3pS9ttKvrCBHd78fYIjcQ0Tf8Ci3g80N1+2sbXyPCLX7OIbIPE15ZmWz/Iz/n8LUT+Fk1ficAX5tCiyxDOGieLf5z/6fx2f7qSDXp9B4mH50W+W1EI231iuQB3xcr3/deWHmw4yBAd8HnvmMicIoYd2QitEAGggsA0e7EqwT+VibmEsEgpodaetptt1JyPF+mJgKAWLjpaTB/LZNzigwgei6aTNydySkzu01TsX4PwG9ldE7hKwZ+Mjy3MuOLUcZ7+OxecE1JYcXoTwGsy/TcwnM/Gx4d/Py6/v7xTE+c8Y3x1h7bM4aS0BcA/F+m5xae2ltCxheDCC0QQHABIBqPj+qFdDOAvUHML9whxm6Mh9a7fVLXjcC2Im1OJE4XhPh6Ar8TVA3CPiJ+d0yNr4/2xQPtqRHoHrqNHR1nzg6V3Sxv2HIDAz8ZOjO0/tqDBwNvSRD45s9rj+0Z6+uuvhnETwddi5gG4XkqCd0a1GvaC2VVZ+BYbeQeEH0XWfAfSnyMGfTwyu7Et4Mu5HxZFVwA2B+O3EpML0Du5c0GQ8S4M5OfiFmVdcEFgH01jct1Da8jN/eayA+Eg4px66ru9mTQpVxMVv5IXt3bfsiYKF4L0H8GXctMxIRXxo3xldkaWiBLV9zz7a+N3EFET2FyVxnhr2Ei+puWZCLru3BmfXAB4EBt09Um8Y8ArAq6ljy2l0j/05Zk2+GgC7EiJ4ILAAxobeGmu5j5Ccjq66VREB7uSy5/fANezZndlHImuOfsq44s0TV6BoTPBl1LriPQNk3h6829if6ga7Er54J7TjwcuYlZ2wzwVUHXkoMOA/R30e7Eq0EX4lTOBhcA3l+2rGiwqOyvAfwtGLODricHnCamR4q11JPhZHIi/eHZK6eDe86u6upZxaHir0MCfCkjYDxVGFKPetWfNmh5Edxz2pY1z1UF6n4QNmFyM+aZboBBP1Bq/Lure3tPBV2Ml/IquOckw+HyMaVvBNG9ABYHXU8A+kF4BmOhZ4K+/dAveRncc3a0tobKPzz9eWK+Cxo+B4YedE2+IZjMeEsj3nIkWf1WLl3aciKvg3u+vZHIAj2l/RlpfDsYDUHX4xmmDpB6OWTQi043dM5FMya454vXr6iFMjYw6EsAIsitvwcG0A7CG9DU1mhnZ2/QBQUhl/7BfNFW3fwpU1frCVgP4DoA84Ku6SKOA3iXgO3Moe3Rnvhvgy4oaDM+uBfaV9O4PKTTWlZqLQPNRFQHoDSDJYwSkFTAASLarSvsbu5JyI5GF5DgprEVt+mLaw5dpencQIwlICwBowqgKgBzpn6FbAxpADg1+Yv7mekoEfeTRn2aSZ1NPYkjBCiv/xz5RoLrgQNNTZWGaV6ucUERjFQpAJgIleswJh/fDhWMKkqdDen6R5MbGgohhBBCCCGEEEIIIYQQQgghhBAz1v8D+o/bXqYjxQQAAAAASUVORK5CYII= + mediatype: image/png + links: + - name: Couchbase + url: 'https://www.couchbase.com' + - name: Documentation + url: 'https://docs.couchbase.com/operator/1.0/overview.html' + - name: Downloads + url: 'https://www.couchbase.com/downloads' + install: + spec: + deployments: + - name: couchbase-operator + spec: + replicas: 1 + selector: + matchLabels: + name: couchbase-operator + template: + metadata: + labels: + name: couchbase-operator + spec: + containers: + - command: + - couchbase-operator + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: 'registry.connect.redhat.com/couchbase/operator:1.0.0-1' + name: couchbase-operator + ports: + - containerPort: 8080 + name: readiness-port + readinessProbe: + failureThreshold: 19 + httpGet: + path: /readyz + port: readiness-port + initialDelaySeconds: 3 + periodSeconds: 3 + serviceAccountName: couchbase-operator + permissions: + - rules: + - apiGroups: + - couchbase.com + resources: + - couchbaseclusters + verbs: + - '*' + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - '' + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - secrets + verbs: + - '*' + - apiGroups: + - '' + resources: + - persistentvolumes + verbs: + - get + - watch + - apiGroups: + - apps + resources: + - deployments + verbs: + - '*' + - apiGroups: + - '' + resources: + - secrets + verbs: + - get + serviceAccountName: couchbase-operator + strategy: deployment + maintainers: + - email: support@couchbase.com + name: Couchbase + description: > + The Couchbase Autonomous Operator allows users to easily deploy, manage, and + maintain Couchbase deployments on OpenShift. By installing this integration + you will be able to deply Couchbase Server clusters with a single command. + + + ## Supported Features + + + * **Automated cluster provisioning** - Deploying a Couchbase Cluster has + never been easier. Fill out a Couchbase specific configuration and let the + Couchbase Operator take care of provisioning nodes and setting up cluster to + your exact specification. + + + * **On-demand scalability** - Automatically scale your cluster up or down by + changing a simple configuration parameter and let the Couchbase Operator + handle provisioning of new nodes and joining them into the cluster. + + + * **Auto-recovery** - Detect Couchbase node failures, rebalance out bad + nodes, and bring the cluster back up to the desired capacity. Auto-recovery + is completely automated so you can sleep easy through the night knowing that + the Couchbase Operator will handle any failures. + + + * **Geo-distribution** - Replicate your data between datacenters to move + data closer to the users who consume it and protect against disaster + scenarios where an entire datacenter becomes unavailable. + + + * **Persistent storage** - Define persistent network-attached storage for + each node in your cluster to allow pods to be recovered even if the node + they were running on is no longer available. + + + * **Rack/zone awareness** - Tell the Couchbase Operator about availability + zones in your datacenter and let the operator take care of ensuring that + nodes in your cluster are deployed equally across each zone. + + + * **Supportability** - When things go wrong, use the cbopinfo tool provided + with the Couchbase Operator to collect relevant data about your Couchbase + deployment so that you can quickly address issues. + + + * **Centralized configuration management** - Manage your configuration + centrally with OpenShift. Updates to the configuration are watched by the + Couchbase Operator and actions are taken to make the target cluster match + the desired configuration. + + ## Required Parameters + + * `authSecret` - provide the name of a secret that contains two keys for the + `username` and `password` of the super user + ([documentation](https://docs.couchbase.com/operator/1.0/couchbase-cluster-config.html)) + + + ## About Couchbase Server + + + Built on the most powerful NoSQL technology, Couchbase Server delivers + unparalleled performance at scale, in any cloud. With features like + memory-first architecture, geo-distributed deployments, and workload + isolation, Couchbase Server excels at supporting mission-critical + applications at scale while maintaining submillisecond latencies and 99.999% + availability. Plus, with the most comprehensive SQL-compatible query + language (N1QL), migrating from RDBMS to Couchbase Server is easy with ANSI + joins. + selector: + matchLabels: + alm-owner-etcd: couchbaseoperator + operated-by: couchbaseoperator + labels: + alm-owner-etcd: couchbaseoperator + operated-by: couchbaseoperator + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + annotations: + alm-examples: >- + [{"apiVersion":"dynatrace.com/v1alpha1","kind":"OneAgent","metadata":{"name":"oneagent"},"spec":{"apiUrl":"https://ENVIRONMENTID.live.dynatrace.com/api","args":["APP_LOG_CONTENT_ACCESS=1"],"image":"registry.connect.redhat.com/dynatrace/oneagent"}}] + name: dynatrace-monitoring.v0.2.0 + namespace: placeholder + spec: + customresourcedefinitions: + owned: + - description: Dyantrace OneAgent monitoring agent + displayName: Dynatrace OneAgent + group: dynatrace.com + kind: OneAgent + name: oneagents.dynatrace.com + resources: + - kind: DaemonSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + specDescriptors: + - description: Credentials for the OneAgent to connect back to Dynatrace. + displayName: API and Pass Tokens + path: tokens + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + - description: >- + 'Location of the Dynatrace API to connect to, including your + specific environment ID' + displayName: API URL + path: apiUrl + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + version: v1alpha1 + keywords: + - monitoring + displayName: Dynatrace OneAgent + provider: + name: 'Dynatrace, Inc' + maturity: stable + version: 0.2.0 + icon: + - base64data: >- + iVBORw0KGgoAAAANSUhEUgAAANcAAADKCAMAAAAB6yXCAAABsFBMVEVMaXEaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhq03AAaGhpzvigaGhoUlv8aGhpvLai03AC03ABzvihzvihzvihzvii03AAaGhpzvihzvii03AC03ABzvii03AC03ABvLagUlv8Ulv9vLai03AAUlv9zvihvLagUlv8Ulv8Ulv9vLai03ABvLagUlv9vLagUlv9vLahvLai03ABvLahzvihvLai03ABvLahzvihzvihzvigUlv8Ulv+03ABzvihvLagTjPNzvii03ACx2wRvLagUlv8TkflvLagUlv8Ulv8Ulv+03ABuj0tiJZtjJpyUzC8TjPRsiFBzuiuu2gmv2ghCpq5jtX1zvii03AAUlv9vLagaGhoShOpZH5FeIpcTjfQSiO87mq9tl0JjsHWMxjpmb1xgR3dpg09bKYpjW2lxtS5cIZRuLKcUlPxPpZISh+5pKaIcitthUXCg0RxuoTtwqzVaIJIwlb6WzCsShu1gI5hkJpxoKaF4u1drWHtfNYZdIpVsK6VrjUlnKJ8Tkfqq1w4Tjvag0h2CwUgeme5QqZcTivFttmaCyVeZAAAAWnRSTlMAoCDQ8GAQwIBA4DCAsEBQQHDA8EAwgPDAEJDQEKBgoMAwQMCAgNAwYKBg8NAQsNCg8BBgIHAwUJAgcHCwkCCQ4OBQcCCQ07Bw3OCwUOBQuHA87zz41qb4bYKEG2nxAAAACXBIWXMAAAsSAAALEgHS3X78AAAHSElEQVR42u3bd2PTRhgHYG1ZHjh2nIEhjuPEzDSFQkrCKrN778qxQ5sABUoZpXvv3X7l6jRPp2ENNzqL9/cHSWxZd4/G3XsiYRgIBAKBQCAQCAQCgUAgEAgEQnsarXJDS75Q63OTPTvn2u25cvnFHBhbmMqVc+2V8urYAlu9odF96+PFWu1Fzr52udXYPR6suV7cTLYvr1Kvi8+ydeXWev5YOm0BWDuZ3Sv5ZO1Lw9pnsvbmjGUOiPPT+WSp0zlk7T2tqrNUsRYmR8Hao1LmSsdawViqmhvWHIOz1Jyy1F3ULI1HwZqyWNS4Wr1RsGYslnoqD6xVD4uSCSwdq+VlqfP5ZFExgZVHwTrhYql7xny5ZbEOqETGfBXZCGCp481aCGKpU/lkZTsxj2bNf8aHpZ7IkvVkUJe/fLXdbq+Uyaxor7YnCda8HyvLiZlgfXL9+rVr97a3v9jUcjH8k41Gq7wexsrSddnwIM729oNNVy5G3UkAK8OCo6GZfvtue9M3r6VkZVhwvNnr/flgMyDRdrF3VqXP9VbvHhJ8tbX1npOtra370V3TgazsCqmF3r+b93//dcMvd59J7cqs4Gj88c/djaAsjq/rnb83NtK6TlDoevuvENeRaPvYFeLKqpCaCGFtLIELXBS4DqV3TdPomhhfFwMucD0ErlkaXftz6mLARZ1rOaeuxfSuUzl1ha0rz+fUpYJrtHkip66l9K75nLpmwbVzOZS+7qXSNZHedT6nLvUhdM1k5WJSr78uhblO0+c6/Hz6cj7D/zgPZEVcLdO5TAksECOzwpYpM1O0uSzWWr2+1u1e6HQ6x/0//srLL1HJYp4LYx3se1I38iz6/grKTSpZvoXU8tlAliufI9dVKll+ruXHorH67yLXp1SyfApEk/VIvR/JFfCbABmzvAWHxXq0H8l1y5+V+d9I7U/O0l036GSRE/ORGCzd9TGlLMbvVwCisXTX+5SyXE98TdbjR/uRXd7p6zQdf3+4mJilu67S87t5QU/a4rJ0121KWc7E/HRclu6ilWVPzOZvNXSis5DrBq0sa2I2Wcf6/ViuD2hlMWcTs/ofEsP8AYamJGb1ieGQLhbzwsbhiUQs5PqMWhazaK0iuzFZd1zDIW0sZml/xOUWmY/w4ZA6lpXYrP63znA4sys/rP439nCY9eJ4pKz+19ZwSC9rLQFLm75uUc7SVlydkwfr8Vg/mZchzSwzxzvd6Lpfrty6TcMTmjjnrlsfvmL+8crP1CyO4528k92n6keDZ6+bY8nCfBe63Tp5Au/8gMbCM+PLcgk7x7rdtbqG/P51VX3jzCUGAoFAIBAIBAKBQCAQCAQCCYg8GBRS76QwGMjgAhe4wAUuf5eiZ2cxClscOCkwVe1fCd9AEgYDUf+mVhHQNnzT7qJifU6Qa5ztMmLqOFYwX8DfLFZErBGx4vTBaLMmm02VkqlK8sAV7XxpTdTwTUSt1+hrTXA2kznCZX7W66oO8B4XsM0FqxUFP7C6q4A3JSVh6TsoykYEvW9N7TARVyerfWGN4yzzRqdK5mExwjuSAjp5KE3rZJs/o3dFc3tDwlrHDeuDbDfFyzLeVJzorRY49/3Faa9huzJ/rKG2jWunWhkQdPQiojU99xfqdM2vZVEw3ymhrhfwk4Ka4kXjuLE+TUW6x41bxzVuyNaR1GOePq0bvIT3ViR3hrQc6WIDR0eJN67viueMaE1VmNCmhqXoElgu64ayt6kZtwnn2rLid/JrpCtkiEUnqspInn5rTQlSeFPD4r7irE7YA6B130t6byvutgeevTX1bSK7GB69p3j25G1KiDvEE/u0OoFfPBXjlBbc/VP8XKL+seiugumSPdfz0KaSuRTnopP0iyWaSxmNS/7fXOieKthjU5EJdUmKlVokF2dvzwa6WEXB9zoyl6VxhAEupeKe1oe5qjxZBvi6yIzKxZlXn3NF+rtEsgNDXCy5/Q67rNHCGUF8XZxZFjhFR7hLr7rszeVioKsouzMylzm6OyO+rwuVTEqMcUM7WkUu7riRpJQPdDEGyJmhfV2yUTlFdgnm1Z2hy6ieeLseCXJV47jcNUvE+StJ/OsNu9rFKuAglxLT5Td/hdcbSeJfH1pFThNbsUQ5X4WY56uJ3vPWh6K7Pky4Zsd3iteFaO+Cs8aIcn+x+oF25j6/+0sk60NvPS8JqU+Yvv5irZKJxY+nZMwcUpgLHRbFtWyqGWU6GzgeYoSm8Wlj/UXcdwO+mgqGr5exZxL2HMoyYS6OWGwb1w/vrJBLblcVn+/Q9sUh62U9YiKYa3bnJXfXndsnWr0hOsdKjxJeb5gnz/t8o+l9bJLgeZRVs/Gu1TgaVIpMuMtdH1ZK5BMoJaw+FFj74hNZ4nkU15TTusIGywJeheO3gOQ8DrTqc86naPcb1kpK8Hs78lyRGJXzEpa+59GjiCQkeA40BhHjPy4Zi7gfIuYmxENfCAQCgUAgEAgEAoFAIBAIBJLX/AcIuMeF+5wRowAAAABJRU5ErkJggg== + links: + - name: Operator Deploy Guide + url: https://www.dynatrace.com/support/help/cloud-platforms/openshift/full-stack/deployment/deploy-oneagent-on-openshift-container-platform/ + - name: OpenShift Monitoring Info + url: https://www.dynatrace.com/technologies/openshift-monitoring/ + install: + spec: + deployments: + - name: dynatrace-operator + spec: + replicas: 1 + selector: + matchLabels: + name: dynatrace-oneagent-operator + template: + metadata: + labels: + dynatrace: operator + name: dynatrace-oneagent-operator + operator: oneagent + spec: + containers: + - command: + - dynatrace-oneagent-operator + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: >- + registry.connect.redhat.com/dynatrace/dynatrace-oneagent-operator:v0.2.0 + imagePullPolicy: Always + name: dynatrace-oneagent-operator + resources: + limits: + cpu: 200m + memory: 128Mi + requests: + cpu: 100m + memory: 64Mi + nodeSelector: + beta.kubernetes.io/os: linux + serviceAccountName: dynatrace-oneagent-operator + permissions: + - rules: + - apiGroups: + - dynatrace.com + resources: + - oneagents + verbs: + - get + - list + - watch + - update + - apiGroups: + - apps + resources: + - daemonsets + verbs: + - get + - list + - watch + - create + - update + - delete + - apiGroups: + - '' + resources: + - pods + verbs: + - get + - list + - watch + - delete + - apiGroups: + - '' + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - dynatrace.com + resources: + - oneagents/finalizers + verbs: + - update + serviceAccountName: dynatrace-oneagent-operator + strategy: deployment + maintainers: + - email: support@dynatrace.com + name: 'Dynatrace, Inc' + description: > + Install full-stack monitoring of [OpenShift + clusters](https://www.dynatrace.com/technologies/openshift-monitoring/) with + the Dynatrace OneAgent on your cluster. OneAgent connects back to + Dynatrace's hosted monitoring tools. + + ## Before Your Start + + 1\. Make sure to install the Security Context Constraint (SCC) in order for + the agent to properly monitor all aspects of your Pods: + + + ``` $ oc create sa dynatrace-oneagent ``` + + + ``` $ oc adm policy add-scc-to-user privileged + system:serviceaccount::dynatrace-oneagent ``` + + + 2\. Add a Secret within the Project that contians your API and PaaS tokens + + + Get an [API + token](https://www.dynatrace.com/support/help/get-started/introduction/why-do-i-need-an-access-token-and-an-environment-id/#anchor-access-tokens) + for the Dynatrace API. This token is later referenced as `API_TOKEN`. + + + Get a [Platform-as-a-Service + token](https://www.dynatrace.com/support/help/get-started/introduction/why-do-i-need-an-access-token-and-an-environment-id/#anchor-access-tokens). + This token is later referenced as `PAAS_TOKEN`. + + + ``` $ oc -n dynatrace create secret generic oneagent + --from-literal="apiToken=API_TOKEN" --from-literal="paasToken=PAAS_TOKEN" + ``` + + + You may update this Secret at any time to rotate the tokens. + + ## Required Parameters + + * `apiUrl` - provide the environment ID used in conjuction with this + monitoring agent in the API adddress, eg + `https://.live.dynatrace.com/api` + + ## Advanced Options ## + + **Image Override** - use a copy of the OneAgent container image from a + registry other than Red Hat's + + + **NodeSelectors** - select a subset of your cluster's Nodes to run OneAgent + on, based on labels + + + **Tolerations** - add specific tolerations to the agent so that it can + monitor all of the Nodes in your cluster + + + **Disable Certificate Checking** - disable any certificate validation that + may interact poorly with proxies with in your cluster + + + For a complete list of supported parameters please consult the [Operator + Deploy + Guide](https://www.dynatrace.com/support/help/shortlink/openshift-deploy#parameters). + + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + annotations: + alm-examples: >- + [{"apiVersion":"mongodb.com/v1","kind":"MongoDbStandalone","metadata":{"name":"my-standalone","namespace":"mongodb"},"spec":{"version":"4.0.2","persistent":false,"project":"my-project","credentials":"my-credentials"}},{"apiVersion":"mongodb.com/v1","kind":"MongoDbReplicaSet","metadata":{"name":"my-replica-set","namespace":"mongodb"},"spec":{"members":3,"version":"4.0.2","persistent":false,"project":"my-project","credentials":"my-credentials"}},{"apiVersion":"mongodb.com/v1","kind":"MongoDbShardedCluster","metadata":{"name":"my-sharded-cluster","namespace":"mongodb"},"spec":{"shardCount": 2, "mongodsPerShardCount": 3, "mongosCount": 2, "configServerCount": 3,"version":"4.0.2","persistent":false,"project":"my-project","credentials":"my-credentials"}}] + name: mongodboperator.v0.3.2 + namespace: placeholder + spec: + customresourcedefinitions: + owned: + - description: >- + MongoDB Deployment consisting of only one host. No replication of + data. + displayName: MongoDB Standalone + group: mongodb.com + kind: MongoDbStandalone + name: mongodbstandalones.mongodb.com + resources: + - kind: Service + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + specDescriptors: + - description: Credentials for Ops Manager or Cloud Manager. + displayName: Credentials + path: credentials + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + - description: Project this deployment belongs to. + displayName: Project + path: project + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:ConfigMap' + - description: MongoDB version to be installed. + displayName: Version + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + version: v1 + - description: MongoDB Replica Set Deployment + displayName: MongoDB Replica Set + group: mongodb.com + kind: MongoDbReplicaSet + name: mongodbreplicasets.mongodb.com + resources: + - kind: Service + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + specDescriptors: + - description: Number of members in this Replica Set. + displayName: Members + path: members + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Credentials for Ops Manager or Cloud Manager. + displayName: Credentials + path: credentials + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + - description: Project this deployment belongs to. + displayName: Project + path: project + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:ConfigMap' + - description: MongoDB version to be installed. + displayName: Version + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + version: v1 + - description: MongoDB Sharded Cluster Deployment + displayName: MongoDB Sharded Cluster + group: mongodb.com + kind: MongoDbShardedCluster + name: mongodbshardedclusters.mongodb.com + resources: + - kind: Service + name: '' + version: v1 + - kind: StatefulSet + name: '' + version: v1beta2 + - kind: Pod + name: '' + version: v1 + specDescriptors: + - description: Credentials for Ops Manager or Cloud Manager. + displayName: Credentials + path: credentials + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:Secret' + - description: Project this deployment belongs to. + displayName: Project + path: project + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes:core:v1:ConfigMap' + - description: MongoDB version to be installed. + displayName: Version + path: version + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: How many Config Servers will be deployed + displayName: Config Server Count + path: configServerCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: How many MongoDB Servers per Shard will be deployed + displayName: MongoDB Servers per Shard + path: mongodsPerShardCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: How many mongos will be deployed + displayName: Mongos (MongoDB Shard) to be deployed + path: mongosCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Amount of Shards to be deployed + displayName: Shards + path: shardCount + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + version: v1 + keywords: + - mongodb + - database + - nosql + displayName: MongoDB + provider: + name: 'MongoDB, Inc' + maturity: stable + version: 0.3.2 + icon: + - base64data: >- + iVBORw0KGgoAAAANSUhEUgAAAH8AAAB/CAYAAADGvR0TAAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH4ggYEhkp9JVi8gAAFENJREFUeNrtnXmcVeV5x7/Pe86dGUZQUdwAo4Kaam1cUAdm3DAYl1ZjmmhMYkUlkMYtMVVrVExqY7q4oabNp6EuMdpEq8ZGpf1oJCbKJgxqlWiIgIrACCgimwJznv5xlvue5d65dxjsvXPP4+d4t3OB+/7e37O/7wsNKhdNv9iZ8uqNQgOLadhfLnLA7CV/OOrT/3JMDn7D/XDh02s3bRr/h4ufz8FvNOnu1s9v2rL5/EZW+06j/eCJT09i1Pijdhb46ZpNGwa4Jw4x7097+9mGtHyN+KMn/fob/yyYK998byWLV727FXQPgfcXXjIjV/v9Uc7/nwkATHhq4t+q6pWKUjAOgroCf73wkhkc+KOOnPn9dwJceIkx5k6DwRjDyg/XsmD52+Eg7LHwkhkrc+b3Izl32nkAnDftgkcV7kRBUVQVxxhAw1ufOfBHHaaR2N+vwf/KE+fS7W0Z8LVp5z2t6BcIQPfhViSu9w4BLlt4yQxG3NmRg1/v8vO/uB/EmY3qOFDUC3iuiiq4xsHXBOAB3cptI+/s+KvFl87ggAaYAP3S5n/pV18WjNnBUZllxBwiAo44CIIYgxHBiMP6jzcxd8kixFIBAp7AV/546YyHcubXoXy03gVPf6noIaGS93xLT6DxAcU1DhIMQngJGFUe3P+OjhMB9r+jI2d+PciZj30JcUWkW6Yb5AQxBgeDiGCMYDCIBMw3ho82b2XOooUx5lviASe9cdmM6Tnz60AeO/NhdKveBHqCRgh6Edsjex+8doz0RIxn9r+j41BfA7TnzK9VGff0WbSu964V4QdGDIJgQpYHjyImYL/giKFblecXvo6RcsOgHrDHG5fNXN3fwHf7yw9pWbe1DZEbQNBoVvvPNHxHFSR8D1Q1dp/lECS14//uf0f7/t3CRuPBom/NzMGvFTnl4TP2VHS2IqAB3AKqgieKo4IHGAkifFVUFNcxKIogKdA1/rgXMGvJpTMPzW1+jcjJD5/u2y7hwZDJSRB9WIvve9FzP9YPX3kUn2vxFqR4fWbk7e33Aoy8vX/Y/7ot6Y576DSePutJTn749O+DjAd82y0SZe5EAk0QvCcUH0FA4K33VvvvV/bXHrbLqXu/suhbM1/LHb7/RznxodMwyJ+ImFccEdd36ASDH8b5Dl8Q3gVhXuj8SfC+4zg8+9rve3D40h4gMAp4sd5tf92q/elnT0PR/0Q914spdgJ1roE61+i1F5mAwMUT6S1h7u8PTl/dgj/2wVNvVThEAzx8e2/bdBJef2jMLd9Atbd//cEjb29/LAf/E5ZjfzGK439xyi6q+o2wQqfqUXT4Am8+8Nw8y7FLagXdtn/K50dMaT8OYMSU9hz8T0KeO6cTD+9nCq2hCbYJrBnPovvs/H4vma9avICHARZ/e2YO/ichHf9x0qkopyVr82GDBpE2KDZtqHWvhpogeL+lUCgJbtaVkN1GTGmfmqv97SyjH/hsyNfvpZMwCdWeUuqhdogS/CXB7oWcO2JK+3Bf/Y/Jwd8eMvtrzzD6gc8eC9rmqaXC1c/RqfoFHE81075HvgCWBthWq+//qS2gj+bM386i8IiStu+R8leNWXjb67dDvMgxrBp8zbgAOGrElDFfWPztWTn4fS2j7h/LkQ+ceKaiu0VAaqjOk2zGsvvF19ZDZPfRLPi1zFVWrgUYeduYHPy+ksPvH0vnub9B4W+8BGsjSGL2PAGVxplP4vt+Sb9igKMsjxDL+yPKqJG3jTl50eWzcvD7Sl489zccdv/Yg1T1mBg3LeRDhnuZXr+t/hNaQqHgOj1CngQ7OU+s4tCjAPvVCfvrQu2r6r1gVd80bs9Dey+AemrX7YqRgGrC69fIfJRgcnRF0YD1b7Avay607nfbmDPZsiUHf1vlT+87nkN+dsLexTRu3JVTjSduvIR6Twd8dhRgpX9LMzle6q3EMKheseSqeex36+gc/G2RBef9FlRPUWj1U7aaAEIDmy4Z6t1iOxpL+GA5gl4Gm8uC3HMWqGO/W0cftuQ7s3Pweyv73ndcyObJIavjSRvbU/fifrpGjVsxb59EgFecPGWZ3Jss0L/Wg9qv6Xr+gfcd1+bAbCeozTviPwrghvV6kUSzZrGG74hBwH8UgwiEzZ2OGFzH4dW3l7Fu00d9NhDBn7MROBh4a3ENa4CaVvuiXBxT82qHepbXL/HQL5b0EUmVedmGDJ/0cAXSCpyyuMZVf002cI786bEItCi021k5FX/4QxstqsWmXJGiLRcJ7vcfRSRKBdjNnapUFOb1LkJhMvBvuc2vUhaNfw6FQQojwyXVWM4YqjGvH5VEsVaLqd6MeN+2/64xlTA5Ow9ouQJe4lIYtu8tozty8HshnuqXvXj1naxcnP/cSyV80l4/VnJHoySPY6RH+kehnw2uVhT+fScHv3dyeXzwNeq/KC7FSoIdDwND0KP2bdUMSONM9rJY3Pty75H73jK6NQe/CtnvnvbBqowopmxJlWHTGkFT+Xs0I0ljN3daKrsS+98L+RSwRw5+hTL87na6VcbZ9hrNAFATmT6NR/Hx9K4mcoPxhVzbK4YOUsaX5uBXKO9cOBPfyy9n7232B80cVi9fmA3ESvhkNXdq34CbeVnz7KIc/OrkzzwbSEtd26ocqy+PhJOX8vpJN3d621DGreKrzfvc3HZYDn6lMTJ6UBHwEKSMjpykVlAt7fVnNHdGwEp5FvcMdrF+4GVcwMn73NyWg9+TDLtrtKMwFEpU5EJHzvrQixie5QymJ0LsDnuVZkUTMwvsHhVBx1tXzMkzfD1JNzLWsRmugooPsETZPcW/R2IFHN+DV8LQXVRRMUEKMPxMYgma0kxOmgoyzEdFmT6Aw3O1X5mM1WTEZoVu8UZMUmVem9BRCZdkG1eyEuBFXUAVMrks2BlFwOH73tS2Yw5+z2p1XFaRxqvI609z1s7yxU2HWhpfKmZ0T+X80DE0iQs4Kwe/Z/APTa6viK27s7J1ttdfbXOnJl35KsEtBXJ2TUABPSG3+WVkt7vaBgEFjaJ38JDAvqeZLyWehyAhQf+eiNXNE34mUcyvHiWrOJKeHxW7hQk5Jge/7JjJEBXfsfMiFoWUlcBpI3Lo1C7hkiz9UtxtJ6jrq6eokZRLJ71SgVrFXYL6qd5c7ZeRnYNwO8bwLAcs+VnKS1dKNnfaWT9T0ZYsPS/gKH4ieMHVHT33P9v7prYhOfglxIMhsZ46jdttuxQbX2xZfXNn2LpdcA3lV+lkAV0EtzsGspSLFATIwS/DsB2ChFtmNi9ksO39q/auuTMxfcpyPQ10hUo/mUhQHZTb/AwZPLUNYGcPMBQ3SkRBRYNuHX9m+EkeuyYnMTNgYuz3k0Rhy5f/OnQnQ21h+mKnDog2dSw5AXbJmZ8haybOQWFgejPEeMq2VJnXs5o7PXvcJavM62f7wnu9Sku7qki5q/y3BRiQg196bAfGnTVSS6/CnL5nq2dNLse2l2dZSR6NL+UuklIqA3vbf2IhB78MO7I8+hAkz4/YYuCFyzPC1TZZzZ3JvF9sJU/vmdwbGZiDX1r20MTOKWECx4uFcHFVrclevNhzDxL782BNKlNFzN7LjKU9iWtqkUxNJXkUXS+RI1bcDtlDMYHjpgkl7QXungabK4f7Knqov8LW2mhRk16/KK5r+gTgWGhaJ1Jj4LNOiDdlSjHHl1nmdaLPLc/fXqhhfU+iFR69a9hUa+ZplQpDtq+CqX/wSXFeLIb7QHsKjhAu0wlCQaxVPFb6N4rrJbg1SPwE6/3K9fFpKSZrDwCXvFcBNufgl5bV9vq7MMZPTweNGjnsoo79WTSVxAT2XvxCj81+wDHGdyQrZW85nd+zfJQ7fGXC/axxTfbc99Tc6VmsVs06REGjtK+UOGcnc+lWun+cKto+FFifM7+EeMqHRgJeBupcokRN0fe3tYOHX5zRmMkAzQKagP1Blg8tbuci2Wq6r2Vdzvwyah8oEcRlLbDKDKeKmoH4Hj6aTA6FMWTyeI3t55mtzcEvLe96mraimuq5tdV9Vmt3Yv+9jOROBLZsH7AzNm9SD97PwS+lEye9sCL8N6l1SEKsBaua5s4UlzXe3FltvFYZyLGyrtX7Lx6szMEvP5wvJ7N0sRi/THNnvAwbP1ghy2RUw/keQSZ74YclH6y4eu7WHPzy8lRy1L2kzdf4ku2wuTOaJJa697dlIb7lOumNmtKTJ35FUUCPK3pKNoXU3LGstQj+Q1piG1UyGJ+eFOk0bkyD2Dt3EqzBz4CqsrV5Ve3P+1QOfo92f+48YItmeP3pHn57V83k2XiasXmTvcwqDPO0t0yu9qf9Mge/Uruv2RF3chdNz8rwkfAPsvbwKf4hyZp+KTb3TYj3znfnrRr+D0fm4FcgL0SJnxJePwn7H2/uJHHAAtnNnfKJxfevArzz3Xk5+OVk0E+OAvh1qbNtyYj9yzd3SvxbGt+fY/NWb/vpr+JKn85aZFgt2nyAx1KAa7H33o6hY15/LOGTbACLO4ihryCS7BDoE7CT5mR6Dn7lE0CBB2MnY2Tw39um5s7q9+Cs8uQtW57Mwa9ObshKxKQOTbK47SXUf1ZzZywrCGwtofarBLec/Peya+ZtzcGvzu4vAV2qatvrDJ/cbu4kq7kzWeaNr+CNFmv2DdBZ8v1aZVetqn3WTZq7ybaVqdCbnps7S63vKzqF2tdAJ2UVsGDYD4+sSfBdaluuBh0fdubYnTqVNHfaZ+l4QStX6Cs4wfKfrVs9ZPv11M5fds28DTnze6H6102a2wU8mqnuS2yhni7zxhs8U3F/H1O/mBZWgB/WMrNqFvx1k+aGtv8GoDt5nl6m1x9L4JMq83qprKHS3e31GdhiOQ0Kbyy7Zt7vht84Kge/97LlZdClWXbf9vq9MsmfeEtXMczzAM+rDtwkyF54kSr1XgHwzrWdNTuyQh3IoJ8cdQzIc0b83nuDf7iC/drgvzYIjpHgeBWJ3ncQRARXgvtFcI1h2dtr6e7W9IBoOrNQhYFYA4wAPlhew+CbOgCedZPmPg88kQJBExk7SLR3pb38ZCa/e4sXi/GSTK66P9e/bll+bWdNA19HzD8a4EgR5orFcqF44FLI5kgDBIctOYGWcAIN4QQHNUnwuHTxB7339rNnxOrl13XuVg/jWhcnaq6b9ALrJr0wT5VfJcc9eyl3afarlfDxVCtlcjXl/OupE6mrI9SBs4H3SjV3UqK5UxNef/i1yNb3Sa8GAB8CU4f+YFRdDKZTT8hvfnxZd8sZwzYDp/gLMHwTQGACwv31JEjoiP+/xD3BcxG8bmXj2s29Nn4Zq3qOX35d59J101fkzN8esnbiC1OAWSFjk2pd1Gr7DmieLvMG3+khxq/wDL3w739i2XWdc4bVCevrEvydph4N8OcKG8s1dybbvWJl3lDtJ1ZoVnKsWtbqoOCMnosBll3XmYO/ndm/RtGrifFZMxI6JZo7g46eJnVioGeBXOqkrcT6/jNWTO58e6+/H1VX4yj1CP5OU49m7cQXGDy17QGBrxoJbHxWwkfEP1c3CgWLCZ8dNxZYvPK9aCMH6d3OGtMFxinoismdOfifhAT79g0E3jbCYBMAKhG4xcfoEGYER8LJIQzd0MpLq7p8h7B3of1moKVrcqfW4xiaegV/zcQ5rJk4Zz1whMLmrNZtteZ3uA9nsblTGZKxLV7lob0CjO2a3Kl71pm6r3vwQ/avmTjnTYGz00uxrJbu1N59/n+70lqy8aOcqxcUiW/smtw5E6CrztR9vwB/zcQ57DK1jfe+Pue/QCfan3lJniaaOz1gT7NDopOnCK4Em7IaDS+iS5Qfd02ef92QG4+o5+GrryRPlmx6fBm7/nsb7319zvwdzhg+FGFUmPAJfYAw4SPi+/Xhhk0dW4ay6OP32aAfR/UB0R5P0J4DfHHQ2L303cnz63rshH4mQ+4a/YhB/jL0+p0gCnCCvXfcwPFTUa7aeDRPbvgjszYsrdTpWwAcvvz6+Vv6w1iZfga8rJ4w+4vA42o5eGGyx473W9XFxfCZAXvSXaLAkzjQ4RWFY/sL8P0O/NUTZuvud41h5YRZZwC/S2b2bH9gL28gHsrQwo4MMG7ZjReAJQptmtgtrN7FpR/K7neNoQXGfgyPKZxerAKGXb7K8O5BYPxunt0Lg3hnc8m9kuYDY7uun7+pv42T6W8/aOWEWaycMIuPwevyNcDP7eSMBrt47OPthAq4jsMRA4exVb0spf8ydI+mxrZQy8HvQbomzGLoXWNYPmHmVxWuDIEHKOAwmBbECCKGk4ccxGB3QBTxB3H8j4FRXde/vKXr+vmag19nsnzCLIbd3c6yC2feDHxToRtgR68JFx94YwweylUjPkerFEB1M8qVXde/eBHB/f1VhAaSfe7p2FeQBQfozq3neAfhOAWaCk00NTXT3NyCNLXwT68/fvBzl097ba+/O5wV33uxX4+HaRTgP3V3B29dMOPNN2X50GO6h/mt38ZEl2NcWp3Cxc9dPu21S+/5Zr8HvuGYH8rUqVfc6zru+EKhiaZCE81NLTS3DFjluk0HGnE+OPGkCxtiHNxGBN8x5hERM96IwTEOxnEwxv39uM9N/KCRxsE0IvjGOAuNMVt8le/gOC6OcZ9tuHGgIUWXGuNsdYyDBPbecZyXcvAbQM6/4B83OkZWi3FwHRfHdTGOuzQHv2FUvzsj8vSdAq5bWJGD3zDgm07HMRingOO67DBghw9y8BvH43/diIPruriOi1tokhz8BvL4HccNVT5OoUAOfqP8cMdd5YPv4LpNFNzmHPxGkTPOvHyN4zg+8wtNNLe05OA3GPspuAUKhSYU2TkHv4Gk4BQ8t9BEU6GZ5qbmQTn4jeTxu4WX3EKBQnMzheaW3XPwG0Se++0DtB97zqjWloG7NhVa7m5pGjCYXBpHXlsQ3wZ/w/plDfX7/w9sJTyL9hMvGQAAAABJRU5ErkJggg== + mediatype: image/png + links: + - name: Documentation + url: >- + https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator/index.html + install: + spec: + deployments: + - name: mongodb-enterprise-operator + spec: + replicas: 1 + selector: + matchLabels: + k8s-app: mongodb-enterprise-operator + template: + metadata: + labels: + k8s-app: mongodb-enterprise-operator + spec: + containers: + - env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_ENV + value: dev + - name: MONGODB_ENTERPRISE_DATABASE_IMAGE + value: >- + quay.io/mongodb/mongodb-enterprise-database:experimental + - name: IMAGE_PULL_POLICY + value: Always + - name: IMAGE_PULL_SECRETS + value: '' + image: 'registry.connect.redhat.com/mongodb/enterprise-operator:0.3.2' + imagePullPolicy: Always + name: mongodb-enterprise-operator + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 50Mi + imagePullSecrets: + - name: '' + nodeSelector: + beta.kubernetes.io/os: linux + serviceAccountName: mongodb-enterprise-operator + permissions: + - rules: + - apiGroups: + - '' + resources: + - configmaps + - secrets + - services + verbs: + - get + - list + - create + - update + - delete + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch + - create + - delete + - apiGroups: + - mongodb.com + resources: + - '*' + verbs: + - '*' + serviceAccountName: mongodb-enterprise-operator + strategy: deployment + maintainers: + - email: support@mongodb.com + name: 'MongoDB, Inc' + description: > + The MongoDB Enterprise Kubernetes Operator enables easy deploys of MongoDB + into Kubernetes clusters, using our management, monitoring and backup + platforms, Ops Manager and Cloud Manager. + + + ## Before You Start + + To start using the operator you'll need an account in MongoDB Cloud Manager. + + * [Create a Secret with your OpsManager API key](https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator/#create-credentials) + + + * [Create a ConfigMap with your OpsManager project ID and URL](https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator/#create-onprem-project) + + + By installing this integration, you will be able to deploy MongoDB instances + with a single simple command. + + ## Required Parameters + + * `project` - Enter the name of the ConfigMap containing project information + + + * `credentials` - Enter the name of the Secret containing your OpsManager credentials + + + ## Supported MongoDB Deployment Types ## + + + * Standalone: An instance of mongod that is running as a single server and + not as part of a replica set, this is, it does not do any kind of + replication. + + + * Replica Set: A replica set in MongoDB is a group of mongod processes that + maintain the same data set. Replica sets provide redundancy and high + availability, and are the basis for all production deployments. This section + introduces replication in MongoDB as well as the components and architecture + of replica sets. The section also provides tutorials for common tasks + related to replica sets. + + + * Sharded Cluster: The set of nodes comprising a sharded MongoDB deployment. + A sharded cluster consists of config servers, shards, and one or more mongos + routing processes. Sharding is a A database architecture that partitions + data by key ranges and distributes the data among two or more database + instances. Sharding enables horizontal scaling. + + packages: |- + - #! package-manifest: ./deploy/chart/catalog_resources/certified-operators/couchbase.1.0.0.clusterserviceversion + packageName: couchbase-enterprise + channels: + - name: preview + currentCSV: couchbase-operator.v1.0.0 + + - #! package-manifest: ./deploy/chart/catalog_resources/certified-operators/dynatrace-monitoring.0.1.0.clusterserviceversion + packageName: dynatrace-monitoring + channels: + - name: preview + currentCSV: dynatrace-monitoring.v0.2.0 + + - #! package-manifest: ./deploy/chart/catalog_resources/certified-operators/mongodb-enterprise.v0.3.2.clusterserviceversion + packageName: mongodb-enterprise + channels: + - name: preview + currentCSV: mongodboperator.v0.3.2 + + diff --git a/roles/olm/files/clusterserviceversion.crd.yaml b/roles/olm/files/clusterserviceversion.crd.yaml index 8c3144666e3..a10cd53cb5a 100644 --- a/roles/olm/files/clusterserviceversion.crd.yaml +++ b/roles/olm/files/clusterserviceversion.crd.yaml @@ -240,7 +240,7 @@ spec: properties: path: type: string - description: A jsonpath indexing into the status object on the CR where the the status value can be found. + description: A jsonpath indexing into the status object on the CR where the status value can be found. displayName: type: string description: A human-readable name for the status entry. @@ -267,7 +267,7 @@ spec: properties: path: type: string - description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + description: A jsonpath indexing into the spec object on the CR where the spec value can be found. displayName: type: string description: A human-readable name for the spec entry. @@ -282,6 +282,33 @@ spec: value: type: object description: If present, the value of this spec is the same for all instances of the CRD and can be found here instead of on the CR. + actionDescriptors: + type: array + items: + type: object + description: A spec for actions that can be performed on instances of the CRD + required: + - path + - displayName + - description + properties: + path: + type: string + description: A jsonpath indexing into the spec object on the CR where the the spec value can be found. + displayName: + type: string + description: A human-readable name for the action. + description: + type: string + description: A description of the action. + x-descriptors: + type: array + description: A list of descriptors for the action that indicate the meaning of the action. + items: + type: string + value: + type: object + description: If present, the value of this action is the same for all instances of the CRD and can be found here instead of on the CR. required: type: array description: What resources this operator is responsible for managing. No two running operators should manage the same resource. @@ -321,7 +348,7 @@ spec: properties: path: type: string - description: A jsonpath indexing into the status object on the CR where the the status value can be found. + description: A jsonpath indexing into the status object on the CR where the status value can be found. displayName: type: string description: A human-readable name for the status entry. diff --git a/roles/olm/files/olm-operator.clusterrole.yaml b/roles/olm/files/olm-operator.clusterrole.yaml new file mode 100644 index 00000000000..cd11bafce23 --- /dev/null +++ b/roles/olm/files/olm-operator.clusterrole.yaml @@ -0,0 +1,10 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:controller:operator-lifecycle-manager +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +- nonResourceURLs: ["*"] + verbs: ["*"] diff --git a/roles/olm/files/olm-operator.rolebinding.yaml b/roles/olm/files/olm-operator.rolebinding.yaml index b1e785ea584..a62d7831a54 100644 --- a/roles/olm/files/olm-operator.rolebinding.yaml +++ b/roles/olm/files/olm-operator.rolebinding.yaml @@ -5,7 +5,7 @@ metadata: roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: cluster-admin + name: system:controller:operator-lifecycle-manager subjects: - kind: ServiceAccount name: olm-operator-serviceaccount diff --git a/roles/olm/files/ocs.catalogsource.yaml b/roles/olm/files/rh-operators.catalogsource.yaml similarity index 67% rename from roles/olm/files/ocs.catalogsource.yaml rename to roles/olm/files/rh-operators.catalogsource.yaml index 850110da20a..edd1a4baa19 100644 --- a/roles/olm/files/ocs.catalogsource.yaml +++ b/roles/olm/files/rh-operators.catalogsource.yaml @@ -1,11 +1,11 @@ apiVersion: operators.coreos.com/v1alpha1 kind: CatalogSource metadata: - name: ocs + name: rh-operators namespace: operator-lifecycle-manager spec: sourceType: internal - configMap: ocs - displayName: Open Cloud Services + configMap: rh-operators + displayName: Red Hat Operators publisher: Red Hat diff --git a/roles/olm/files/ocs.configmap.yaml b/roles/olm/files/rh-operators.configmap.yaml similarity index 78% rename from roles/olm/files/ocs.configmap.yaml rename to roles/olm/files/rh-operators.configmap.yaml index e8d9f206697..bf9a1082537 100644 --- a/roles/olm/files/ocs.configmap.yaml +++ b/roles/olm/files/rh-operators.configmap.yaml @@ -1,9 +1,8 @@ kind: ConfigMap apiVersion: v1 metadata: - name: ocs + name: rh-operators namespace: operator-lifecycle-manager - data: customResourceDefinitions: |- - apiVersion: apiextensions.k8s.io/v1beta1 @@ -2408,177 +2407,2193 @@ data: - apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - name: etcdbackups.etcd.database.coreos.com - spec: - group: etcd.database.coreos.com - version: v1beta2 - scope: Namespaced - names: - kind: EtcdBackup - listKind: EtcdBackupList - plural: etcdbackups - singular: etcdbackup - - - apiVersion: apiextensions.k8s.io/v1beta1 - kind: CustomResourceDefinition - metadata: - name: etcdclusters.etcd.database.coreos.com - spec: - group: etcd.database.coreos.com - version: v1beta2 - scope: Namespaced - names: - plural: etcdclusters - singular: etcdcluster - kind: EtcdCluster - listKind: EtcdClusterList - shortNames: - - etcdclus - - etcd - - - apiVersion: apiextensions.k8s.io/v1beta1 - kind: CustomResourceDefinition - metadata: - name: etcdrestores.etcd.database.coreos.com + name: kafkas.kafka.strimzi.io + labels: + app: strimzi spec: - group: etcd.database.coreos.com - version: v1beta2 + group: kafka.strimzi.io + version: v1alpha1 scope: Namespaced names: - kind: EtcdRestore - listKind: EtcdRestoreList - plural: etcdrestores - singular: etcdrestore - - - apiVersion: apiextensions.k8s.io/v1beta1 - kind: CustomResourceDefinition - metadata: - name: prometheuses.monitoring.coreos.com - spec: - group: monitoring.coreos.com - names: - kind: Prometheus - plural: prometheuses - scope: Namespaced + kind: Kafka + listKind: KafkaList + singular: kafka + plural: kafkas validation: openAPIV3Schema: properties: spec: - description: 'Specification of the desired behavior of the Prometheus cluster. - More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + type: object properties: - additionalAlertManagerConfigs: - description: SecretKeySelector selects a key of a Secret. - properties: - key: - description: The key of the secret to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - optional: - description: Specify whether the Secret or it's key must be defined - type: boolean - required: - - key - additionalScrapeConfigs: - description: SecretKeySelector selects a key of a Secret. + kafka: + type: object properties: - key: - description: The key of the secret to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + replicas: + type: integer + minimum: 1 + image: type: string - optional: - description: Specify whether the Secret or it's key must be defined - type: boolean - required: - - key - affinity: - description: Affinity is a group of affinity scheduling rules. - properties: - nodeAffinity: - description: Node affinity is a group of node affinity scheduling - rules. + storage: + type: object properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes - that satisfy the affinity expressions specified by this field, - but it may choose a node that violates one or more of the - expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets - all of the scheduling requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by iterating through - the elements of this field and adding "weight" to the sum - if the node matches the corresponding matchExpressions; the - node(s) with the highest sum are the most preferred. + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + listeners: + type: object + properties: + plain: + type: object + properties: {} + tls: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + superUsers: + type: array items: - description: An empty preferred scheduling term matches all - objects with implicit weight 0 (i.e. it's a no-op). A null - preferred scheduling term matches no objects (i.e. is also - a no-op). - properties: - preference: - description: A null or empty node selector term matches - no objects. The requirements of them are ANDed. The - TopologySelectorTerm type implements a subset of the - NodeSelectorTerm. + type: string + type: + type: string + config: + type: object + rack: + type: object + properties: + topologyKey: + type: string + example: failure-domain.beta.kubernetes.io/zone + required: + - topologyKey + brokerRackInitImage: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists, DoesNotExist. Gt, and Lt. + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: type: string - values: - description: An array of string values. If the - operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be - empty. If the operator is Gt or Lt, the values - array must have a single element, which will - be interpreted as an integer. This array is - replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: type: array - matchFields: - description: A list of node selector requirements - by node's fields. items: - description: A node selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + - listeners + zookeeper: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + selector: + type: object + size: + type: string + type: + type: string + config: + type: object + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - replicas + - storage + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + entityOperator: + type: object + properties: + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + userOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + required: + - kafka + - zookeeper + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnect + listKind: KafkaConnectList + singular: kafkaconnect + plural: kafkaconnects + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkaconnects2is.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnectS2I + listKind: KafkaConnectS2IList + singular: kafkaconnects2i + plural: kafkaconnects2is + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + metrics: + type: object + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + type: + type: string + required: + - certificateAndKey + bootstrapServers: + type: string + config: + type: object + insecureSourceRepository: + type: boolean + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + required: + - bootstrapServers + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkatopics.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaTopic + listKind: KafkaTopicList + singular: kafkatopic + plural: kafkatopics + shortNames: + - kt + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + partitions: + type: integer + minimum: 1 + replicas: + type: integer + minimum: 1 + maximum: 32767 + config: + type: object + topicName: + type: string + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: kafkausers.kafka.strimzi.io + labels: + app: strimzi + spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaUser + listKind: KafkaUserList + singular: kafkauser + plural: kafkausers + shortNames: + - ku + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + authorization: + type: object + properties: + acls: + type: array + items: + type: object + properties: + host: + type: string + operation: + type: string + enum: + - Read + - Write + - Create + - Delete + - Alter + - Describe + - ClusterAction + - AlterConfigs + - DescribeConfigs + - IdempotentWrite + - All + resource: + type: object + properties: + name: + type: string + patternType: + type: string + enum: + - literal + - prefix + type: + type: string + type: + type: string + enum: + - allow + - deny + required: + - operation + - resource + type: + type: string + required: + - acls + required: + - authentication + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdbackups.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdBackup + listKind: EtcdBackupList + plural: etcdbackups + singular: etcdbackup + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdclusters.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + plural: etcdclusters + singular: etcdcluster + kind: EtcdCluster + listKind: EtcdClusterList + shortNames: + - etcdclus + - etcd + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: etcdrestores.etcd.database.coreos.com + spec: + group: etcd.database.coreos.com + version: v1beta2 + scope: Namespaced + names: + kind: EtcdRestore + listKind: EtcdRestoreList + plural: etcdrestores + singular: etcdrestore + + - apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: prometheuses.monitoring.coreos.com + spec: + group: monitoring.coreos.com + names: + kind: Prometheus + plural: prometheuses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + description: 'Specification of the desired behavior of the Prometheus cluster. + More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + additionalAlertManagerConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + additionalScrapeConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be @@ -5696,10 +7711,445 @@ data: type: array required: - endpoints - - selector - version: v1 - - clusterServiceVersions: |- + - selector + version: v1 + + clusterServiceVersions: |- + - apiVersion: operators.coreos.com/v1alpha1 + kind: ClusterServiceVersion + metadata: + name: amqstreams.v1.0.0.beta + namespace: placeholder + annotations: + alm-examples: '[{"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"Kafka","metadata":{"name":"my-cluster"},"spec":{"kafka":{"replicas":3,"listeners":{"plain":{},"tls":{}},"config":{"offsets.topic.replication.factor":3,"transaction.state.log.replication.factor":3,"transaction.state.log.min.isr":2},"storage":{"type":"ephemeral"}},"zookeeper":{"replicas":3,"storage":{"type":"ephemeral"}},"entityOperator":{"topicOperator":{},"userOperator":{}}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnect","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaConnectS2I","metadata":{"name":"my-connect-cluster"},"spec":{"replicas":1,"bootstrapServers":"my-cluster-kafka-bootstrap:9093","tls":{"trustedCertificates":[{"secretName":"my-cluster-cluster-ca-cert","certificate":"ca.crt"}]}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaTopic","metadata":{"name":"my-topic","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"partitions":10,"replicas":3,"config":{"retention.ms":604800000,"segment.bytes":1073741824}}}, {"apiVersion":"kafka.strimzi.io/v1alpha1","kind":"KafkaUser","metadata":{"name":"my-user","labels":{"strimzi.io/cluster":"my-cluster"}},"spec":{"authentication":{"type":"tls"},"authorization":{"type":"simple","acls":[{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"},{"resource":{"type":"group","name":"my-group","patternType":"literal"},"operation":"Read","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Write","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Create","host":"*"},{"resource":{"type":"topic","name":"my-topic","patternType":"literal"},"operation":"Describe","host":"*"}]}}}]' + spec: + displayName: AMQ Streams + description: | + **Red Hat AMQ Streams** is a massively scalable, distributed, and high performance data streaming platform based on the Apache Kafka project. + AMQ Streams provides an event streaming backbone that allows microservices and other application components to exchange data with extremely high throughput and low latency. + + **The core capabilities include** + * A pub/sub messaging model, similar to a traditional enterprise messaging system, in which application components publish and consume events to/from an ordered stream + * The long term, fault-tolerant storage of events + * The ability for a consumer to replay streams of events + * The ability to partition topics for horizontal scalability + + # Before you start + + 1\. Create AMQ Streams Cluster Roles + ``` + $ oc apply -f http://amq.io/amqstreams/rbac.yaml + ``` + 2\. Create following bindings + ``` + $ oc adm policy add-cluster-role-to-user strimzi-cluster-operator -z strimzi-cluster-operator --namespace + $ oc adm policy add-cluster-role-to-user strimzi-kafka-broker -z strimzi-cluster-operator --namespace + ``` + keywords: ['amq', 'streams', 'messaging', 'kafka', 'streaming'] + version: 1.0.0-Beta + maturity: beta + maintainers: + - name: Red Hat, Inc. + email: customerservice@redhat.com + provider: + name: Red Hat, Inc. + links: + - name: Product Page + url: https://access.redhat.com/products/red-hat-amq-streams + - name: Documentation + url: https://access.redhat.com/documentation/en-us/red_hat_amq_streams/1.0-beta/html-single/using_amq_streams/ + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAQAAAAEACAYAAABccqhmAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAlywAAJcsBGkdkZgAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAACAASURBVHic7d13nBx3ff/x13d29/aK6kmyyjXJlnVqLpJV3ABL2GAnuIANJAZDjGkmIWCn0H4ktCTEgfwI5AeEOPyMSRwTmktiwJIlGVu2ZEkWtnxFXbrbu1M9lWtb55s/7k7tdu+2zMx3y+f5ePDgbnZn5i1Zn8/07yhEQWuvpWLAx+yETb22qFM2FwHVKKYA1RqqFVQD5UAQqByatRyoGPp5AAgP/dwHRIEBBd02dCtFNzbdQLe2OKxs2i0fbZVxDtaFGPDsDyscp0wHEGPbehWBiqNc6oNFGhYDC4E5KOrRTDMc7zDQBhwAmhQ0KYs3Og+wZxXEzUYTY5EGkGd2zyUYi7PEslmpFSvRXAbMA8pMZ8tQFEUrmh0KXlE2m+IT+d2iJqKmg4mzpAEYtnsG02IBVqO4RmlWoljC4K56MQoDr6LYrDQv6QTrF3Rw3HSoUiYNwGPrwT+jniuAW4F3AEsAy2wqY2xgu4K1NqytsHhxzoEz5yKEB6QBeGDPJVwUi3GH1tyhFDdw9uSbOF8fsEErfumL8WRjJ8dMByp20gBcsmMWdX4/tzC4pb8Z8BuOVGgSwCYFP1U2P2sM0WE6UDGSBuCgvRczMRrnvcAfAVcjf79OsTW8hOKRQICfXrqH06YDFQv5B5ojDdaueq614R7gfUCV6UxFLgw8Dfx4fhvPqME9BZElaQBZ2nMJF0XjfEzZfBhFvek8JeqA0jzsi/GDSw9x1HSYQiQNIENNs7nSsrmfwS2+nMzLDxEF/4XNN+aHeN10mEIiDSANGqzWBu5A8yngzabziFGtU5pvN7bztBq8zChGIQ1gFBqsnfXcacOXFSwwnUdkpFnD3y9o4z/kPEFq0gCSGC58DV8FGk3nETnZB/z9oTZ+KM8mjCQN4BwarNZ67tHwRQWXmM4jHKTYpTRfbWzjMTk0OEsawJCmet7qg29ouNJ0FuGqV5Xiz+cfZL3pIPmg5BvAztnMt22+ArzbdBbhqbVa88DCdt4wHcSkkm0Au2cwLV7GV4H7kNt0S1UMzQ9szV8tCtFtOowJJdcANKiWeu5Rim/kwWAaIj90A5+b38a/KtCmw3ippBpAUy1zLYvvATeaziLy0m99io/PO0iL6SBeKYkGsPUqApVHeVDBlynewTaEM2IK/tFXxl9fuoeI6TBuK/oG0FLPVRp+LDfyiAy9Yfl4f+N+XjMdxE1FOxKNBl9zPZ8BXpLiF1lYbCfY0lLPlzT4TIdxS1HuAbTMZjY2P0Lu2xfOeNm2+cCiEHtMB3Fa0e0BNDdwHzY7kOIXzrnGstjWXM8HTAdxWtHsAeyfTXkkwT9rxX2ms4jipeDHvXE+vqyTftNZnFAUDaCplrmWj5+judx0FlEStvvgrnlt7DMdJFcFfwjQUs87LItXpPiFh5YkYHtzA+80HSRXBdsANFgt9fwd8BQw2XQeUXImKM3PWur5si7gPemCDP7adKoCQf5Dwe2mswiB5hd9Ce4pxPMCBdcAmhuYqTRPActMZxHiDMXmuMXtl+3nsOkomSioBtBcx2Kl+G+gwXQWIZLYb8M7FrXRbDpIugrmHEBLHW9Xio1I8Yv8NccHG1sbWG06SLoKogE01/FeFE8DE0xnEWI0GiZpza9a67nLdJZ05H0DaK3n/Urx70DAdBYh0lSm4fHWOu41HWQsed0AWuu4X8OPkBF7ROHxacW/tdbzKdNBRpO3DaC5ns9oxXfJ44xCjEFp+FZzA180HSSVvLwK0FrHV7TK3780ITIV1vxoSTt/ZDrHhfKuATTX8YBS/KPpHEI4pc+GfhuC8JuVndxsOs+58mr3uqWBP5HiF8VkuPgBIvD2TbX83Gyi8+XNHkBLPR8EfkieNSUhsnVu8Z8rqHh0ZQcf9D7RSHlRbC0N3Ak8TJ7kESJXqYofIKL5wNZa/snbRMkZ3wNoqePtQzf5yHV+URT67cEGMJYKi88sD/GQ+4lSM9oAmupZ6IONGiaZzCGEU0bb8l9IgQ5a3LUixC/cTTVqBjOaZjPDstmE3NsvikQmxT9MQSJYxrIVB/idO6lGZ+SYu72WCkvzBFL8okhkU/wwOHx9PMaLv51h5jV1njcADVav4j/QrPR63UK4IdviHxbXVPl9vLbVwHkwzxtAaz1/gyr8sdSEgMHCz6X4h8U1MxO1PJf7kjLjaQNoqedW4DNerlMIt/SlebY/XRGbN71Sw1edW+LYPDsJOPRm3q3ARK/WKYRbct3tT8UCXWWxekmIDc4vfSRPGkB7LRW9FhuBJV6sTwg3uVX8w3wQrlbULujguHtrGeTJIUCvxXeR4hdFwO3iB0hA+UnY5O5aBrneAJobuA/y7zFIITLl1Am/dMQ0c7fU8i9ur8fVQ4Bd9VycgN8B491cjxBu82LLfyELtGWx6toQz7u4DndosBLw/5HiFwXORPED2KCweaoJytxah2sNYGcDn0de0S0KnKniHxaHCb01/NKt5btyCNDcwFKleRkXO5cQbjNd/OeqtHjfshCPOb1cxxvA7rkEY1G2K1jg9LKF8Eq6j/R6xacI63FcdP1OepxcruOHAPEon5fiF4XM6Tv8nJDQlAd6nT8UcHQPoKWGefh4DSh3crmidCl/AFVZ5dn6eqMx+nr7PFtfJhQQgLdf3cmzTi3TsRduaFCtPr6HFP9ZPh/THvgyE+68B6tKLoZkyo5G6T64D6thrmfrnAzEDnVw5Oufo2fDrz1bbzo0YCse1zBFDf6aM8f2AFob+JDW/JtTyysGk+/9U6Z/KS+Gfis4diTM0abXsermGFm/Dg+w55alJE64fjduxip8fH95O/c7sSxHzgHsnsE0rc2ObZaPxt2QV0PAFww7EuZos7niB1DlFZQvutLY+kcTSfDRjXVc4sSyHGkA8TK+BkxxYllFxS/jnGbKjkYGt/y15op/mMrT/342WH7bmfcL5NwAdjWwAPiQA1lEibOjEY6+8ZrRLX+hiGiu2DqD3891OTk3gLjNN5G394ocSfFnLmrxcK7LyKkBtDawWiluyTWEKG2Du/1S/JmKw4wtNTyQyzKybgAaLK35h1xWLsSZ4s+DY/5CFNX8jc5hDzzrGVvruQdYmu38QtjRCEebd2RU/InOdnr37kTrs5fBA8EgVSveBOr8q9p2z2l6XtuCtgdv67MZfL528tKVWJXjHPkzmJaAii2z+Bad/Ek282fVADT4WhWfd+ZWBFGK7GiEY807sGoyezVEZ9PrHKmeMWL6ZbubKZu36Lxpp7dvYm/VyItTeusmpr75xswC57GY4iNN8OAiiGY6b1aHAK31vB/NvGzmFWJ4t19lWPwAWiW/d03HRv7bt+3kN/TbdiLj9eazhKasdxbfzGbejPcANPha4XPZrEyMLXHqBD1NvyMeiVBWNY5xly3Fqqgce0at6dy4gZOhNnzBINMXLGbS/MXuB86Q6Tv8ilVc8dGt8OAyiGUyX8YNYGc9fwg0ZjqfGNuJjeto81WQKJ945omKwLYtzKkqZ9yS1C9S6m0/wLZ1axmYXguTpgOwf387U15+kaXvuxdfWdCL+GPyuviLazs/uoSmzK7jIdozuyqQ0SGABp+GL2QWTaSj59VN7C+fSOKCYo1VjmdPVBPZtzPpfIlImC3Pbxgs/nMpxfGZs3n1sUdcSpwZE7f32iV2jipmc3+mVwQyagCtDdwOzM8olUhLx6meEWexh9mBMg7tbEn62f5fPUlk6siTYsO6p9dzet8uRzJm60zxy6U+VyU0wc01/HUm82TUAJTm05lFEumwe3vonzj6oxSnxk9OOr37xIlR59NKceSN17LOlispfm9p+EQm30+7ATQ1sETDmzKPJMaUYst/Lq2S/6dKdVb8vO8YOustxe+9mKZ6aw3vTvf7aTcAS/Op7CKJsVhV4yjvH32ot/Gnu5NOn1A19mg51XO9P2rzuvjzbAQvo+Kk/4LRtBrA7hlMA96bdSIxppnWKGesbJvpNTVJP7rk5tvw95xMOeuEroNMWeztc+0mtvyldsJvNDFN49ZZ6Z2rS6sBxIJ8HBnqy1WTr72BmpOHRwzRZCXizOk/QdXly5LOVzZ+Aksa5+E/NXIPoepIB0tvfacLaVOT3X7zNJCwSGsoqjEvGWiwWm0+7N2LxEvX9NW3MOnAHk7t3UU0FiPos5i08HICNStGnW/K5Uu54ZJ57F/zDKdOdmNpmFpbR/377wXLk/e/AsPFn9m9/cIdMZvVGnxqjNshxmwALfWsVlDvXDQxmuDsuVw0O/NBMP1V47j0jve4kCg9djTC0ZY3sGpnG8sgzrLBv6WWPybEt0f73pibB6W517lYohglImGOtTZl/GBPVlLtiaa4SpL0qxl8t5AlNJ8c6zuj7gHsvZiJ0Th3OBdJFJtEJMzxnc2omXWerG/arFp8HaHzpvksReXlbx3x3eoFlxFPcg/EpCtK4yn2hOaSrVOZuewYXam+M2oDiMb5AyCNJ1FEKbKjEY61vOHNln9IxYLLqVlweVrfDcyooWZG8qsnpcAGlSjna8B9qb4z1r7QB52NJIpFIhLm2M5mT4tfZC6huXO0z1M2gN011AJXO55IFLxEJMzxXS2oGbVjf1kYFddM3NqQeuSulA0g4eNOXHp9uChcg8XfKsVfQOJx/iLVZykbgIZ3uRNHFKqzxV+6x9WFSMPbUn2WtAHsmMN04DrXEpUKXTz3pybCw7v9JVT88bjpBI6Iaao31yQfwi9pA/AnuAPwuZqqBERTDOJRaBLhMMd3l9Yxv45FCe98w3QM5yg+k2xy0gagNbe7m6Y0HP/u14kd3Gs6Rk5KsfjtgX4OffXPiR89ZDqKY2w7+WvERpzk2z+b8rDNceT6vyNUeQWVV12LNanadJSsxI8dIRI64Mm6Jj76LNbE5AOfZOPkzx7l+CPfyXi++KFOdDyjsTXzngIdn8yEVU30njt9xI1AAzbXKyl+x+jwAH0bnzMdI+/12TAh4dzAJaeeeIxDf/uXkGJo8FKjQY0/xb3AeR1xxCGABTd5lkoIBou/38E6PfXEY3R95UEp/gvENSOeFhvRALQ0AOEhx4v/yf+U4k/BhhEjw5zXAHbOYipwhWeJRElzvPifepyuLz8gxZ9CXDNuSz0XnzvtvAag/ay+cJoQbuh3o/i/9Gkp/jHYcT527u/nnQTUcvOP8IDTW/7Tv/4lh2TLnx7FqnN/tS74MPX7p4RwgOPF/5sn6Po/f4x28ApCMUvo81/rd6YB7J5LED3yJIEQTnGl+L/wCXSR3LLrhThM2Drr7GX+Mw0gHmMpkB9vkRRFx/Hif/ZJKf4sxdXZMQLONABty7P/wh2uFP/n75fiz5KCW4d/PtMAlMVyM3FEMXP6bH/Pmqek+HOkFVcN/3z2KoDmMiNpRNFyesvfs/ZpOj/3cSn+HCVsZg7/bAFsvYoAJH9eWIhsuFL8n/2YFL8DbKhogjIYagAVR5nH0AQhcuV88f83nZ+VLb9TNBCZxZthqAH4YJHRRKJoOF78z/3P0Ja/uB7PNc1WrIahBqClAQgHuFL8n/moFL8L4rAMzp4EXGgwyxmBmgamfOqLBOctRvnHfG1hehIJEr2nnVlWnosdPczAxGrwBzxbp338CJGnH+fkmqdzLn5tn72br3fdM1L8LtJD5/yGq8z461ytikrqf7KeQJ3xKAUp3Laf3mk1+Kuner7usutv4tTA++G3z+a0nJO/+HemfviBwTv8vvhJKX4X2ZpqGBoSrKWeo4D3/3LOUXn1DdT/ZL3JCAUr3LafUwNhLAPFP+zUMz+n6/P3G1u/yIwFies78VtD9wUbLX4A38RJpiMUpEhHG6cGBowWP4Bv3Hij6xeZscG3aS4TrPFl1JsOI7IT6WjjZG8vVvU001FEAfKFWWrZCeTtjgVIil/kSimWWijZAyg0UvzCCVqz0FKai0wHEemT4hdOsTUz/dqimuJ5hV1Ry6b47eNHSJzsPjvBsgjUzobAyDu/dW8P8cMd503zT69ByQm+oqSh2s/Q9UCR37Ip/sTRQ7y+/yC27/ybqmbsXUPNjSPfFNX66lb6qyacN62iaxsLr78hq8wiv2mYZIE0gHyX7W6/ffrkiOIHiFjJ7xQMV47c0g9UjC+qtxyL84y3gCmmU+TEtol1hYgd6cp41oGjhzmxu4Vob48LwZwRbtsnx/zCFTZU+QHn3sbosRMvP0+HVUY0MDiUYXD3bmpUgknXrhp9vl0t7Nj0Ev0XDb3rfvc+Jh3t5Iqb30HF9JmjzuulcNs+TvUPYE2R87TCBZpyiwJ9EejhF9ayPzj+TPEDRCrGsa98IsfWPZNyvpN7drKlZefZ4gewfJycXsdL69YS7j7mZuy0SfELt2mFz6IABwKJHNxLZ1XqUxft46cST3FIsOPF57GD5Uk/i02eRuszTzqSMRdS/MITGlWQDeDUvt2jXrnUPj89O5tGTI+e7KZ/et2oy+72mR0Z3WTxy6m+0qLBKsgGkEjjLTCxgf4R0yInutFKjb7s8oqsc+VKtvzCY4W5BxAsT74Lf953KqtGTKusqUNFI6POV9ZzIutcuZDiF15TDA4JVnANYOKiK/GNMlhE4PQJxi9ZMWK6ryzI1O5Doy57ZuXYzcVpUvzCBHtoD6Dg+CZPYQ4xVGLkKLG+yABzxldiVSW/fXXx7XdRfqQj6WeTQnuZ9667Hc06Fil+YZIfiALeb/ZyNGHF9SzY1cyRPTvpq5yATsQZ13+a6YuvIDgn9SsOgpOncN0dd7Hr6Z9xNAGJsnICfT3MmjyBuR+6f+i0iDek+IVJFuiCbQAA5fMWUj8v8/FMAxMmsuh997mQKH2RjjZjxS8v0hYweNXHYrABCA9FOto42dNjbMsvl/vEkDN7AMIjXha/f0YtE9teYqB83JlpWttMspK3gOoThzk97vw7wyf0nYAxLp2KwqTAlgbgIa+3/KpqHHNXvS3t78++aeQjwqJ4WQrbAvpMBykFpnf7hbiQ1iQsBd1jf1XkQopf5COlCFu2NABXSfGLfKUUfRaa46aDFCspfpHnTsshgEsiHW2cPC3FL/KXBSf9gJmnXy4QP3rYdATHhNv2caqvH2vqdNNRPBM/3Gk6gsjcCUtbHDGdAiD8+hYGtm8yHSNnpVj8id7TnHjsX03HEBlS0OVXNm3kwX0eOh6n/Q/fyqS7P0rZJfMzvvlk3E234Z82w8E8Mbr/9R8znEnT130Myr0fZS2mIW7gFr/4scP0PPc/xA4lf8BK5C+taVatc2jUCVpNh8lV2cWN1D++Dv/0WY4sz+7vY9eCcWN/MQ/02dBvm04hCk25xQ1WVYw2iuD28Oi+nbT9weqSOxaV4hfZ6pvINqsuxACK/BgKN0el1gSk+EW2FCRWNdE7+PC75qDhPI4plSYgxS9y4YN+GHwcGA37zMZxVrE3gX4pfpEjyxrc67cAFLSYjeO8Ym0Cffbg/4TIhYLdcLYBvGE2jjuKrQnIbr9wiqXZCkMNwFKMfItGkSiWJiDFLxylWANDDaDjILuB0QfML2CF3gSk+IXTVIiNMNQAVkEc2GU0kcsKtQlI8Qun+RX9yyAGQw1gyOuG8nim0JqAnO0XblBwpgCscya+YiaOtwqlCcjZfuEWv2LL8M9nG4BN4T+Kl6Z8bwKy2y9cpXhq+MczDaBnOtuBASOBDMjXJiDFL9zW284Twz+faQDLthEDthtJZEi+NQEpfuE2v+LkKggP/37+i/BU6RwGDMuXJiDFL7xgcf6j//5zf1Galwv+ueAsRPftpO3uGwfHE3BwUBGASe+9jwnvugerKvXYAjZgl+Jf/Fi05ljLDnwz67xbpW0T6zjIsR98k+jenZ6t1ys+WHfu7+cNu9NSwxR8HOHCPYMSUTZ3wZkmEGl5nf03X5HT8ia+6x5m/t9HHUpXYrQmtO5XBC9fbmT18eNH2X/HtSR6ThlZv1vGBZm9dP/Zp3/PK/QFHRwHXvU8VZ6I7mnh4G0rOfS5j9H+gZtzXt74W+50IFUJ0pqOdb82VvwA/inTqLjqGmPrd4MPes4tfki+pV/jUZ68FOts4+RjPyB+pCvnZanKKgcSlRit6Vj3K8ouX2Y6yaiHbYXIr0Zu3Ec0AKVKuwEIg84Uv7ktfzFT8JMLp41oAIlxbEReGCq8NrTbL8XvDgXamsGPLpw+ogEsaiIKbPAilBDAOcVvfre/WAUUh5ZtGxwG7FxJz/ZrxS/djyQEg8W/XorfbZbi6WTT/ckmqjhP4OP7qT4XwhFa07HhWcouS7/4dSRMOHTgvGm+iirKZiW5V0Brwvt3o/XZO6wsn59gwyUZv3im0CmLv082PWmBL+jgeEs9LwCrXE0lSpfWdDy/hrLFSzOaLfTCcxyZfMHNWid6WRyNEpx9yXmTu19az/7yiSOWcXHXb5l8zVsyjlyoAopjy9uSD/yb+oYfxS9cS1QiEnJ3X3Ja07H+N5QtWpLxrFGdZMutFPHe0yMmx6LRpMuIRcJJpxcrBb9O9VnKBmAl+CWDd6mKLPTZ2f/lRQ510tP8OtEM35gc6+vl8PYtHHvjNexono7wpjWd639D2WVXmU5SMvxBHkr5WaoPGkN0NNfzkoLr3YlVvLIdyadv707a9++jv3rozcIH2xn3ykvUX7GU8tqGlPPZsSjbHnuE7snT0WVBAFRzM3U+zcI7787mj+Cazg3PEpDi94xfcWLZPnak+nz0e/7VyOuGYnTZjuQzcGAvu492ny1+AMuid2YDu3bvIXY89VvcNz76Q45Prz9T/AB6wmTaqqrZ8ZMfZx7GJZ3rf0Mgw2N+kRu/4qejfT5qA9D9PA70OpqoiOXySG/7rlbscwr4XPGJk+nY9GLSzw5uWENfzeyUy+0oH09/hocSbpDi954FOhbji2N8J7VFR+lVyD0B6cil+O3wAH1TRn8M+XTlhKTTO/ftGX3hwXI6trycXTCHdG54VorfAL9i93WHSb3rSDqP/SoecSpQscp1MA87EkGPcV3aLq9MOj3O2Nezo2FzZ707NzxLIIuz/SJ3Ps23x/rOmA2g8SDrKbKXhzrJiZF8/BMn4YuNftY+cPpE0umVwbIxlz9hurODnKSrc8MaKX5DfIrYsk6+N9b3xmwACrTS/NCZWMXFyXH7p/SNPvDEtIrk5wcufdMqiCW/3g3gP36E2qvflFO2bHQ+v4bAois9X68Y5IO1Ko0r0WmN/KMS/AslNGJwOpwet3/W9asYd+Jo0s8mH+3gojffmPSzCfVzmOPTkIiP+Ez1nuaKK69E+XzOBU1D5/NrCCyU4jfJVvxpOt9LqwE0dnJMaR7LLVLxcGMAT6ssyLxVN1EX6WHcyWOU9/cw/lgXs+MDzHn7raPO2/h7t7N0dj3jD7fjP3GMwLHDVB/t4Pq3vIVpiy53NugYun67VorfsCA0XRtijLPDg9J+2MeGbyn4EKRx1qmIuTp6r2Ux7Zq3MC2LWS9adDkXeVzsF+p6YR3+BbmNoyhyZ/n4QtrfTfeLC9t5gxIfJ0CG7k6t68X1+OdfZi5AJk/3FfGTgAHFseXtPJnu9zN63Fdp/kmr0nxCUF7UmVrXxg34Gxd7sq7JleWEe06COrvtCsTClC9bOeK746bPpPLwUWzr7DkQlYgzvq7Wk6wm+BTfyeT7GTWAxnaeaq1nB2Cw1XtPtvypdb2wztMtf/V1q6lO87tVC69gwUJX4+QVnyK8PMTfZDJPRuP/K9Ba87eZxSpsUvypdb3obfGL0fkV31GQyGSejF8AsqCd/wLeyHS+QiTFn1rXi+vwN0rx5wtLEVkR4vMZz5fpDApspfh6pvMVGin+1KT480/A4rsKRt4MMoasXgHWeJDHgeJ7cdoQKf7Uul5cL8WfZ3yKyIp2/jKbebNqAAoSCr6Wzbz5Ts72p+bl2X6RvoDi+9ls/SGHl4A2tvEYsDXb+fOR07f3Ro8ccm5hhh3a/CL+eYtMx/BU/FCH6Qhj8kPv8hAPZjt/1g1AgY3Nn2c7f75xY7e/85H/hx7lQZ1C0fXy8/gubjQdw1N9r7xA//bNpmOMKQCfTeehn1RyviWqpZ4ngdtyXY5Jbh7zV81fzNRb30PZ1OljfzkPhY8eou/4MU/WNfUjD2I5+ELVeFeI07/ObDwbnUgQ2dtKz5qn0fGYY1ncELAIXRMiyQsR0pdzA2idQ6NOsAMI5LosE+SEX/64dF0zvuqpjiwr1hWi7SPvJBY6OPaXC1QF3LS8k7W5LCPrQ4Bh8/ezE80Pcl2OCVL8xakUir8MtuVa/OBAAwCwNX8Fo489lm+k+ItTKRS/BbYu4y6HlpW7RSG6NfyFE8vyghR/cSqF4gcos/jONQc44MSyHGkAAAvbeBRy3yVxmxR/cSqV4g8ojq0I8WmnludYAwDQNp8A8vbFa1L8xalUih+gXPFuJ5fnaANYGGI38HdOLtMpUvzFqcSK/1dLQs4OyuNoAwCwx/N18uxpQbm9tziVUvH7YMCa4cyJv3M53gAWNRG14Q/Ik0MBp2/vFfmhlIpfAWUW9yzbRr/Ty3a8AQAsaqNJw1+7sexMyG5/cSql4gcos3hieYifu7FsVxoAwII2voE2N4ioFH9xKrXi9ytOrgg5v+s/zLUGoMD229wDJH+nlYuk+ItTqRW/BdqCWzId5ivDdbjn0g5CGueuWaZDTvgVp1IrfoAA/PPVHWxycx2uNgAYvEFIwcNurwfkhF+xKsXiL1PsWNmZ3uu9cuF6AwAIWnwS2ObmOmS3vziVYvH7FX3xcVznxbo8aQBzDhDWPu4EXHmwXIq/OJVi8SvQQZtbrt9Jjxfr86QBACzcz0ENd+PwCQ0p/uIU7wrRdt/tJVX8ABWKv7qqixe8Wp9nDQBgYRtrILM3l4xGTvgVl/CuJgBine0cvO92Yp3thhN5q1zx3LIObwfb9fwtiRpUax3/juLuXJYjW/7iY1VUUrnsOgZe30rilOdXj40KKNqv7mCOm5f8kjHyXdGzvgAABdxJREFUmtT9sykP26wDrslmfil+UUx8it7xPuovb/P+nhlPDwGGzTlA2IpzG7An03ml+EUxsSBebrPCRPEPrd+Mxk6OWRa3ksGdglL8opgohQ7Y3HFVFy2mMhhrAACNB2hViruAMQfPlxN+otgEFZ9eeYj/MZnBaAMAmH+QdVrzXkZ5tZHc4SeKTdDioRUhvm06h5GTgMm01vN+DT/igqYku/2i2JQrfrCig4+ZzgF51AAAWhv4kNY8zFAuKX5RbMotHlsR4n2mcwzLqwYA0FrPpzR8S4pfFJug4pmVHfy+6RznyrsGALC9jkd6EnzQdA4hnFKmWHd1B281neNCedkAAF6p4cmwLuyXjgoBELT4zcoQN5vOkYzxqwCprOjg9qDFf5rOIUQuyhSP52vxQx43AICVIe4uh++aziFENsotHr66gz80nWM0ed0AAFZ08sdBi4dM5xAiExV+/mFFiI+YzjGWvD0HcKHNNTwQ03zTLqDMovQo0AHFg1d38C3TWdJRUMW0ZQa3RH08mdAETGcR4kI+RaxMccfyEM+YzpKugmoAAC/PZIG22BzXjDedRYhhfugJalaafLAnGwXXAAC2XszEWITXYpoG01mECChCExRXLArRbTpLpgqyAQBo8G2exfoovMl0FlG6yhXPLe/gbQoK8r7VvL8KkIqCxNWdvLnCxxcUaNN5RGmxQFcovrCigxsLtfihgPcAzrWphqttWBvXVJnOIoqfX9EftLnZy9F73VIUDQCGzgtEeTFms9h0FlG8Aha7A2UsX7aPU6azOKFoGsCwLbX8S1jzEa2L788mzLFAB+CfvXhdl5eKskhebeCacJxn4ppJprOIwudXnKrQ/N6STl4yncVpRdkAADRYr8ziZ1F4p5whFNlQQFDxq+Ud3KZGGbKukBXsVYCxKLBXdvKuCsV7fIqw6TyisPhgoMzHO1d08HvFWvxQxA1g2LIOfqoU1eWKp01nEYUhqHhej2f6ynaeMJ3FbUV7CJDM9lpuCGt+GtNMNZ1F5B8/HA8q3nNVB+tMZ/FKSTWAYVtq+XrE5i/sEtgDEmOzwA5aPLw8lB8j9XqpJBsAwMY6LvHb/DyiucJ0FmFO0GKbr4x3LdtHm+ksJpRsAxi2ZRY3xRU/jGlqTWcR3gnA4TLF3aW0u59MyTeAYZtm8Qlb8ZDcTlzc/Io+n+ZzKzv5juks+UAawDk0+LbM4tsxxYcTmjLTeYRzfIpIQPH95SEeLOSHd5wmDSAJDf6ttXwtqvlUQlNuOo/InqWIBBU/qgzxyUVpvIS21EgDGIUG35YavhSHB+OaStN5RPr8inBA8agK8SfLIGY6T76SBpAGDb7NNXxJwydimmrTeURqAcVxn+Lby0N8TXb1xyYNIENbZ/G2uOKhqFw+zBsKCFjs8yv+bFkJ3L3nJGkAWdpcwzwU34nZrLbBbzpPKbIUMT+sTVh88rp29prOU4ikAeRIg7W1lnsTmj+La+bLewvcF4CDfovvLgvxDdnNz438Y3XQ1qnMTJTztYTmzrhmouk8xcSvOOFX/DQW44vXHeaI6TzFQhqASzbXMM9S/Fnc5vYYTDedpxD54bQPnisr4ytLDvA703mKkTQAD2yq5VIFn7Vtfj8BF8lhQnIWaL/ikKX4b+3j71YeZL/pTMVO/iF6bDcET9TybjR3x2FlvMQvK/oU/X543VL8MlLF967fSY/pTKVEGoBhmxuYQ4yPoVid0DTGYYLpTG4KKE4paPXBc7qc76/YS7vpTKVMGkCeeamWCgvuVJrbtOKqhGamrakoxHEN/Yp+BZ0+2KosnprUzi8uhYjpXOIsaQAFoAnKIrN4cwxu1IqlGubZmmoNlTb4TGZTkPBBv1IctzS7lGKbD9bqDl6QW3DznzSAAvdiI+MrelmuLa5MaBagmQVUa5ikYbwNVWjKUYONQmt8eui/+/D/K4Ue+kUrRYLBDxNKMaCgX8Fp4JRSHFfQqTUtlmJ770S2rmqi19AfXTjgfwFVFcHePttw0QAAAABJRU5ErkJggg== + mediatype: image/png + install: + strategy: deployment + spec: + permissions: + - serviceAccountName: strimzi-cluster-operator + rules: + - apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - rolebindings + verbs: + - get + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - kafka.strimzi.io + resources: + - kafkas + - kafkaconnects + - kafkaconnects2is + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch + - delete + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - deployments + - deployments/scale + - replicasets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps + resources: + - deployments + - deployments/scale + - deployments/status + - statefulsets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - extensions + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + - deploymentconfigs/scale + - deploymentconfigs/status + - deploymentconfigs/finalizers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - build.openshift.io + resources: + - buildconfigs + - builds + verbs: + - create + - delete + - get + - list + - patch + - watch + - update + - apiGroups: + - image.openshift.io + resources: + - imagestreams + - imagestreams/status + verbs: + - create + - delete + - get + - list + - watch + - patch + - update + - apiGroups: + - "" + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - apiGroups: + - kafka.strimzi.io + resources: + - kafkatopics + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - kafka.strimzi.io + resources: + - kafkausers + verbs: + - get + - list + - watch + - create + - patch + - update + - delete + deployments: + - name: strimzi-cluster-operator + spec: + replicas: 1 + selector: + matchLabels: + name: strimzi-cluster-operator-alm-owned + template: + metadata: + name: strimzi-cluster-operator-alm-owned + labels: + name: strimzi-cluster-operator-alm-owned + spec: + serviceAccountName: strimzi-cluster-operator + containers: + - name: cluster-operator + image: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-clusteroperator-openshift:1.0.0-beta + env: + - name: STRIMZI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: STRIMZI_FULL_RECONCILIATION_INTERVAL_MS + value: "120000" + - name: STRIMZI_OPERATION_TIMEOUT_MS + value: "300000" + - name: STRIMZI_DEFAULT_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeper-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafka-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnect-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_CONNECT_S2I_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkaconnects2i-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TOPIC_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-topicoperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_USER_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-useroperator-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_KAFKA_INIT_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkainit-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ZOOKEEPER_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-zookeeperstunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_KAFKA_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-kafkastunnel-openshift:1.0.0-beta + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ENTITY_OPERATOR_IMAGE + value: registry.access.redhat.com/amqstreams-1-tech-preview/amqstreams10-entityoperatorstunnel-openshift:1.0.0-beta + - name: STRIMZI_LOG_LEVEL + value: INFO + customresourcedefinitions: + owned: + - name: kafkas.kafka.strimzi.io + version: v1alpha1 + kind: Kafka + displayName: Kafka + description: Represents a Kafka cluster + specDescriptors: + - description: The desired number of Kafka brokers. + displayName: Kafka Brokers + path: kafka.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Kafka brokers + displayName: Kafka storage + path: kafka.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Kafka Resource Requirements + path: kafka.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - description: The desired number of Zookeeper nodes. + displayName: Zookeeper Nodes + path: zookeeper.replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The type of storage used by Zookeeper nodes + displayName: Zookeeper storage + path: zookeeper.storage.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Zookeeper Resource Requirements + path: zookeeper.resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnect + displayName: Kafka Connect + description: Represents a Kafka Connect cluster + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkaconnects2is.kafka.strimzi.io + version: v1alpha1 + kind: KafkaConnectS2I + displayName: Kafka Connect S2I + description: Represents a Kafka Connect cluster with Source 2 Image support + specDescriptors: + - description: The desired number of Kafka Connect nodes. + displayName: Connect nodes + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - description: The address of the bootstrap server + displayName: Bootstrap server + path: bootstrapServers + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: Resource Requirements + path: resources + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - name: kafkatopics.kafka.strimzi.io + version: v1alpha1 + kind: KafkaTopic + displayName: Kafka Topic + description: Represents a topic inside a Kafka cluster + specDescriptors: + - description: The number of partitions + displayName: Partitions + path: partitions + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: The number of replicas + displayName: Replication factor + path: replicas + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - name: kafkausers.kafka.strimzi.io + version: v1alpha1 + kind: KafkaUser + displayName: Kafka User + description: Represents a user inside a Kafka cluster + specDescriptors: + - description: Authentication type + displayName: Authentication type + path: authentication.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' + - description: Authorization type + displayName: Authorization type + path: authorization.type + x-descriptors: + - 'urn:alm:descriptor:com.tectonic.ui:label' - #! validate-crd: ./deploy/chart/templates/03-clusterserviceversion.crd.yaml #! parse-kind: ClusterServiceVersion apiVersion: operators.coreos.com/v1alpha1 @@ -6958,57 +9408,50 @@ data: name: prometheusoperator.0.22.2 namespace: placeholder annotations: - tectonic-visibility: ocs - alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v2.3.2","serviceAccountName":"prometheus-k8s","securityContext": {}, "serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"resources":{"requests":{"memory":"400Mi"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus","prometheus":"k8s"}},"namespaceSelector":{"matchNames":["monitoring"]},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3}}]' + alm-examples: '[{"apiVersion":"monitoring.coreos.com/v1","kind":"Prometheus","metadata":{"name":"example","labels":{"prometheus":"k8s"}},"spec":{"replicas":2,"version":"v2.3.2","serviceAccountName":"prometheus-k8s","securityContext": {}, "serviceMonitorSelector":{"matchExpressions":[{"key":"k8s-app","operator":"Exists"}]},"ruleSelector":{"matchLabels":{"role":"prometheus-rulefiles","prometheus":"k8s"}},"alerting":{"alertmanagers":[{"namespace":"monitoring","name":"alertmanager-main","port":"web"}]}}},{"apiVersion":"monitoring.coreos.com/v1","kind":"ServiceMonitor","metadata":{"name":"example","labels":{"k8s-app":"prometheus"}},"spec":{"selector":{"matchLabels":{"k8s-app":"prometheus"}},"endpoints":[{"port":"web","interval":"30s"}]}},{"apiVersion":"monitoring.coreos.com/v1","kind":"Alertmanager","metadata":{"name":"alertmanager-main"},"spec":{"replicas":3, "securityContext": {}}}]' spec: replaces: prometheusoperator.0.15.0 - displayName: Prometheus + displayName: Prometheus Operator description: | - An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. - - _The Prometheus Open Cloud Service is Public Alpha. The goal before Beta is for additional user testing and minor bug fixes._ + The Prometheus Operator for Kubernetes provides easy monitoring definitions for Kubernetes services and deployment and management of Prometheus instances. - ### Monitoring applications + Once installed, the Prometheus Operator provides the following features: - Prometheus scrapes your application metrics based on targets maintained in a ServiceMonitor object. When alerts need to be sent, they are processsed by an AlertManager. + * **Create/Destroy**: Easily launch a Prometheus instance for your Kubernetes namespace, a specific application or team easily using the Operator. - [Read the complete guide to monitoring applications with the Prometheus Open Cloud Service](https://coreos.com/tectonic/docs/latest/alm/prometheus-ocs.html) + * **Simple Configuration**: Configure the fundamentals of Prometheus like versions, persistence, retention policies, and replicas from a native Kubernetes resource. - ### Supported Features + * **Target Services via Labels**: Automatically generate monitoring target configurations based on familiar Kubernetes label queries; no need to learn a Prometheus specific configuration language. + ### Other Supported Features **High availability** - Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. - **Updates via automated operations** - New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. - **Handles the dynamic nature of containers** - Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment. keywords: ['prometheus', 'monitoring', 'tsdb', 'alerting'] maintainers: - - name: CoreOS, Inc - email: support@coreos.com + - name: Red Hat + email: openshift-operators@redhat.com provider: - name: CoreOS, Inc + name: Red Hat links: - name: Prometheus url: https://www.prometheus.io/ - name: Documentation url: https://coreos.com/operators/prometheus/docs/latest/ - - name: Prometheus Operator Source Code + - name: Prometheus Operator url: https://github.com/coreos/prometheus-operator labels: @@ -7144,7 +9587,7 @@ data: readOnlyRootFilesystem: true nodeSelector: beta.kubernetes.io/os: linux - maturity: alpha + maturity: beta version: 0.22.2 customresourcedefinitions: owned: @@ -7154,36 +9597,36 @@ data: displayName: Prometheus description: A running Prometheus instance resources: - - kind: StatefulSet - version: v1beta2 - - kind: Pod - version: v1 + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 specDescriptors: - description: Desired number of Pods for the cluster displayName: Size path: replicas x-descriptors: - - 'urn:alm:descriptor:com.tectonic.ui:podCount' + - 'urn:alm:descriptor:com.tectonic.ui:podCount' - description: A selector for the ConfigMaps from which to load rule files displayName: Rule Config Map Selector path: ruleSelector x-descriptors: - - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' + - 'urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap' - description: ServiceMonitors to be selected for target discovery displayName: Service Monitor Selector path: serviceMonitorSelector x-descriptors: - - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' + - 'urn:alm:descriptor:com.tectonic.ui:selector:monitoring.coreos.com:v1:ServiceMonitor' - description: The ServiceAccount to use to run the Prometheus pods displayName: Service Account path: serviceAccountName x-descriptors: - - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' + - 'urn:alm:descriptor:io.kubernetes:ServiceAccount' - description: Limits describes the minimum/maximum amount of compute resources required/allowed displayName: Resource Requirements path: resources x-descriptors: - - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' - name: prometheusrules.monitoring.coreos.com version: v1 kind: PrometheusRule @@ -7195,34 +9638,29 @@ data: displayName: Service Monitor description: Configures prometheus to monitor a particular k8s service resources: - - kind: Pod - version: v1 + - kind: Pod + version: v1 specDescriptors: - - description: Selector to select which namespaces the Endpoints objects are discovered from - displayName: Monitoring Namespaces - path: namespaceSelector - x-descriptors: - - 'urn:alm:descriptor:com.tectonic.ui:namespaceSelector' - description: The label to use to retrieve the job name from displayName: Job Label path: jobLabel x-descriptors: - - 'urn:alm:descriptor:com.tectonic.ui:label' + - 'urn:alm:descriptor:com.tectonic.ui:label' - description: A list of endpoints allowed as part of this ServiceMonitor displayName: Endpoints path: endpoints x-descriptors: - - 'urn:alm:descriptor:com.tectonic.ui:endpointList' + - 'urn:alm:descriptor:com.tectonic.ui:endpointList' - name: alertmanagers.monitoring.coreos.com version: v1 kind: Alertmanager - displayName: Alert Manager - description: Configures an Alert Manager for the namespace + displayName: Alertmanager + description: Configures an Alertmanager for the namespace resources: - - kind: StatefulSet - version: v1beta2 - - kind: Pod - version: v1 + - kind: StatefulSet + version: v1beta2 + - kind: Pod + version: v1 specDescriptors: - description: Desired number of Pods for the cluster displayName: Size @@ -7233,19 +9671,25 @@ data: displayName: Resource Requirements path: resources x-descriptors: - - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' + - 'urn:alm:descriptor:com.tectonic.ui:resourceRequirements' packages: |- - - #! package-manifest: ./deploy/chart/catalog_resources/ocs/etcdoperator.v0.9.2.clusterserviceversion.yaml + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/amq-streams.v1.0.0-clusterserviceversion + packageName: amq-streams + channels: + - name: preview + currentCSV: amqstreams.v1.0.0.beta + + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/etcdoperator.v0.9.2.clusterserviceversion.yaml packageName: etcd channels: - name: alpha currentCSV: etcdoperator.v0.9.2 - - #! package-manifest: ./deploy/chart/catalog_resources/ocs/prometheusoperator.0.22.2.clusterserviceversion.yaml + - #! package-manifest: ./deploy/chart/catalog_resources/rh-operators/prometheusoperator.0.22.2.clusterserviceversion.yaml packageName: prometheus channels: - - name: alpha + - name: preview currentCSV: prometheusoperator.0.22.2 diff --git a/roles/olm/meta/main.yaml b/roles/olm/meta/main.yaml index 9a3c4783f5a..05b671c3b1a 100644 --- a/roles/olm/meta/main.yaml +++ b/roles/olm/meta/main.yaml @@ -14,3 +14,4 @@ galaxy_info: dependencies: - role: lib_utils - role: lib_openshift +- role: openshift_facts diff --git a/roles/olm/tasks/install.yaml b/roles/olm/tasks/install.yaml index b4df4de4e62..17926129d9c 100644 --- a/roles/olm/tasks/install.yaml +++ b/roles/olm/tasks/install.yaml @@ -23,14 +23,14 @@ src: olm-operator.deployment.j2 dest: "{{ mktemp.stdout }}/olm-operator.deployment.yaml" vars: - namespace: "{{ openshift_cluster_monitoring_operator_namespace }}" + namespace: operator-lifecycle-manager - name: Set catalog-operator template template: src: catalog-operator.deployment.j2 dest: "{{ mktemp.stdout }}/catalog-operator.deployment.yaml" vars: - namespace: "{{ openshift_cluster_monitoring_operator_namespace }}" + namespace: operator-lifecycle-manager - name: Apply olm-operator-serviceaccount ServiceAccount manifest oc_obj: @@ -41,6 +41,15 @@ files: - "{{ mktemp.stdout }}/olm-operator.serviceaccount.yaml" +- name: Apply operator-lifecycle-manager ClusterRole manifest + oc_obj: + state: present + kind: ClusterRole + name: system:controller:operator-lifecycle-manager + namespace: operator-lifecycle-manager + files: + - "{{ mktemp.stdout }}/olm-operator.clusterrole.yaml" + - name: Apply olm-operator-binding-operator-lifecycle-manager ClusterRoleBinding manifest oc_obj: state: present @@ -86,23 +95,41 @@ files: - "{{ mktemp.stdout }}/subscription.crd.yaml" -- name: Apply ocs ConfigMap manifest +- name: Apply rh-operators ConfigMap manifest + oc_obj: + state: present + kind: ConfigMap + name: rh-operators + namespace: operator-lifecycle-manager + files: + - "{{ mktemp.stdout }}/rh-operators.configmap.yaml" + +- name: Apply rh-operators CatalogSource manifest + oc_obj: + state: present + kind: CatalogSource + name: rh-operators + namespace: operator-lifecycle-manager + files: + - "{{ mktemp.stdout }}/rh-operators.catalogsource.yaml" + +- name: Apply certified-operators ConfigMap manifest oc_obj: state: present kind: ConfigMap - name: ocs + name: certified-operators namespace: operator-lifecycle-manager files: - - "{{ mktemp.stdout }}/ocs.configmap.yaml" + - "{{ mktemp.stdout }}/certified-operators.configmap.yaml" -- name: Apply ocs CatalogSource manifest +- name: Apply certified-operators CatalogSource manifest oc_obj: state: present kind: CatalogSource - name: ocs + name: certified-operators namespace: operator-lifecycle-manager files: - - "{{ mktemp.stdout }}/ocs.catalogsource.yaml" + - "{{ mktemp.stdout }}/certified-operators.catalogsource.yaml" - name: Apply olm-operator Deployment manifest oc_obj: diff --git a/roles/olm/tasks/main.yaml b/roles/olm/tasks/main.yaml new file mode 100644 index 00000000000..92e094fe461 --- /dev/null +++ b/roles/olm/tasks/main.yaml @@ -0,0 +1,8 @@ +--- +# do any asserts here + +- include_tasks: install.yaml + when: operator_lifecycle_manager_install | bool + +- include_tasks: remove.yaml + when: operator_lifecycle_manager_remove | bool diff --git a/roles/olm/templates/catalog-operator.deployment.j2 b/roles/olm/templates/catalog-operator.deployment.j2 index 32c48f9a2a6..975f4c12fea 100644 --- a/roles/olm/templates/catalog-operator.deployment.j2 +++ b/roles/olm/templates/catalog-operator.deployment.j2 @@ -1,5 +1,3 @@ -##--- -# Source: olm/templates/13-catalog-operator.deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: @@ -39,5 +37,4 @@ spec: httpGet: path: /healthz port: 8080 - imagePullSecrets: - - name: coreos-pull-secret + diff --git a/roles/olm/templates/olm-operator.deployment.j2 b/roles/olm/templates/olm-operator.deployment.j2 index 503eeb397b3..cb6355a6c3f 100644 --- a/roles/olm/templates/olm-operator.deployment.j2 +++ b/roles/olm/templates/olm-operator.deployment.j2 @@ -1,27 +1,25 @@ -##--- -# Source: olm/templates/12-alm-operator.deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: - name: alm-operator + name: olm-operator namespace: operator-lifecycle-manager labels: - app: alm-operator + app: olm-operator spec: strategy: type: RollingUpdate replicas: 1 selector: matchLabels: - app: alm-operator + app: olm-operator template: metadata: labels: - app: alm-operator + app: olm-operator spec: serviceAccountName: olm-operator-serviceaccount containers: - - name: alm-operator + - name: olm-operator command: - /bin/olm image: {{ olm_operator_image }} @@ -42,6 +40,4 @@ spec: fieldRef: fieldPath: metadata.namespace - name: OPERATOR_NAME - value: alm-operator - imagePullSecrets: - - name: coreos-pull-secret + value: olm-operator diff --git a/roles/openshift_autoheal/defaults/main.yml b/roles/openshift_autoheal/defaults/main.yml index 892db5d2c02..bfd8ec04619 100644 --- a/roles/openshift_autoheal/defaults/main.yml +++ b/roles/openshift_autoheal/defaults/main.yml @@ -2,17 +2,8 @@ # # Image name: -# -openshift_autoheal_image_dict: - origin: - prefix: "docker.io/openshift/" - version: v0.0.1 - openshift-enterprise: - prefix: "registry.redhat.io/openshift3/ose-" - version: "{{ openshift_image_tag }}" -openshift_autoheal_image_prefix: "{{ openshift_autoheal_image_dict[openshift_deployment_type]['prefix'] }}" -openshift_autoheal_image_version: "{{ openshift_autoheal_image_dict[openshift_deployment_type]['version'] }}" -openshift_autoheal_image: "{{ openshift_autoheal_image_prefix }}autoheal:{{ openshift_autoheal_image_version }}" + +openshift_autoheal_image: "{{ l_osm_registry_url | regex_replace('${component}' | regex_escape, 'autoheal') }}" # # Content of the configuration file of the auto-heal service. Note that this is diff --git a/roles/openshift_aws/defaults/main.yml b/roles/openshift_aws/defaults/main.yml index 844d5d20237..d4df216fcfe 100644 --- a/roles/openshift_aws/defaults/main.yml +++ b/roles/openshift_aws/defaults/main.yml @@ -19,7 +19,6 @@ openshift_aws_iam_cert_name: "{{ openshift_aws_clusterid }}-master-external" openshift_aws_iam_cert_path: '' openshift_aws_iam_cert_key_path: '' -openshift_aws_iam_role_name: "openshift_node_describe_instances_{{ openshift_aws_clusterid }}" openshift_aws_iam_role_policy_json: "{{ lookup('file', 'describeinstances.json') }}" openshift_aws_iam_role_policy_name: "describe_instances_{{ openshift_aws_clusterid }}" @@ -32,6 +31,15 @@ openshift_aws_ami_name: openshift-gi openshift_aws_base_ami_name: ami_base openshift_aws_instance_type: m4.xlarge +# atomic-openshift-node service requires gquota to be set on the filesystem +# that hosts /var/lib/origin/openshift.local.volumes ( OCP emptydir ). Often +# is it not ideal or cost effective to deploy a vol for emptydir. This pushes +# emptydir up to the / filesystem. Base ami often does not ship with gquota +# enabled for /. +# Set this bool true to enable gquota on / filesystem when using Red Hat Cloud +# Access RHEL7 AMI or Amazon Market RHEL7 AMI. +openshift_aws_ami_build_set_gquota_on_slashfs: False + openshift_aws_launch_config_bootstrap_token: '' openshift_aws_users: [] @@ -267,9 +275,7 @@ openshift_aws_master_instance_config: health_check: "{{ openshift_aws_scale_group_health_check }}" exact_count: "{{ openshift_aws_master_group_desired_size | default(3) }}" termination_policy: "{{ openshift_aws_node_group_termination_policy }}" - iam_role: "{{ openshift_aws_iam_master_role_name | default(openshift_aws_iam_role_name) }}" - policy_name: "{{ openshift_aws_iam_master_role_policy_name | default(openshift_aws_iam_role_policy_name) }}" - policy_json: "{{ openshift_aws_iam_master_role_policy_json | default(openshift_aws_iam_role_policy_json) }}" + iam_role: "{{ openshift_aws_launch_config_iam_roles['master'].name }}" elbs: "{{ openshift_aws_elb_dict | json_query('master.[*][0][*].name') }}" groups: - "{{ openshift_aws_clusterid }}" # default sg @@ -287,9 +293,7 @@ openshift_aws_node_group_config: desired_size: "{{ openshift_aws_compute_group_desired_size | default(3) }}" termination_policy: "{{ openshift_aws_node_group_termination_policy }}" replace_all_instances: "{{ openshift_aws_node_group_replace_all_instances }}" - iam_role: "{{ openshift_aws_iam_node_role_name | default(openshift_aws_iam_role_name) }}" - policy_name: "{{ openshift_aws_iam_node_role_policy_name | default(openshift_aws_iam_role_policy_name) }}" - policy_json: "{{ openshift_aws_iam_node_role_policy_json | default(openshift_aws_iam_role_policy_json) }}" + iam_role: "{{ openshift_aws_launch_config_iam_roles['compute'].name }}" # The 'infra' key is always required here. infra: instance_type: "{{ openshift_aws_infra_group_instance_type | default(openshift_aws_instance_type) }}" @@ -300,9 +304,7 @@ openshift_aws_node_group_config: desired_size: "{{ openshift_aws_infra_group_desired_size | default(2) }}" termination_policy: "{{ openshift_aws_node_group_termination_policy }}" replace_all_instances: "{{ openshift_aws_node_group_replace_all_instances }}" - iam_role: "{{ openshift_aws_iam_node_role_name | default(openshift_aws_iam_role_name) }}" - policy_name: "{{ openshift_aws_iam_node_role_policy_name | default(openshift_aws_iam_role_policy_name) }}" - policy_json: "{{ openshift_aws_iam_node_role_policy_json | default(openshift_aws_iam_role_policy_json) }}" + iam_role: "{{ openshift_aws_launch_config_iam_roles['infra'].name }}" elbs: "{{ openshift_aws_elb_dict | json_query('infra.[*][0][*].name') }}" # build_instance_tags is a custom filter in role lib_utils @@ -324,6 +326,20 @@ openshift_aws_launch_config_security_groups: - "{{ openshift_aws_clusterid }}_infra" # node type sg - "{{ openshift_aws_clusterid }}_infra_k8s" # node type sg k8s +openshift_aws_launch_config_iam_roles: + master: + name: "{{ openshift_aws_iam_master_role_name | default(openshift_aws_clusterid ~ '-iam_master') }}" + policy_name: "{{ openshift_aws_iam_master_role_policy_name | default(openshift_aws_iam_role_policy_name) }}" + policy_json: "{{ openshift_aws_iam_master_role_policy_json | default(openshift_aws_iam_role_policy_json) }}" + compute: + name: "{{ openshift_aws_iam_compute_role_name | default(openshift_aws_clusterid ~ '-iam_compute') }}" + policy_name: "{{ openshift_aws_iam_node_role_policy_name | default(openshift_aws_iam_role_policy_name) }}" + policy_json: "{{ openshift_aws_iam_node_role_policy_json | default(openshift_aws_iam_role_policy_json) }}" + infra: + name: "{{ openshift_aws_iam_infra_role_name | default(openshift_aws_clusterid ~ '-iam_infra') }}" + policy_name: "{{ openshift_aws_iam_node_role_policy_name | default(openshift_aws_iam_role_policy_name) }}" + policy_json: "{{ openshift_aws_iam_node_role_policy_json | default(openshift_aws_iam_role_policy_json) }}" + openshift_aws_security_groups_tags: "{{ openshift_aws_kube_tags }}" openshift_aws_node_security_groups: diff --git a/roles/openshift_aws/tasks/build_node_group.yml b/roles/openshift_aws/tasks/build_node_group.yml index 8c89850d06f..a79cb09a7a9 100644 --- a/roles/openshift_aws/tasks/build_node_group.yml +++ b/roles/openshift_aws/tasks/build_node_group.yml @@ -74,16 +74,19 @@ | combine({'openshift-node-group-config': openshift_aws_node_group.node_group_config | default('unset') }) }}" l_node_group_name: "{{ openshift_aws_node_group.name }} {{ l_deployment_serial }}" +- name: fetch the iam role + iam_role_facts: + name: "{{ openshift_aws_launch_config_iam_roles[openshift_aws_node_group.group].name }}" + register: l_profilename + retries: 3 + delay: 3 + when: openshift_aws_create_iam_role + - name: Set scale group instances autonaming set_fact: l_instance_tags: "{{ l_instance_tags | combine({'Name': l_node_group_name }) }}" when: openshift_aws_autoname_scale_group_instances | default(false) -- when: - - openshift_aws_create_iam_role - - asgs.results|length != 2 - include_tasks: iam_role.yml - - when: - openshift_aws_create_launch_config - asgs.results|length != 2 diff --git a/roles/openshift_aws/tasks/iam_role.yml b/roles/openshift_aws/tasks/iam_role.yml index cf3bb28fbbf..2bb41c6249d 100644 --- a/roles/openshift_aws/tasks/iam_role.yml +++ b/roles/openshift_aws/tasks/iam_role.yml @@ -13,10 +13,14 @@ ##### - name: Create an iam role iam_role: - name: "{{ l_node_group_config[openshift_aws_node_group.group].iam_role }}" + name: "{{ openshift_aws_launch_config_iam_roles[l_item].name }}" assume_role_policy_document: "{{ lookup('file','trustpolicy.json') }}" state: "{{ openshift_aws_iam_role_state | default('present') }}" - when: l_node_group_config[openshift_aws_node_group.group].iam_role is defined + loop: "{{ openshift_aws_launch_config_iam_roles | list }}" + loop_control: + loop_var: l_item + retries: 3 + delay: 3 ##### # The second part of this task file is linking the role to a policy @@ -27,8 +31,13 @@ - name: create an iam policy iam_policy: iam_type: role - iam_name: "{{ l_node_group_config[openshift_aws_node_group.group].iam_role }}" - policy_json: "{{ l_node_group_config[openshift_aws_node_group.group].policy_json }}" - policy_name: "{{ l_node_group_config[openshift_aws_node_group.group].policy_name }}" + iam_name: "{{ openshift_aws_launch_config_iam_roles[l_item].name }}" + policy_json: "{{ openshift_aws_launch_config_iam_roles[l_item].policy_json }}" + policy_name: "{{ openshift_aws_launch_config_iam_roles[l_item].policy_name }}" state: "{{ openshift_aws_iam_role_state | default('present') }}" - when: "'iam_role' in l_node_group_config[openshift_aws_node_group.group]" + register: l_iam_create_policy_out + loop: "{{ openshift_aws_launch_config_iam_roles | list }}" + loop_control: + loop_var: l_item + retries: 3 + delay: 3 diff --git a/roles/openshift_aws/tasks/launch_config.yml b/roles/openshift_aws/tasks/launch_config.yml index 6e7c0172143..72e40c14687 100644 --- a/roles/openshift_aws/tasks/launch_config.yml +++ b/roles/openshift_aws/tasks/launch_config.yml @@ -21,10 +21,10 @@ image_id: "{{ openshift_aws_ami_map[openshift_aws_node_group.group] | default(openshift_aws_ami) }}" instance_type: "{{ l_node_group_config[openshift_aws_node_group.group].instance_type }}" security_groups: "{{ openshift_aws_launch_config_security_group_id | default(ec2sgs.security_groups | map(attribute='group_id')| list) }}" - instance_profile_name: "{{ l_node_group_config[openshift_aws_node_group.group].iam_role if l_node_group_config[openshift_aws_node_group.group].iam_role is defined and - l_node_group_config[openshift_aws_node_group.group].iam_role != '' and - openshift_aws_create_iam_role - else omit }}" + instance_profile_name: "{{ l_profilename.iam_roles[0].role_name if openshift_aws_create_iam_role and + l_node_group_config[openshift_aws_node_group.group].iam_role is defined and + l_node_group_config[openshift_aws_node_group.group].iam_role != '' + else omit }}" user_data: "{{ lookup('template', 'user_data.j2') }}" key_name: "{{ openshift_aws_ssh_key_name }}" ebs_optimized: False diff --git a/roles/openshift_aws/tasks/provision_ec2.yml b/roles/openshift_aws/tasks/provision_ec2.yml index b85521905df..158982974f7 100644 --- a/roles/openshift_aws/tasks/provision_ec2.yml +++ b/roles/openshift_aws/tasks/provision_ec2.yml @@ -18,6 +18,10 @@ volumes: "{{ openshift_aws_master_instance_config.volumes }}" vpc_subnet_id: "{{ l_loop }}" wait: yes + instance_profile_name: "{{ l_profilename.iam_roles[0].role_name if openshift_aws_create_iam_role and + openshift_aws_master_instance_config.iam_role is defined and + openshift_aws_master_instance_config.iam_role != '' + else omit }}" loop: "{{ l_subnetout_results | list }}" loop_control: loop_var: l_loop diff --git a/roles/openshift_aws/tasks/provision_ec2_facts.yml b/roles/openshift_aws/tasks/provision_ec2_facts.yml index 1fdbd8b288d..7f0683c4505 100644 --- a/roles/openshift_aws/tasks/provision_ec2_facts.yml +++ b/roles/openshift_aws/tasks/provision_ec2_facts.yml @@ -85,3 +85,11 @@ vpc-id: "{{ vpcout.vpcs[0].id }}" region: "{{ openshift_aws_region }}" register: ec2sgs + +- name: fetch the iam role + iam_role_facts: + name: "{{ openshift_aws_launch_config_iam_roles['master'].name }}" + register: l_profilename + retries: 3 + delay: 3 + when: openshift_aws_create_iam_role diff --git a/roles/openshift_aws/tasks/set_gquota_for_slashfs.yml b/roles/openshift_aws/tasks/set_gquota_for_slashfs.yml new file mode 100644 index 00000000000..7deafbab187 --- /dev/null +++ b/roles/openshift_aws/tasks/set_gquota_for_slashfs.yml @@ -0,0 +1,40 @@ +--- +- name: fetch block device of slash filesystem + command: bash -c "/usr/bin/mount | grep 'on / ' | cut -d ' ' -f1" + register: slashfsdevice + +- name: fetch filesystem of slash block device + command: bash -c "blkid {{ slashfsdevice.stdout }} -s TYPE -o value" + register: slashfstype + +- name: fetch uuid of slash block device + command: bash -c "blkid {{ slashfsdevice.stdout }} -s UUID -o value" + register: slashfsuuid + +- name: ensure nonUUID based slash mount entry in /etc/fstab is removed + lineinfile: + path: /etc/fstab + regexp: '^(?!(UUID=))(.*?)(\s+)(\/)(\s+){{ slashfstype.stdout }}(.+?)$' + state: absent + +- name: ensure slash mount uses UUID device and gquota option in /etc/fstab + mount: + path: "/" + src: "UUID={{ slashfsuuid.stdout }}" + fstype: "{{ slashfstype.stdout }}" + opts: "defaults,gquota" + state: "present" + register: slashmount + +- name: set rootvol flags in grub conf + lineinfile: + line: 'GRUB_CMDLINE_LINUX="console=ttyS0,115200n8 console=tty0 net.ifnames=0 crashkernel=auto rootflags=gquota"' + path: /etc/default/grub + regexp: 'GRUB_CMDLINE_LINUX="console=ttyS0,115200n8 console=tty0 net.ifnames=0 crashkernel=auto"' + state: present + register: etcdefaultgrub + when: slashmount.changed + +- name: recreate grub2 config + command: grub2-mkconfig -o /boot/grub2/grub.cfg + when: etcdefaultgrub.changed diff --git a/roles/openshift_aws/tasks/uninstall_ec2.yml b/roles/openshift_aws/tasks/uninstall_ec2.yml new file mode 100644 index 00000000000..632d02057c4 --- /dev/null +++ b/roles/openshift_aws/tasks/uninstall_ec2.yml @@ -0,0 +1,10 @@ +--- +- name: delete instance(s) + ec2: + instance_ids: "{{ item }}" + region: "{{ openshift_aws_region }}" + state: absent + wait: yes + delay: 3 + retries: 3 + with_items: "{{ instancesout.instances | list | map(attribute='instance_id') | list }}" diff --git a/roles/openshift_aws/tasks/uninstall_masters.yml b/roles/openshift_aws/tasks/uninstall_masters.yml index 7f9af9ed85a..0bf19f44eeb 100644 --- a/roles/openshift_aws/tasks/uninstall_masters.yml +++ b/roles/openshift_aws/tasks/uninstall_masters.yml @@ -1,8 +1,14 @@ --- -- name: scale group deletion for master - include_tasks: uninstall_node_group.yml - with_items: "{{ openshift_aws_master_group }}" - vars: - l_node_group_config: "{{ openshift_aws_master_group_config }}" - loop_control: - loop_var: openshift_aws_node_group +- name: fetch master instances + ec2_instance_facts: + region: "{{ openshift_aws_region }}" + filters: + "tag:clusterid": "{{ openshift_aws_clusterid }}" + "tag:host-type": "master" + instance-state-name: running + register: instancesout + retries: 20 + delay: 3 + until: instancesout.instances|length > 0 + +- import_tasks: uninstall_ec2.yml diff --git a/roles/openshift_ca/tasks/main.yml b/roles/openshift_ca/tasks/main.yml index 23b854df58b..b6688aafd6e 100644 --- a/roles/openshift_ca/tasks/main.yml +++ b/roles/openshift_ca/tasks/main.yml @@ -7,7 +7,6 @@ package: name: "{{ openshift_service_type }}{{ openshift_pkg_version | default('') | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}" state: present - when: not hostvars[openshift_ca_host].openshift_is_atomic | bool register: install_result until: install_result is succeeded delegate_to: "{{ openshift_ca_host }}" diff --git a/roles/openshift_certificate_expiry/tasks/main.yml b/roles/openshift_certificate_expiry/tasks/main.yml index 2ae866a61f3..2cdd12e859c 100644 --- a/roles/openshift_certificate_expiry/tasks/main.yml +++ b/roles/openshift_certificate_expiry/tasks/main.yml @@ -1,4 +1,9 @@ --- +- name: Ensure python dateutil library is present + package: + name: "{{ 'python3-dateutil' if ansible_distribution == 'Fedora' else 'python-dateutil' }}" + state: present + - name: Check cert expirys on host openshift_cert_expiry: warning_days: "{{ openshift_certificate_expiry_warning_days|int }}" diff --git a/roles/openshift_cli/defaults/main.yml b/roles/openshift_cli/defaults/main.yml index d91c4cb5223..ed97d539c09 100644 --- a/roles/openshift_cli/defaults/main.yml +++ b/roles/openshift_cli/defaults/main.yml @@ -1,2 +1 @@ --- -l_openshift_cli_image_backend: "{{ (openshift_use_crio_only | bool) | ternary('atomic', 'docker') }}" diff --git a/roles/openshift_cli/tasks/main.yml b/roles/openshift_cli/tasks/main.yml index 650f2ce8a2d..c5ae7c25f85 100644 --- a/roles/openshift_cli/tasks/main.yml +++ b/roles/openshift_cli/tasks/main.yml @@ -3,34 +3,22 @@ package: name: "{{ openshift_service_type }}-clients{{ openshift_pkg_version | default('') }}" state: present - when: not openshift_is_atomic | bool register: result until: result is succeeded -- block: - - name: Pull CLI Image (docker) - docker_image: - name: "{{ openshift_cli_image }}" - when: not openshift_use_crio_only | bool +- name: Check that CLI image is present + command: "{{ openshift_container_cli }} images -q {{ openshift_cli_image }}" + register: cli_image - - name: Pull CLI Image (atomic) - command: > - atomic pull --storage ostree {{ system_openshift_cli_image }} - register: pull_result - changed_when: "'Pulling layer' in pull_result.stdout" - when: openshift_use_crio_only | bool - - # openshift_container_binary_sync is a custom module in lib_utils - - name: Copy client binaries/symlinks out of CLI image for use on the host - openshift_container_binary_sync: - image: "{{ openshift_cli_image }}" - backend: "{{ l_openshift_cli_image_backend }}" - when: openshift_is_atomic | bool +- name: Pre-pull cli image + command: "{{ openshift_container_cli }} pull {{ openshift_cli_image }}" + environment: + NO_PROXY: "{{ openshift.common.no_proxy | default('') }}" + when: cli_image.stdout_lines == [] - name: Install bash completion for oc tools package: name: bash-completion state: present - when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/openshift_cloud_provider/defaults/main.yml b/roles/openshift_cloud_provider/defaults/main.yml index 0fa9fc862af..171966f2764 100644 --- a/roles/openshift_cloud_provider/defaults/main.yml +++ b/roles/openshift_cloud_provider/defaults/main.yml @@ -4,3 +4,4 @@ openshift_gcp_prefix: '' openshift_gcp_network_name: "{{ openshift_gcp_prefix }}network" openshift_gcp_multizone: False openshift_openstack_ca_file_path: '/etc/origin/cloudprovider/openstack.crt' +openshift_cloudprovider_openstack_blockstorage_ignore_volume_az: false diff --git a/roles/openshift_cloud_provider/tasks/vsphere-svc.yml b/roles/openshift_cloud_provider/tasks/vsphere-svc.yml index f33e5590216..942a03184fe 100644 --- a/roles/openshift_cloud_provider/tasks/vsphere-svc.yml +++ b/roles/openshift_cloud_provider/tasks/vsphere-svc.yml @@ -1,6 +1,6 @@ --- - name: Check to see if the vsphere cluster role already exists - command: "{{ openshift_client_binary}} get clusterrole" + command: "{{ openshift_client_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig get clusterrole" register: cluster_role - block: @@ -13,7 +13,7 @@ - name: Create vsphere-svc on cluster run_once: true - command: "{{ openshift_client_binary}} create -f /tmp/vsphere-svc.yml" + command: "{{ openshift_client_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig create -f /tmp/vsphere-svc.yml" - name: Remove vsphere-svc file run_once: true diff --git a/roles/openshift_cloud_provider/templates/openstack.conf.j2 b/roles/openshift_cloud_provider/templates/openstack.conf.j2 index e3bed0fcf0a..4b9dbef2160 100644 --- a/roles/openshift_cloud_provider/templates/openstack.conf.j2 +++ b/roles/openshift_cloud_provider/templates/openstack.conf.j2 @@ -22,7 +22,8 @@ ca-file = {{ openshift_openstack_ca_file_path }} [LoadBalancer] subnet-id = {{ openshift_cloudprovider_openstack_lb_subnet_id }} {% endif %} -{% if openshift_cloudprovider_openstack_blockstorage_version is defined %} [BlockStorage] +ignore-volume-az = {{ openshift_cloudprovider_openstack_blockstorage_ignore_volume_az | bool | ternary('yes', 'no') }} +{% if openshift_cloudprovider_openstack_blockstorage_version is defined %} bs-version={{ openshift_cloudprovider_openstack_blockstorage_version }} {% endif %} diff --git a/roles/openshift_cluster_monitoring_operator/defaults/main.yml b/roles/openshift_cluster_monitoring_operator/defaults/main.yml index a1e6dcb0588..86ccdab31b6 100644 --- a/roles/openshift_cluster_monitoring_operator/defaults/main.yml +++ b/roles/openshift_cluster_monitoring_operator/defaults/main.yml @@ -2,7 +2,7 @@ openshift_cluster_monitoring_operator_namespace: openshift-monitoring l_openshift_cluster_monitoring_operator_image_dicts: - origin: 'quay.io/coreos/cluster-monitoring-operator:v0.1.0' + origin: 'quay.io/coreos/cluster-monitoring-operator:v0.1.1' openshift-enterprise: "{{ l_osm_registry_url | regex_replace('${component}' | regex_escape, 'cluster-monitoring-operator') }}" openshift_cluster_monitoring_operator_image: "{{ l_openshift_cluster_monitoring_operator_image_dicts[openshift_deployment_type] }}" @@ -21,16 +21,16 @@ l_openshift_cluster_monitoring_image_dicts: kube_rbac_proxy: quay.io/coreos/kube-rbac-proxy oauth_proxy: openshift/oauth-proxy openshift-enterprise: - prometheus_operator: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('${component}:${version}' | regex_escape, 'prometheus-operator') }}" - prometheus: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('ose-${component}:${version}' | regex_escape, 'prometheus') }}" - alertmanager: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('ose-${component}:${version}' | regex_escape, 'prometheus-alertmanager') }}" - node_exporter: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('ose-${component}:${version}' | regex_escape, 'prometheus-node-exporter') }}" - prometheus_config_reloader: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('${component}:${version}' | regex_escape, 'prometheus-config-reloader') }}" - configmap_reloader: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('${component}:${version}' | regex_escape, 'configmap-reloader') }}" - grafana: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('ose-${component}:${version}' | regex_escape, 'grafana') }}" - kube_state_metrics: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('${component}:${version}' | regex_escape, 'kube-state-metrics') }}" - kube_rbac_proxy: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('${component}:${version}' | regex_escape, 'kube-rbac-proxy') }}" - oauth_proxy: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('ose-${component}:${version}' | regex_escape, 'oauth-proxy') }}" + prometheus_operator: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('${component}' | regex_escape, 'prometheus-operator') | regex_replace(':[^:]*$', '') }}" + prometheus: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('ose-${component}' | regex_escape, 'prometheus') | regex_replace(':[^:]*$', '') }}" + alertmanager: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('ose-${component}' | regex_escape, 'prometheus-alertmanager') | regex_replace(':[^:]*$', '') }}" + node_exporter: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('ose-${component}' | regex_escape, 'prometheus-node-exporter') | regex_replace(':[^:]*$', '') }}" + prometheus_config_reloader: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('${component}' | regex_escape, 'prometheus-config-reloader') | regex_replace(':[^:]*$', '') }}" + configmap_reloader: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('${component}' | regex_escape, 'configmap-reloader') | regex_replace(':[^:]*$', '') }}" + grafana: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('ose-${component}' | regex_escape, 'grafana') | regex_replace(':[^:]*$', '') }}" + kube_state_metrics: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('${component}' | regex_escape, 'kube-state-metrics') | regex_replace(':[^:]*$', '') }}" + kube_rbac_proxy: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('${component}' | regex_escape, 'kube-rbac-proxy') | regex_replace(':[^:]*$', '') }}" + oauth_proxy: "{{ l_openshift_cluster_monitoring_non_standard_reg_url | regex_replace('ose-${component}' | regex_escape, 'oauth-proxy') | regex_replace(':[^:]*$', '') }}" openshift_cluster_monitoring_operator_prometheus_operator_repo: "{{l_openshift_cluster_monitoring_image_dicts[openshift_deployment_type]['prometheus_operator']}}" openshift_cluster_monitoring_operator_prometheus_repo: "{{l_openshift_cluster_monitoring_image_dicts[openshift_deployment_type]['prometheus']}}" @@ -43,9 +43,11 @@ openshift_cluster_monitoring_operator_kube_state_metrics_image: "{{l_openshift_c openshift_cluster_monitoring_operator_kube_rbac_proxy_image: "{{l_openshift_cluster_monitoring_image_dicts[openshift_deployment_type]['kube_rbac_proxy']}}" openshift_cluster_monitoring_operator_proxy_image: "{{l_openshift_cluster_monitoring_image_dicts[openshift_deployment_type]['oauth_proxy']}}" -openshift_cluster_monitoring_operator_prometheus_storage_enabled: true +openshift_cluster_monitoring_operator_prometheus_storage_enabled: false openshift_cluster_monitoring_operator_prometheus_storage_capacity: "50Gi" -openshift_cluster_monitoring_operator_alertmanager_storage_enabled: true +openshift_cluster_monitoring_operator_prometheus_storage_class_name: "" +openshift_cluster_monitoring_operator_alertmanager_storage_enabled: false +openshift_cluster_monitoring_operator_alertmanager_storage_class_name: "" openshift_cluster_monitoring_operator_alertmanager_storage_capacity: "2Gi" openshift_cluster_monitoring_operator_cluster_id: "{{ openshift_clusterid | default(openshift_master_cluster_public_hostname, true) | default(openshift_master_cluster_hostname, true) | default('openshift', true) }}" diff --git a/roles/openshift_cluster_monitoring_operator/tasks/install.yaml b/roles/openshift_cluster_monitoring_operator/tasks/install.yaml index 52eb9a56660..4f728d05a49 100644 --- a/roles/openshift_cluster_monitoring_operator/tasks/install.yaml +++ b/roles/openshift_cluster_monitoring_operator/tasks/install.yaml @@ -79,13 +79,13 @@ with_items: - cluster-monitoring-operator.yaml -- name: Set cluster-monitoring-operator configmap template +- name: Process cluster-monitoring-operator configmap template template: src: cluster-monitoring-operator-config.j2 dest: "{{ tempdir }}/templates/cluster-monitoring-operator-config.yaml" changed_when: no -- name: Set cluster-monitoring-operator configmap +- name: Create cluster-monitoring-operator configmap oc_obj: state: present name: "cluster-monitoring-config" @@ -95,14 +95,14 @@ - "{{ tempdir }}/templates/cluster-monitoring-operator-config.yaml" delete_after: true -- name: Set cluster-monitoring-operator template +- name: Process cluster-monitoring-operator deployment template template: src: cluster-monitoring-operator-deployment.j2 dest: "{{ tempdir }}/templates/cluster-monitoring-operator-deployment.yaml" vars: namespace: "{{ openshift_cluster_monitoring_operator_namespace }}" -- name: Set cluster-monitoring-operator template +- name: Create cluster-monitoring-operator deployment oc_obj: state: present name: "cluster-monitoring-operator" diff --git a/roles/openshift_cluster_monitoring_operator/templates/cluster-monitoring-operator-config.j2 b/roles/openshift_cluster_monitoring_operator/templates/cluster-monitoring-operator-config.j2 index 603934781ec..911141dcfe0 100644 --- a/roles/openshift_cluster_monitoring_operator/templates/cluster-monitoring-operator-config.j2 +++ b/roles/openshift_cluster_monitoring_operator/templates/cluster-monitoring-operator-config.j2 @@ -25,9 +25,12 @@ data: {% endif %} externalLabels: cluster: {{ openshift_cluster_monitoring_operator_cluster_id }} -{% if openshift_cluster_monitoring_operator_prometheus_storage_enabled %} +{% if openshift_cluster_monitoring_operator_prometheus_storage_enabled | bool %} volumeClaimTemplate: spec: +{% if openshift_cluster_monitoring_operator_prometheus_storage_class_name %} + storageClassName: {{ openshift_cluster_monitoring_operator_prometheus_storage_class_name }} +{% endif %} resources: requests: storage: {{ openshift_cluster_monitoring_operator_prometheus_storage_capacity }} @@ -40,9 +43,12 @@ data: {{ key }}: "{{ value }}" {% endfor %} {% endif %} -{% if openshift_cluster_monitoring_operator_alertmanager_storage_enabled %} +{% if openshift_cluster_monitoring_operator_alertmanager_storage_enabled | bool %} volumeClaimTemplate: spec: +{% if openshift_cluster_monitoring_operator_alertmanager_storage_class_name %} + storageClassName: {{ openshift_cluster_monitoring_operator_alertmanager_storage_class_name }} +{% endif %} resources: requests: storage: {{ openshift_cluster_monitoring_operator_alertmanager_storage_capacity }} diff --git a/roles/openshift_console/defaults/main.yml b/roles/openshift_console/defaults/main.yml index 5947fa6c666..9d92b828790 100644 --- a/roles/openshift_console/defaults/main.yml +++ b/roles/openshift_console/defaults/main.yml @@ -23,6 +23,6 @@ l_openshift_console_branding_dict: openshift_console_branding: "{{ l_openshift_console_branding_dict[openshift_deployment_type] }}" l_openshift_console_documentation_url_dict: - origin: 'https://docs.okd.io/3.11/' - openshift-enterprise: 'https://docs.openshift.com/container-platform/3.11/' + origin: 'https://docs.okd.io/4.0/' + openshift-enterprise: 'https://docs.openshift.com/container-platform/4.0/' openshift_console_documentation_base_url: "{{ l_openshift_console_documentation_url_dict[openshift_deployment_type] }}" diff --git a/roles/openshift_console/tasks/remove.yml b/roles/openshift_console/tasks/remove.yml index aac41ed47b2..b5b80ebf694 100644 --- a/roles/openshift_console/tasks/remove.yml +++ b/roles/openshift_console/tasks/remove.yml @@ -4,4 +4,8 @@ name: openshift-console state: absent -# TODO: Remove OAuthClient +- name: Remove openshift-console OAuth client + oc_obj: + kind: oauthclient + name: openshift-console + state: absent diff --git a/roles/openshift_control_plane/defaults/main.yml b/roles/openshift_control_plane/defaults/main.yml index 01307d8ceb5..ba71a341982 100644 --- a/roles/openshift_control_plane/defaults/main.yml +++ b/roles/openshift_control_plane/defaults/main.yml @@ -156,3 +156,5 @@ l_core_api_list: - "security.openshift.io" - "template.openshift.io" - "user.openshift.io" + +openshift_volume_recycler_image: "{{ l_osm_registry_url | regex_replace('${component}' | regex_escape, 'recycler') }}" diff --git a/roles/openshift_control_plane/files/apiserver.yaml b/roles/openshift_control_plane/files/apiserver.yaml index 12dbb63871d..74110e4fda9 100644 --- a/roles/openshift_control_plane/files/apiserver.yaml +++ b/roles/openshift_control_plane/files/apiserver.yaml @@ -34,6 +34,8 @@ spec: name: master-cloud-provider - mountPath: /var/lib/origin/ name: master-data + - mountPath: /etc/pki + name: master-pki livenessProbe: httpGet: scheme: HTTPS @@ -58,3 +60,6 @@ spec: - name: master-data hostPath: path: /var/lib/origin + - name: master-pki + hostPath: + path: /etc/pki diff --git a/roles/openshift_control_plane/files/controller.yaml b/roles/openshift_control_plane/files/controller.yaml index 6594bd3be7e..aa2aaf4e9b3 100644 --- a/roles/openshift_control_plane/files/controller.yaml +++ b/roles/openshift_control_plane/files/controller.yaml @@ -37,6 +37,8 @@ spec: - mountPath: /usr/libexec/kubernetes/kubelet-plugins name: kubelet-plugins mountPropagation: "HostToContainer" + - mountPath: /etc/pki + name: master-pki livenessProbe: httpGet: scheme: HTTPS @@ -57,3 +59,6 @@ spec: - name: kubelet-plugins hostPath: path: /usr/libexec/kubernetes/kubelet-plugins + - name: master-pki + hostPath: + path: /etc/pki diff --git a/roles/openshift_control_plane/tasks/check_master_api_is_ready.yml b/roles/openshift_control_plane/tasks/check_master_api_is_ready.yml index 395723e77c0..3dd3eb38971 100644 --- a/roles/openshift_control_plane/tasks/check_master_api_is_ready.yml +++ b/roles/openshift_control_plane/tasks/check_master_api_is_ready.yml @@ -1,7 +1,7 @@ --- - name: Wait for APIs to become available command: > - {{ openshift_client_binary }} get --raw /apis/{{ item }}/v1 + {{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig get --raw /apis/{{ item }}/v1 register: openshift_apis until: openshift_apis.rc == 0 with_items: "{{ l_core_api_list }}" @@ -24,3 +24,40 @@ API did not become available. Verbose curl output and API logs have been collected above to assist with debugging. when: openshift_apis is failed + +- name: Check for apiservices/v1beta1.metrics.k8s.io registration + command: > + {{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig get apiservices/v1beta1.metrics.k8s.io + register: metrics_service_registration + failed_when: metrics_service_registration.rc != 0 and 'NotFound' not in metrics_service_registration.stderr + retries: 30 + delay: 5 + until: metrics_service_registration is succeeded + +- name: Wait for /apis/metrics.k8s.io/v1beta1 when registered + command: > + {{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig get --raw /apis/metrics.k8s.io/v1beta1 + register: metrics_api + until: metrics_api is succeeded + retries: 30 + delay: 5 + when: metrics_service_registration.rc == 0 + +- name: Check for apiservices/v1beta1.servicecatalog.k8s.io registration + command: > + {{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig get apiservices/v1beta1.servicecatalog.k8s.io + register: servicecatalog_service_registration + failed_when: servicecatalog_service_registration.rc != 0 and 'NotFound' not in servicecatalog_service_registration.stderr + retries: 30 + delay: 5 + until: servicecatalog_service_registration is succeeded + + +- name: Wait for /apis/servicecatalog.k8s.io/v1beta1 when registered + command: > + {{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig get --raw /apis/servicecatalog.k8s.io/v1beta1 + register: servicecatalog_api + until: servicecatalog_api is succeeded + retries: 30 + delay: 5 + when: servicecatalog_service_registration.rc == 0 diff --git a/roles/openshift_control_plane/tasks/htpass_provider.yml b/roles/openshift_control_plane/tasks/htpass_provider.yml index 6eb2f3e6d90..e93a70964f6 100644 --- a/roles/openshift_control_plane/tasks/htpass_provider.yml +++ b/roles/openshift_control_plane/tasks/htpass_provider.yml @@ -5,7 +5,6 @@ state: present when: - item.kind == 'HTPasswdPasswordIdentityProvider' - - not openshift_is_atomic | bool with_items: "{{ openshift_master_identity_providers }}" register: result until: result is succeeded diff --git a/roles/openshift_control_plane/tasks/main.yml b/roles/openshift_control_plane/tasks/main.yml index 420d56598d6..b8595ce8dbf 100644 --- a/roles/openshift_control_plane/tasks/main.yml +++ b/roles/openshift_control_plane/tasks/main.yml @@ -33,23 +33,31 @@ path: "/etc/origin/master" state: directory -- name: Create flexvolume directory when on atomic hosts +- name: Copy recyler pod to config directory + template: + src: "recycler_pod.yaml.j2" + dest: "/etc/origin/master/recycler_pod.yaml" + +- name: Create flex volume directory on host file: state: directory - path: "/etc/origin/kubelet-plugins/volume/exec" + path: "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/" mode: '0750' - when: openshift_is_atomic | bool -- name: Flex volume directory on non-atomic host +- name: Create openshift audit log directory file: state: directory - path: "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/" - mode: '0750' - when: not openshift_is_atomic | bool + path: "/var/log/origin" + mode: 0700 + when: + - openshift.master.audit_config is defined + - openshift.master.audit_config.auditFilePath is defined + - '"/var/log/origin" in openshift.master.audit_config.auditFilePath' - name: Create the policy file if it does not already exist command: > - {{ openshift_client_binary }} adm create-bootstrap-policy-file + {{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig + adm create-bootstrap-policy-file --filename={{ openshift_master_policy }} args: creates: "{{ openshift_master_policy }}" @@ -84,6 +92,17 @@ - item.kind == 'OpenIDIdentityProvider' with_items: "{{ openshift_master_identity_providers }}" +- name: Create the GitHub (Enterprise) ca file if needed + copy: + dest: "/etc/origin/master/{{ item.name }}_github_ca.crt" + content: "{{ openshift.master.github_ca }}" + mode: 0600 + backup: yes + when: + - openshift.master.github_ca is defined + - item.kind == 'GitHubIdentityProvider' + with_items: "{{ openshift_master_identity_providers }}" + - name: Create the request header ca file if needed copy: dest: "/etc/origin/master/{{ item.name }}_request_header_ca.crt" @@ -170,7 +189,7 @@ oc_obj: state: list kind: pod - name: "master-{{ item }}-{{ openshift.node.nodename | lower }}" + name: "master-{{ item }}-{{ l_kubelet_node_name | lower }}" namespace: kube-system register: control_plane_pods until: @@ -222,7 +241,7 @@ oc_obj: state: list kind: pod - name: "master-{{ item }}-{{ openshift.node.nodename | lower }}" + name: "master-{{ item }}-{{ l_kubelet_node_name | lower }}" namespace: kube-system register: control_plane_health until: diff --git a/roles/openshift_control_plane/tasks/pre_pull.yml b/roles/openshift_control_plane/tasks/pre_pull.yml index a1bae36c87b..15a50e33b4a 100644 --- a/roles/openshift_control_plane/tasks/pre_pull.yml +++ b/roles/openshift_control_plane/tasks/pre_pull.yml @@ -4,9 +4,8 @@ register: control_plane_image # This task runs async to save time while the master is being configured -- name: Pre-pull Origin image - docker_image: - name: "{{ osm_image }}" +- name: Pre-pull Origin image (docker) + command: "{{ openshift_container_cli }} pull {{ osm_image }}" environment: NO_PROXY: "{{ openshift.common.no_proxy | default('') }}" when: control_plane_image.stdout_lines == [] diff --git a/roles/openshift_control_plane/tasks/registry_auth.yml b/roles/openshift_control_plane/tasks/registry_auth.yml index bfe6a94c9a1..672da351042 100644 --- a/roles/openshift_control_plane/tasks/registry_auth.yml +++ b/roles/openshift_control_plane/tasks/registry_auth.yml @@ -2,7 +2,7 @@ # docker_creds is a custom module from lib_utils # 'docker login' requires a docker.service running on the local host, this is an # alternative implementation that operates directly on config.json -- name: Create credentials for registry auth (alternative) +- name: Create credentials for oreg_url docker_creds: path: "{{ oreg_auth_credentials_path }}" registry: "{{ oreg_host }}" @@ -11,10 +11,30 @@ # Test that we can actually connect with provided info test_login: "{{ oreg_test_login | default(True) }}" proxy_vars: "{{ l_docker_creds_proxy_vars }}" - image_name: "{{ l_docker_creds_image_name }}" + test_image: "{{ l_docker_creds_test_image }}" when: - oreg_auth_user is defined register: master_oreg_auth_credentials_create retries: 3 delay: 5 until: master_oreg_auth_credentials_create is succeeded + +- name: Create credentials for any additional registries + docker_creds: + path: "{{ oreg_auth_credentials_path }}" + registry: "{{ item.host }}" + username: "{{ item.user | default('openshift') }}" + password: "{{ item.password }}" + # Test that we can actually connect with provided info + test_login: "{{ item.test_login | default(omit) }}" + proxy_vars: "{{ l_docker_creds_proxy_vars }}" + test_image: "{{ item.test_image | default('openshift3/ose-pod') }}" + tls_verify: "{{ item.tls_verify | default(omit) }}" + when: + - openshift_additional_registry_credentials != [] + register: crt_addl_credentials_create + retries: 3 + delay: 5 + until: crt_addl_credentials_create is succeeded + with_items: + "{{ openshift_additional_registry_credentials }}" diff --git a/roles/openshift_control_plane/tasks/static.yml b/roles/openshift_control_plane/tasks/static.yml index 831d132766e..b47dfa19eb3 100644 --- a/roles/openshift_control_plane/tasks/static.yml +++ b/roles/openshift_control_plane/tasks/static.yml @@ -45,15 +45,32 @@ - key: spec.containers[0].readinessProbe.httpGet.port value: "{{ openshift_master_api_port }}" -- name: Update controller-manager static pod on atomic host +- name: Add audit volume to master static pod (api) yedit: - src: "{{ mktemp.stdout }}/controller.yaml" - edits: - - key: spec.volumes[3].hostPath.path - value: "/etc/origin/kubelet-plugins" - - key: spec.containers[0].volumeMounts[3].mountPath - value: "/etc/origin/kubelet-plugins" - when: openshift_is_atomic | bool + src: "{{ mktemp.stdout }}/apiserver.yaml" + append: true + key: spec.volumes + value: + name: audit-logs + hostPath: + path: "/var/log/origin" + when: + - openshift.master.audit_config is defined + - openshift.master.audit_config.auditFilePath is defined + - '"/var/log/origin" in openshift.master.audit_config.auditFilePath' + +- name: Add audit volumeMounts to master static pod (api) + yedit: + src: "{{ mktemp.stdout }}/apiserver.yaml" + append: true + key: spec.containers[0].volumeMounts + value: + mountPath: "/var/log/origin" + name: audit-logs + when: + - openshift.master.audit_config is defined + - openshift.master.audit_config.auditFilePath is defined + - '"/var/log/origin" in openshift.master.audit_config.auditFilePath' - name: ensure pod location exists file: diff --git a/roles/openshift_control_plane/tasks/upgrade.yml b/roles/openshift_control_plane/tasks/upgrade.yml index 9eed258901b..5b012a94ab9 100644 --- a/roles/openshift_control_plane/tasks/upgrade.yml +++ b/roles/openshift_control_plane/tasks/upgrade.yml @@ -78,5 +78,22 @@ yedit: src: "{{ openshift.common.config_base }}/master/master-config.yaml" key: "kubernetesMasterConfig.apiServerArguments.runtime-config" - value: "{{ runtime_config.result | join(',') | regex_replace('(?:,)*apis/settings\\.k8s\\.io/v1alpha1=true','') }}" - when: runtime_config.result + value: "{{ r_c | difference(['apis/settings.k8s.io/v1alpha1=true']) }}" + vars: + r_c: "{{ runtime_config.result | default([]) }}" +- name: Copy recyler pod to config directory + template: + src: "recycler_pod.yaml.j2" + dest: "/etc/origin/master/recycler_pod.yaml" +- name: Update controller-manager to have nfs recycler pod + yedit: + src: "{{ openshift.common.config_base }}/master/master-config.yaml" + key: "kubernetesMasterConfig.controllerArguments.pv-recycler-pod-template-filepath-nfs" + value: + - /etc/origin/master/recycler_pod.yaml +- name: Update controller-manager to have hostpath recycler pod + yedit: + src: "{{ openshift.common.config_base }}/master/master-config.yaml" + key: "kubernetesMasterConfig.controllerArguments.pv-recycler-pod-template-filepath-hostpath" + value: + - /etc/origin/master/recycler_pod.yaml diff --git a/roles/openshift_control_plane/tasks/verify_api_server.yml b/roles/openshift_control_plane/tasks/verify_api_server.yml new file mode 100644 index 00000000000..41736f8af30 --- /dev/null +++ b/roles/openshift_control_plane/tasks/verify_api_server.yml @@ -0,0 +1,16 @@ +--- +# Ensure localhost master is responding. +- name: verify API server + command: > + curl --silent --tlsv1.2 --max-time 2 + --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt + {{ openshift.master.api_url }}/healthz/ready + args: + # Disables the following warning: + # Consider using get_url or uri module rather than running curl + warn: no + register: l_api_available_output + until: l_api_available_output.stdout == 'ok' + retries: 120 + delay: 1 + changed_when: false diff --git a/roles/openshift_control_plane/templates/master.yaml.v1.j2 b/roles/openshift_control_plane/templates/master.yaml.v1.j2 index 5000c72c12d..5930c7da553 100644 --- a/roles/openshift_control_plane/templates/master.yaml.v1.j2 +++ b/roles/openshift_control_plane/templates/master.yaml.v1.j2 @@ -83,10 +83,10 @@ kubernetesMasterConfig: - VolumeScheduling=true {% endif %} controllerArguments: {{ openshift.master.controller_args | default(None) | lib_utils_to_padded_yaml( level=2 ) }} -{% if openshift_is_atomic | bool %} - flex-volume-plugin-dir: - - "/etc/origin/kubelet-plugins/volume/exec" -{% endif %} + pv-recycler-pod-template-filepath-nfs: + - "/etc/origin/master/recycler_pod.yaml" + pv-recycler-pod-template-filepath-hostpath: + - "/etc/origin/master/recycler_pod.yaml" {% if openshift_master_use_persistentlocalvolumes | bool %} feature-gates: - PersistentLocalVolumes=true diff --git a/roles/openshift_control_plane/templates/recycler_pod.yaml.j2 b/roles/openshift_control_plane/templates/recycler_pod.yaml.j2 new file mode 100644 index 00000000000..82ac212ddff --- /dev/null +++ b/roles/openshift_control_plane/templates/recycler_pod.yaml.j2 @@ -0,0 +1,26 @@ +apiVersion: "v1" +kind: "Pod" +metadata: + name: "recyler-pod-" + namespace: "openshift-infra" +spec: + activeDeadlineSeconds: 60 + restartPolicy: "Never" + serviceAccountName: "pv-recycler-controller" + containers: + - + name: "recyler-container" + image: "{{ openshift_volume_recycler_image }}" + command: + - "/usr/bin/openshift-recycle" + args: + - "/scrub" + volumeMounts: + - + mountPath: "/scrub" + name: "vol" + securityContext: + runAsUser: 0 + volumes: + - + name: "vol" diff --git a/roles/openshift_examples/defaults/main.yml b/roles/openshift_examples/defaults/main.yml index 5ec9ae9cc47..7be5d9aaa7f 100644 --- a/roles/openshift_examples/defaults/main.yml +++ b/roles/openshift_examples/defaults/main.yml @@ -6,7 +6,7 @@ openshift_examples_load_db_templates: true openshift_examples_load_xpaas: "{{ openshift_deployment_type != 'origin' }}" openshift_examples_load_quickstarts: true -examples_base: "{{ openshift.common.config_base if openshift_is_containerized | bool else '/usr/share/openshift' }}/examples" +examples_base: "/usr/share/openshift/examples" image_streams_base: "{{ examples_base }}/image-streams" centos_image_streams: - "{{ image_streams_base }}/image-streams-centos7.json" diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh index bb9fc3faf2f..f7f0b3511e7 100755 --- a/roles/openshift_examples/examples-sync.sh +++ b/roles/openshift_examples/examples-sync.sh @@ -8,7 +8,7 @@ XPAAS_VERSION=ose-v1.4.14 RHDM70_VERSION=7.0.1.GA RHPAM70_VERSION=7.0.2.GA -DG_72_VERSION=datagrid72-dev +DG_72_VERSION=1.1.1 ORIGIN_VERSION=${1:-v3.11} ORIGIN_BRANCH=${2:-master} RHAMP_TAG=2.0.0.GA diff --git a/roles/openshift_examples/files/examples/latest/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/latest/image-streams/image-streams-centos7.json index 87b2abd3edc..ba73164202a 100644 --- a/roles/openshift_examples/files/examples/latest/image-streams/image-streams-centos7.json +++ b/roles/openshift_examples/files/examples/latest/image-streams/image-streams-centos7.json @@ -161,7 +161,7 @@ }, "from": { "kind": "DockerImage", - "name": "docker.io/openshift/jenkins-2-centos7:v3.11" + "name": "docker.io/openshift/jenkins-2-centos7:v4.0" }, "name": "2", "referencePolicy": { diff --git a/roles/openshift_examples/files/examples/latest/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/latest/image-streams/image-streams-rhel7.json index 52365e8e9ee..336549a27eb 100644 --- a/roles/openshift_examples/files/examples/latest/image-streams/image-streams-rhel7.json +++ b/roles/openshift_examples/files/examples/latest/image-streams/image-streams-rhel7.json @@ -112,7 +112,7 @@ }, "from": { "kind": "DockerImage", - "name": "registry.redhat.io/openshift3/jenkins-2-rhel7:v3.11" + "name": "registry.redhat.io/openshift3/jenkins-2-rhel7:v4.0" }, "name": "2", "referencePolicy": { diff --git a/roles/openshift_examples/files/examples/latest/xpaas-streams/datagrid72-image-stream.json b/roles/openshift_examples/files/examples/latest/xpaas-streams/datagrid72-image-stream.json new file mode 100644 index 00000000000..0ef18455a20 --- /dev/null +++ b/roles/openshift_examples/files/examples/latest/xpaas-streams/datagrid72-image-stream.json @@ -0,0 +1,65 @@ +{ + "kind": "List", + "apiVersion": "v1", + "metadata": { + "name": "datagrid72-image-streams", + "annotations": { + "description": "ImageStream definitions for Red Hat JBoss Data Grid 7.2.", + "openshift.io/provider-display-name": "Red Hat, Inc." + } + }, + "items": [ + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "jboss-datagrid72-openshift", + "annotations": { + "openshift.io/display-name": "Red Hat JBoss Data Grid 7.2", + "openshift.io/provider-display-name": "Red Hat, Inc.", + "version": "1.1" + } + }, + "spec": { + "tags": [ + { + "name": "1.0", + "annotations": { + "description": "Red Hat JBoss Data Grid 7.2 S2I images.", + "iconClass": "icon-datagrid", + "tags": "datagrid,jboss,hidden", + "supports": "datagrid:7.2", + "version": "1.0", + "openshift.io/display-name": "Red Hat JBoss Data Grid 7.2" + }, + "referencePolicy": { + "type": "Local" + }, + "from": { + "kind": "DockerImage", + "name": "registry.redhat.io/jboss-datagrid-7/datagrid72-openshift:1.0" + } + }, + { + "name": "1.1", + "annotations": { + "description": "Red Hat JBoss Data Grid 7.2 S2I images.", + "iconClass": "icon-datagrid", + "tags": "datagrid,jboss,hidden", + "supports": "datagrid:7.2", + "version": "1.1", + "openshift.io/display-name": "Red Hat JBoss Data Grid 7.2" + }, + "referencePolicy": { + "type": "Local" + }, + "from": { + "kind": "DockerImage", + "name": "registry.redhat.io/jboss-datagrid-7/datagrid72-openshift:1.1" + } + } + ] + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-basic.json b/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-basic.json new file mode 100644 index 00000000000..3ed875495a7 --- /dev/null +++ b/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-basic.json @@ -0,0 +1,446 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-datagrid", + "tags": "datagrid,jboss", + "version": "1.1", + "openshift.io/display-name": "Red Hat JBoss Data Grid 7.2 (Ephemeral, no https)", + "openshift.io/provider-display-name": "Red Hat, Inc.", + "description": "An example Red Hat JBoss Data Grid application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.", + "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.2 based applications, including a deployment configuration, using ephemeral (temporary) storage and communication using http.", + "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/", + "template.openshift.io/support-url": "https://access.redhat.com" + }, + "name": "datagrid72-basic" + }, + "labels": { + "template": "datagrid72-basic" + }, + "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\".", + "parameters": [ + { + "displayName": "Application Name", + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "displayName": "Custom http Route Hostname", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "displayName": "Username", + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "displayName": "Password", + "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "displayName": "JDG User Roles/Groups", + "description": "Comma delimited list of roles/groups associated with the JDG user", + "name": "ADMIN_GROUP", + "value": "", + "required": false + }, + { + "displayName": "Hotrod Authentication", + "description": "Enable Hotrod Authentication", + "name": "HOTROD_AUTHENTICATION", + "value": "", + "required": false + }, + { + "displayName": "Container Security Role Mapper", + "description": "Defines which role mapper to use for cache authentication", + "name": "CONTAINER_SECURITY_ROLE_MAPPER", + "value": "", + "required": false + }, + { + "displayName": "Container Security Roles", + "description": "Comma delimited list of role names and assigned permissions", + "name": "CONTAINER_SECURITY_ROLES", + "value": "", + "required": false + }, + { + "displayName": "ImageStream Namespace", + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "displayName": "Infinispan Connectors", + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "displayName": "Cache Names", + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "displayName": "Datavirt Cache Names", + "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: , _staging and _alias.", + "name": "DATAVIRT_CACHE_NAMES", + "value": "", + "required": false + }, + { + "displayName": "Default Cache Type", + "description": "Default cache type for all caches. If empty then distributed will be the default", + "name": "CACHE_TYPE_DEFAULT", + "value": "", + "required": false + }, + { + "displayName": "Memcached Cache Name", + "description": "The name of the cache to expose through this memcached connector", + "name": "MEMCACHED_CACHE", + "value": "default_memcached", + "required": false + }, + { + "displayName": "REST Security Domain", + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "displayName": "JGroups Cluster Password", + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Container memory limit", + "name": "MEMORY_LIMIT", + "value": "1Gi", + "required": false + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "clusterIP": "None", + "ports": [ + { + "name": "ping", + "port": 8888 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-ping", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "service.alpha.kubernetes.io/tolerate-unready-endpoints": "true", + "description": "The JGroups ping port for clustering." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid72-openshift:1.1" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid72-openshift", + "imagePullPolicy": "Always", + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + }, + "initialDelaySeconds": 60 + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod-internal", + "containerPort": 11222, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11333, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "ADMIN_GROUP", + "value": "${ADMIN_GROUP}" + }, + { + "name": "HOTROD_AUTHENTICATION", + "value": "${HOTROD_AUTHENTICATION}" + }, + { + "name": "CONTAINER_SECURITY_ROLE_MAPPER", + "value": "${CONTAINER_SECURITY_ROLE_MAPPER}" + }, + { + "name": "CONTAINER_SECURITY_ROLES", + "value": "${CONTAINER_SECURITY_ROLES}" + }, + { + "name": "JGROUPS_PING_PROTOCOL", + "value": "openshift.DNS_PING" + }, + { + "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", + "value": "${APPLICATION_NAME}-ping" + }, + { + "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", + "value": "8888" + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "DATAVIRT_CACHE_NAMES", + "value": "${DATAVIRT_CACHE_NAMES}" + }, + { + "name": "CACHE_TYPE_DEFAULT", + "value": "${CACHE_TYPE_DEFAULT}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-https.json b/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-https.json new file mode 100644 index 00000000000..85e248a6710 --- /dev/null +++ b/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-https.json @@ -0,0 +1,638 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-datagrid", + "tags": "datagrid,jboss,hidden", + "version": "1.1", + "openshift.io/display-name": "Red Hat JBoss Data Grid 7.2 (Ephemeral with https)", + "openshift.io/provider-display-name": "Red Hat, Inc.", + "description": "An example Red Hat JBoss Data Grid application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.", + "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.2 based applications, including a deployment configuration, using ephemeral (temporary) storage and secure communication using https.", + "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/", + "template.openshift.io/support-url": "https://access.redhat.com" + }, + "name": "datagrid72-https" + }, + "labels": { + "template": "datagrid72-https" + }, + "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". Please be sure to create the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.", + "parameters": [ + { + "displayName": "Application Name", + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "displayName": "Custom http Route Hostname", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "displayName": "Custom https Route Hostname", + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "displayName": "Username", + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "displayName": "Password", + "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "displayName": "JDG User Roles/Groups", + "description": "Comma delimited list of roles/groups associated with the JDG user", + "name": "ADMIN_GROUP", + "value": "", + "required": false + }, + { + "displayName": "Hotrod Authentication", + "description": "Enable Hotrod Authentication", + "name": "HOTROD_AUTHENTICATION", + "value": "", + "required": false + }, + { + "displayName": "Container Security Role Mapper", + "description": "Defines which role mapper to use for cache authentication", + "name": "CONTAINER_SECURITY_ROLE_MAPPER", + "value": "", + "required": false + }, + { + "displayName": "Container Security Roles", + "description": "Comma delimited list of role names and assigned permissions", + "name": "CONTAINER_SECURITY_ROLES", + "value": "", + "required": false + }, + { + "displayName": "Server Keystore Secret Name", + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "datagrid-app-secret", + "required": true + }, + { + "displayName": "Server Keystore Filename", + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "displayName": "Server Certificate Name", + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "", + "required": false + }, + { + "displayName": "Server Keystore Password", + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "displayName": "ImageStream Namespace", + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "displayName": "Infinispan Connectors", + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "displayName": "Cache Names", + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "displayName": "Datavirt Cache Names", + "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: , _staging and _alias.", + "name": "DATAVIRT_CACHE_NAMES", + "value": "", + "required": false + }, + { + "displayName": "Default Cache Type", + "description": "Default cache type for all caches. If empty then distributed will be the default", + "name": "CACHE_TYPE_DEFAULT", + "value": "", + "required": false + }, + { + "displayName": "Encryption Requires SSL Client Authentication?", + "description": "Whether to require client certificate authentication. Defaults to false", + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "", + "required": false + }, + { + "displayName": "Memcached Cache Name", + "description": "The name of the cache to expose through this memcached connector", + "name": "MEMCACHED_CACHE", + "value": "default_memcached", + "required": false + }, + { + "displayName": "REST Security Domain", + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "displayName": "JGroups Secret Name", + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "datagrid-app-secret", + "required": false + }, + { + "displayName": "JGroups Keystore Filename", + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "displayName": "JGroups Certificate Name", + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "displayName": "JGroups Keystore Password", + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "displayName": "JGroups Cluster Password", + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Container memory limit", + "name": "MEMORY_LIMIT", + "value": "1Gi", + "required": false + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "clusterIP": "None", + "ports": [ + { + "name": "ping", + "port": 8888 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-ping", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "service.alpha.kubernetes.io/tolerate-unready-endpoints": "true", + "description": "The JGroups ping port for clustering." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid72-openshift:1.1" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid72-openshift", + "imagePullPolicy": "Always", + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, + "volumeMounts": [ + { + "name": "datagrid-keystore-volume", + "mountPath": "/etc/datagrid-secret-volume", + "readOnly": true + }, + { + "name": "datagrid-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + }, + "initialDelaySeconds": 60 + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod-internal", + "containerPort": 11222, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11333, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "ADMIN_GROUP", + "value": "${ADMIN_GROUP}" + }, + { + "name": "HOTROD_AUTHENTICATION", + "value": "${HOTROD_AUTHENTICATION}" + }, + { + "name": "CONTAINER_SECURITY_ROLE_MAPPER", + "value": "${CONTAINER_SECURITY_ROLE_MAPPER}" + }, + { + "name": "CONTAINER_SECURITY_ROLES", + "value": "${CONTAINER_SECURITY_ROLES}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/datagrid-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "JGROUPS_PING_PROTOCOL", + "value": "openshift.DNS_PING" + }, + { + "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", + "value": "${APPLICATION_NAME}-ping" + }, + { + "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", + "value": "8888" + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "DATAVIRT_CACHE_NAMES", + "value": "${DATAVIRT_CACHE_NAMES}" + }, + { + "name": "CACHE_TYPE_DEFAULT", + "value": "${CACHE_TYPE_DEFAULT}" + }, + { + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "HOTROD_ENCRYPTION", + "value": "${HTTPS_NAME}" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "datagrid-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "datagrid-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" + } + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-mysql-persistent.json b/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-mysql-persistent.json new file mode 100644 index 00000000000..76bd79ece09 --- /dev/null +++ b/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-mysql-persistent.json @@ -0,0 +1,955 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-datagrid", + "tags": "datagrid,jboss", + "version": "1.1", + "openshift.io/display-name": "Red Hat JBoss Data Grid 7.2 + MySQL (with https)", + "openshift.io/provider-display-name": "Red Hat, Inc.", + "description": "An example Red Hat JBoss Data Grid application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.", + "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.2 based applications, including a deployment configuration, using MySQL database for persistence and secure communication using https.", + "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/", + "template.openshift.io/support-url": "https://access.redhat.com" + }, + "name": "datagrid72-mysql-persistent" + }, + "labels": { + "template": "datagrid72-mysql-persistent" + }, + "message": "A new data grid service (using MySQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.", + "parameters": [ + { + "displayName": "Application Name", + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "displayName": "Custom http Route Hostname", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "displayName": "Custom https Route Hostname", + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "displayName": "Username", + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "displayName": "Password", + "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "displayName": "JDG User Roles/Groups", + "description": "Comma delimited list of roles/groups associated with the JDG user", + "name": "ADMIN_GROUP", + "value": "", + "required": false + }, + { + "displayName": "Hotrod Authentication", + "description": "Enable Hotrod Authentication", + "name": "HOTROD_AUTHENTICATION", + "value": "", + "required": false + }, + { + "displayName": "Container Security Role Mapper", + "description": "Defines which role mapper to use for cache authentication", + "name": "CONTAINER_SECURITY_ROLE_MAPPER", + "value": "", + "required": false + }, + { + "displayName": "Container Security Roles", + "description": "Comma delimited list of role names and assigned permissions", + "name": "CONTAINER_SECURITY_ROLES", + "value": "", + "required": false + }, + { + "displayName": "Server Keystore Secret Name", + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "datagrid-app-secret", + "required": true + }, + { + "displayName": "Server Keystore Filename", + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "displayName": "Server Certificate Name", + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "", + "required": false + }, + { + "displayName": "Server Keystore Password", + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "displayName": "Database JNDI Name", + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql", + "name": "DB_JNDI", + "value": "java:/jboss/datasources/mysql", + "required": false + }, + { + "displayName": "Database Name", + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "displayName": "Database Username", + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "displayName": "Database Password", + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "displayName": "Datasource Minimum Pool Size", + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "displayName": "Datasource Maximum Pool Size", + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "displayName": "Datasource Transaction Isolation", + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "displayName": "MySQL Lower Case Table Names", + "description": "Sets how the table names are stored and compared.", + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "required": false + }, + { + "displayName": "MySQL Maximum number of connections", + "description": "The maximum permitted number of simultaneous client connections.", + "name": "MYSQL_MAX_CONNECTIONS", + "required": false + }, + { + "displayName": "MySQL FullText Minimum Word Length", + "description": "The minimum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MIN_WORD_LEN", + "required": false + }, + { + "displayName": "MySQL FullText Maximum Word Length", + "description": "The maximum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MAX_WORD_LEN", + "required": false + }, + { + "displayName": "MySQL AIO", + "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", + "name": "MYSQL_AIO", + "required": false + }, + { + "displayName": "Database Volume Capacity", + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "1Gi", + "required": true + }, + { + "displayName": "ImageStream Namespace", + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "displayName": "Infinispan Connectors", + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "displayName": "Cache Names", + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "displayName": "Datavirt Cache Names", + "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: , _staging and _alias.", + "name": "DATAVIRT_CACHE_NAMES", + "value": "", + "required": false + }, + { + "displayName": "Default Cache Type", + "description": "Default cache type for all caches. If empty then distributed will be the default", + "name": "CACHE_TYPE_DEFAULT", + "value": "", + "required": false + }, + { + "displayName": "Encryption Requires SSL Client Authentication?", + "description": "Whether to require client certificate authentication. Defaults to false", + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "", + "required": false + }, + { + "displayName": "Memcached Cache Name", + "description": "The name of the cache to expose through this memcached connector", + "name": "MEMCACHED_CACHE", + "value": "default_memcached", + "required": false + }, + { + "displayName": "REST Security Domain", + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "displayName": "JGroups Secret Name", + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "datagrid-app-secret", + "required": false + }, + { + "displayName": "JGroups Keystore Filename", + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "displayName": "JGroups Certificate Name", + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "displayName": "JGroups Keystore Password", + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "displayName": "JGroups Cluster Password", + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "displayName": "MySQL Image Stream Tag", + "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.", + "name": "MYSQL_IMAGE_STREAM_TAG", + "value": "5.7", + "required": true + }, + { + "description": "Container memory limit", + "name": "MEMORY_LIMIT", + "value": "1Gi", + "required": false + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port.", + "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]" + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port.", + "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]" + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications.", + "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]" + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications.", + "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]" + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 3306, + "targetPort": 3306 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "clusterIP": "None", + "ports": [ + { + "name": "ping", + "port": 8888 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-ping", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "service.alpha.kubernetes.io/tolerate-unready-endpoints": "true", + "description": "The JGroups ping port for clustering." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid72-openshift:1.1" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid72-openshift", + "imagePullPolicy": "Always", + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, + "volumeMounts": [ + { + "name": "datagrid-keystore-volume", + "mountPath": "/etc/datagrid-secret-volume", + "readOnly": true + }, + { + "name": "datagrid-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + }, + "initialDelaySeconds": 60 + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod-internal", + "containerPort": 11222, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11333, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "ADMIN_GROUP", + "value": "${ADMIN_GROUP}" + }, + { + "name": "HOTROD_AUTHENTICATION", + "value": "${HOTROD_AUTHENTICATION}" + }, + { + "name": "CONTAINER_SECURITY_ROLE_MAPPER", + "value": "${CONTAINER_SECURITY_ROLE_MAPPER}" + }, + { + "name": "CONTAINER_SECURITY_ROLES", + "value": "${CONTAINER_SECURITY_ROLES}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/datagrid-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "TX_DATABASE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "DEFAULT_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "DEFAULT_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "MEMCACHED_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "MEMCACHED_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "JGROUPS_PING_PROTOCOL", + "value": "openshift.DNS_PING" + }, + { + "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", + "value": "${APPLICATION_NAME}-ping" + }, + { + "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", + "value": "8888" + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "DATAVIRT_CACHE_NAMES", + "value": "${DATAVIRT_CACHE_NAMES}" + }, + { + "name": "CACHE_TYPE_DEFAULT", + "value": "${CACHE_TYPE_DEFAULT}" + }, + { + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "HOTROD_ENCRYPTION", + "value": "${HTTPS_NAME}" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "datagrid-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "datagrid-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mysql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mysql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "containers": [ + { + "name": "${APPLICATION_NAME}-mysql", + "image": "mysql", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 3306, + "protocol": "TCP" + } + ], + "readinessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 5, + "exec": { + "command": [ "/bin/sh", "-i", "-c", + "MYSQL_PWD=\"$MYSQL_PASSWORD\" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'"] + } + }, + "livenessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 3306 + } + }, + "volumeMounts": [ + { + "mountPath": "/var/lib/mysql/data", + "name": "${APPLICATION_NAME}-mysql-pvol" + } + ], + "env": [ + { + "name": "MYSQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MYSQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MYSQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" + }, + { + "name": "MYSQL_MAX_CONNECTIONS", + "value": "${MYSQL_MAX_CONNECTIONS}" + }, + { + "name": "MYSQL_FT_MIN_WORD_LEN", + "value": "${MYSQL_FT_MIN_WORD_LEN}" + }, + { + "name": "MYSQL_FT_MAX_WORD_LEN", + "value": "${MYSQL_FT_MAX_WORD_LEN}" + }, + { + "name": "MYSQL_AIO", + "value": "${MYSQL_AIO}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-mysql-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-mysql-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-mysql-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-mysql.json b/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-mysql.json new file mode 100644 index 00000000000..62878bc729d --- /dev/null +++ b/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-mysql.json @@ -0,0 +1,928 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-datagrid", + "tags": "datagrid,jboss,hidden", + "version": "1.1", + "openshift.io/display-name": "Red Hat JBoss Data Grid 7.2 + MySQL (Ephemeral with https)", + "openshift.io/provider-display-name": "Red Hat, Inc.", + "description": "An example Red Hat JBoss Data Grid application with a MySQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.", + "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.2 based applications, including a deployment configuration, using MySQL database with ephemeral (temporary) storage and secure communication using https.", + "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/", + "template.openshift.io/support-url": "https://access.redhat.com" + }, + "name": "datagrid72-mysql" + }, + "labels": { + "template": "datagrid72-mysql" + }, + "message": "A new data grid service (using MySQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.", + "parameters": [ + { + "displayName": "Application Name", + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "displayName": "Custom http Route Hostname", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "displayName": "Custom https Route Hostname", + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "displayName": "Username", + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "displayName": "Password", + "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "displayName": "JDG User Roles/Groups", + "description": "Comma delimited list of roles/groups associated with the JDG user", + "name": "ADMIN_GROUP", + "value": "", + "required": false + }, + { + "displayName": "Hotrod Authentication", + "description": "Enable Hotrod Authentication", + "name": "HOTROD_AUTHENTICATION", + "value": "", + "required": false + }, + { + "displayName": "Container Security Role Mapper", + "description": "Defines which role mapper to use for cache authentication", + "name": "CONTAINER_SECURITY_ROLE_MAPPER", + "value": "", + "required": false + }, + { + "displayName": "Container Security Roles", + "description": "Comma delimited list of role names and assigned permissions", + "name": "CONTAINER_SECURITY_ROLES", + "value": "", + "required": false + }, + { + "displayName": "Server Keystore Secret Name", + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "datagrid-app-secret", + "required": true + }, + { + "displayName": "Server Keystore Filename", + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "displayName": "Server Certificate Name", + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "", + "required": false + }, + { + "displayName": "Server Keystore Password", + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "displayName": "Database JNDI Name", + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql", + "name": "DB_JNDI", + "value": "java:/jboss/datasources/mysql", + "required": false + }, + { + "displayName": "Database Name", + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "displayName": "Database Username", + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "displayName": "Database Password", + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "displayName": "Datasource Minimum Pool Size", + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "displayName": "Datasource Maximum Pool Size", + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "displayName": "Datasource Transaction Isolation", + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "displayName": "MySQL Lower Case Table Names", + "description": "Sets how the table names are stored and compared.", + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "required": false + }, + { + "displayName": "MySQL Maximum number of connections", + "description": "The maximum permitted number of simultaneous client connections.", + "name": "MYSQL_MAX_CONNECTIONS", + "required": false + }, + { + "displayName": "MySQL FullText Minimum Word Length", + "description": "The minimum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MIN_WORD_LEN", + "required": false + }, + { + "displayName": "MySQL FullText Maximum Word Length", + "description": "The maximum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MAX_WORD_LEN", + "required": false + }, + { + "displayName": "MySQL AIO", + "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", + "name": "MYSQL_AIO", + "required": false + }, + { + "displayName": "ImageStream Namespace", + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "displayName": "Infinispan Connectors", + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "displayName": "Cache Names", + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "displayName": "Datavirt Cache Names", + "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: , _staging and _alias.", + "name": "DATAVIRT_CACHE_NAMES", + "value": "", + "required": false + }, + { + "displayName": "Default Cache Type", + "description": "Default cache type for all caches. If empty then distributed will be the default", + "name": "CACHE_TYPE_DEFAULT", + "value": "", + "required": false + }, + { + "displayName": "Encryption Requires SSL Client Authentication?", + "description": "Whether to require client certificate authentication. Defaults to false", + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "", + "required": false + }, + { + "displayName": "Memcached Cache Name", + "description": "The name of the cache to expose through this memcached connector", + "name": "MEMCACHED_CACHE", + "value": "default_memcached", + "required": false + }, + { + "displayName": "REST Security Domain", + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "displayName": "JGroups Secret Name", + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "datagrid-app-secret", + "required": false + }, + { + "displayName": "JGroups Keystore Filename", + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "displayName": "JGroups Certificate Name", + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "displayName": "JGroups Keystore Password", + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "displayName": "JGroups Cluster Password", + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "displayName": "MySQL Image Stream Tag", + "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.", + "name": "MYSQL_IMAGE_STREAM_TAG", + "value": "5.7", + "required": true + }, + { + "description": "Container memory limit", + "name": "MEMORY_LIMIT", + "value": "1Gi", + "required": false + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port.", + "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]" + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port.", + "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]" + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications.", + "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]" + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications.", + "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]" + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 3306, + "targetPort": 3306 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "clusterIP": "None", + "ports": [ + { + "name": "ping", + "port": 8888 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-ping", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "service.alpha.kubernetes.io/tolerate-unready-endpoints": "true", + "description": "The JGroups ping port for clustering." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid72-openshift:1.1" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid72-openshift", + "imagePullPolicy": "Always", + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, + "volumeMounts": [ + { + "name": "datagrid-keystore-volume", + "mountPath": "/etc/datagrid-secret-volume", + "readOnly": true + }, + { + "name": "datagrid-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + }, + "initialDelaySeconds": 60 + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod-internal", + "containerPort": 11222, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11333, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "ADMIN_GROUP", + "value": "${ADMIN_GROUP}" + }, + { + "name": "HOTROD_AUTHENTICATION", + "value": "${HOTROD_AUTHENTICATION}" + }, + { + "name": "CONTAINER_SECURITY_ROLE_MAPPER", + "value": "${CONTAINER_SECURITY_ROLE_MAPPER}" + }, + { + "name": "CONTAINER_SECURITY_ROLES", + "value": "${CONTAINER_SECURITY_ROLES}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/datagrid-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "TX_DATABASE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "DEFAULT_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "DEFAULT_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "MEMCACHED_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "MEMCACHED_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "JGROUPS_PING_PROTOCOL", + "value": "openshift.DNS_PING" + }, + { + "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", + "value": "${APPLICATION_NAME}-ping" + }, + { + "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", + "value": "8888" + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "DATAVIRT_CACHE_NAMES", + "value": "${DATAVIRT_CACHE_NAMES}" + }, + { + "name": "CACHE_TYPE_DEFAULT", + "value": "${CACHE_TYPE_DEFAULT}" + }, + { + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "HOTROD_ENCRYPTION", + "value": "${HTTPS_NAME}" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "datagrid-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "datagrid-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mysql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mysql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "containers": [ + { + "name": "${APPLICATION_NAME}-mysql", + "image": "mysql", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 3306, + "protocol": "TCP" + } + ], + "readinessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 5, + "exec": { + "command": [ "/bin/sh", "-i", "-c", + "MYSQL_PWD=\"$MYSQL_PASSWORD\" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'"] + } + }, + "livenessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 3306 + } + }, + "env": [ + { + "name": "MYSQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MYSQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MYSQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" + }, + { + "name": "MYSQL_MAX_CONNECTIONS", + "value": "${MYSQL_MAX_CONNECTIONS}" + }, + { + "name": "MYSQL_FT_MIN_WORD_LEN", + "value": "${MYSQL_FT_MIN_WORD_LEN}" + }, + { + "name": "MYSQL_FT_MAX_WORD_LEN", + "value": "${MYSQL_FT_MAX_WORD_LEN}" + }, + { + "name": "MYSQL_AIO", + "value": "${MYSQL_AIO}" + } + ], + "volumeMounts": [ + { + "mountPath": "/var/lib/mysql/data", + "name": "${APPLICATION_NAME}-data" + } + ] + } + ], + "volumes": [ + { + "emptyDir": { + "medium": "" + }, + "name": "${APPLICATION_NAME}-data" + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-partition.json b/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-partition.json new file mode 100644 index 00000000000..e84add445ca --- /dev/null +++ b/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-partition.json @@ -0,0 +1,527 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-datagrid", + "tags": "datagrid,jboss,hidden", + "version": "1.1", + "openshift.io/display-name": "Red Hat JBoss Data Grid 7.2 (Ephemeral, no https)", + "openshift.io/provider-display-name": "Red Hat, Inc.", + "description": "An example Red Hat JBoss Data Grid application. For more information about using this template, see https://github.com/jboss-openshift/application-templates.", + "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.2 based applications, including a deployment configuration, using ephemeral (temporary) storage and communication using http.", + "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/", + "template.openshift.io/support-url": "https://access.redhat.com" + }, + "name": "datagrid72-partition" + }, + "labels": { + "template": "datagrid72-partition" + }, + "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\".", + "parameters": [ + { + "displayName": "Application Name", + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "displayName": "Custom http Route Hostname", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "displayName": "Username", + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "displayName": "Password", + "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "displayName": "ImageStream Namespace", + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "displayName": "Infinispan Connectors", + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "displayName": "Cache Names", + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "displayName": "Datavirt Cache Names", + "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: , _staging and _alias.", + "name": "DATAVIRT_CACHE_NAMES", + "value": "", + "required": false + }, + { + "displayName": "Default Cache Type", + "description": "Default cache type for all caches. If empty then distributed will be the default", + "name": "CACHE_TYPE_DEFAULT", + "value": "", + "required": false + }, + { + "displayName": "Memcached Cache Name", + "description": "The name of the cache to expose through this memcached connector", + "name": "MEMCACHED_CACHE", + "value": "default_memcached", + "required": false + }, + { + "displayName": "ADMIN_GROUP", + "description": "Comma delimited list of groups/roles for the Application Realm User", + "name": "ADMIN_GROUP", + "value": "", + "required": false + }, + { + "displayName": "HOTROD_AUTHENTICATION", + "description": "True/False for HotRod Authentication", + "name": "HOTROD_AUTHENTICATION", + "value": "", + "required": false + }, + { + "displayName": "CONTAINER_SECURITY_ROLE_MAPPER", + "description": "Container Role Mapper", + "name": "CONTAINER_SECURITY_ROLE_MAPPER", + "value": "", + "required": false + }, + { + "displayName": "CONTAINER_SECURITY_ROLES", + "description": "Comma Delimited List of Container Roles", + "name": "CONTAINER_SECURITY_ROLES", + "value": "", + "required": false + }, + { + "displayName": "REST Security Domain", + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "displayName": "JGroups Cluster Password", + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "displayName": "Datagrid Volume Size", + "description": "Size of the volume used by Datagrid for persisting metadata.", + "name": "VOLUME_CAPACITY", + "value": "1Gi", + "required": true + }, + { + "displayName": "Split Data?", + "description": "Split the data directory for each node in a mesh, this is now the default behaviour.", + "name": "DATAGRID_SPLIT", + "value": "true", + "required": false + }, + { + "description": "Container memory limit", + "name": "MEMORY_LIMIT", + "value": "1Gi", + "required": false + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8787, + "targetPort": 8787 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-debug", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "clusterIP": "None", + "ports": [ + { + "name": "ping", + "port": 8888 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-ping", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "service.alpha.kubernetes.io/tolerate-unready-endpoints": "true", + "description": "The JGroups ping port for clustering." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid72-openshift:1.1" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid72-openshift", + "imagePullPolicy": "Always", + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, + "volumeMounts": [ + { + "mountPath": "/opt/datagrid/standalone/partitioned_data", + "name": "${APPLICATION_NAME}-datagrid-pvol" + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + }, + "initialDelaySeconds": 60 + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod-internal", + "containerPort": 11222, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11333, + "protocol": "TCP" + }, + { + "name": "debug", + "containerPort": 8787, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "JGROUPS_PING_PROTOCOL", + "value": "openshift.DNS_PING" + }, + { + "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", + "value": "${APPLICATION_NAME}-ping" + }, + { + "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", + "value": "8888" + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "DATAVIRT_CACHE_NAMES", + "value": "${DATAVIRT_CACHE_NAMES}" + }, + { + "name": "CACHE_TYPE_DEFAULT", + "value": "${CACHE_TYPE_DEFAULT}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + }, + { + "name": "ADMIN_GROUP", + "value": "${ADMIN_GROUP}" + }, + { + "name": "HOTROD_AUTHENTICATION", + "value": "${HOTROD_AUTHENTICATION}" + }, + { + "name": "CONTAINER_SECURITY_ROLE_MAPPER", + "value": "${CONTAINER_SECURITY_ROLE_MAPPER}" + }, + { + "name": "CONTAINER_SECURITY_ROLES", + "value": "${CONTAINER_SECURITY_ROLES}" + }, + { + "name": "DATAGRID_SPLIT", + "value": "${DATAGRID_SPLIT}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-datagrid-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-datagrid-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-datagrid-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteMany" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-postgresql-persistent.json b/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-postgresql-persistent.json new file mode 100644 index 00000000000..633f7c2f818 --- /dev/null +++ b/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-postgresql-persistent.json @@ -0,0 +1,926 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-datagrid", + "tags": "datagrid,jboss", + "version": "1.1", + "openshift.io/display-name": "Red Hat JBoss Data Grid 7.2 + PostgreSQL (with https)", + "openshift.io/provider-display-name": "Red Hat, Inc.", + "description": "An example Red Hat JBoss Data Grid application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.", + "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.2 based applications, including a deployment configuration, using PostgreSQL database for persistence and secure communication using https.", + "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/", + "template.openshift.io/support-url": "https://access.redhat.com" + }, + "name": "datagrid72-postgresql-persistent" + }, + "labels": { + "template": "datagrid72-postgresql-persistent" + }, + "message": "A new data grid service (using PostgreSQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.", + "parameters": [ + { + "displayName": "Application Name", + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "displayName": "Custom http Route Hostname", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "displayName": "Custom https Route Hostname", + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "displayName": "Username", + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "displayName": "Password", + "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "displayName": "JDG User Roles/Groups", + "description": "Comma delimited list of roles/groups associated with the JDG user", + "name": "ADMIN_GROUP", + "value": "", + "required": false + }, + { + "displayName": "Hotrod Authentication", + "description": "Enable Hotrod Authentication", + "name": "HOTROD_AUTHENTICATION", + "value": "", + "required": false + }, + { + "displayName": "Container Security Role Mapper", + "description": "Defines which role mapper to use for cache authentication", + "name": "CONTAINER_SECURITY_ROLE_MAPPER", + "value": "", + "required": false + }, + { + "displayName": "Container Security Roles", + "description": "Comma delimited list of role names and assigned permissions", + "name": "CONTAINER_SECURITY_ROLES", + "value": "", + "required": false + }, + { + "displayName": "Server Keystore Secret Name", + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "datagrid-app-secret", + "required": true + }, + { + "displayName": "Server Keystore Filename", + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "displayName": "Server Certificate Name", + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "", + "required": false + }, + { + "displayName": "Server Keystore Password", + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "displayName": "Database JNDI Name", + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql", + "name": "DB_JNDI", + "value": "java:jboss/datasources/postgresql", + "required": false + }, + { + "displayName": "Database Name", + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "displayName": "Database Username", + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "displayName": "Database Password", + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "displayName": "Datasource Minimum Pool Size", + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "displayName": "Datasource Maximum Pool Size", + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "displayName": "Datasource Transaction Isolation", + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "displayName": "PostgreSQL Maximum number of connections", + "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", + "name": "POSTGRESQL_MAX_CONNECTIONS", + "required": false + }, + { + "displayName": "PostgreSQL Shared Buffers", + "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", + "name": "POSTGRESQL_SHARED_BUFFERS", + "required": false + }, + { + "displayName": "Database Volume Capacity", + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "1Gi", + "required": true + }, + { + "displayName": "ImageStream Namespace", + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "displayName": "Infinispan Connectors", + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "displayName": "Cache Names", + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "displayName": "Datavirt Cache Names", + "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: , _staging and _alias.", + "name": "DATAVIRT_CACHE_NAMES", + "value": "", + "required": false + }, + { + "displayName": "Default Cache Type", + "description": "Default cache type for all caches. If empty then distributed will be the default", + "name": "CACHE_TYPE_DEFAULT", + "value": "", + "required": false + }, + { + "displayName": "Encryption Requires SSL Client Authentication?", + "description": "Whether to require client certificate authentication. Defaults to false", + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "", + "required": false + }, + { + "displayName": "Memcached Cache Name", + "description": "The name of the cache to expose through this memcached connector", + "name": "MEMCACHED_CACHE", + "value": "default_memcached", + "required": false + }, + { + "displayName": "REST Security Domain", + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "displayName": "JGroups Secret Name", + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "datagrid-app-secret", + "required": false + }, + { + "displayName": "JGroups Keystore Filename", + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "displayName": "JGroups Certificate Name", + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "displayName": "JGroups Keystore Password", + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "displayName": "JGroups Cluster Password", + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "displayName": "PostgreSQL Image Stream Tag", + "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.", + "name": "POSTGRESQL_IMAGE_STREAM_TAG", + "value": "9.5", + "required": true + }, + { + "description": "Container memory limit", + "name": "MEMORY_LIMIT", + "value": "1Gi", + "required": false + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port.", + "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]" + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port.", + "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]" + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5432, + "targetPort": 5432 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "clusterIP": "None", + "ports": [ + { + "name": "ping", + "port": 8888 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-ping", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "service.alpha.kubernetes.io/tolerate-unready-endpoints": "true", + "description": "The JGroups ping port for clustering." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid72-openshift:1.1" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid72-openshift", + "imagePullPolicy": "Always", + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, + "volumeMounts": [ + { + "name": "datagrid-keystore-volume", + "mountPath": "/etc/datagrid-secret-volume", + "readOnly": true + }, + { + "name": "datagrid-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + }, + "initialDelaySeconds": 60 + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod-internal", + "containerPort": 11222, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11333, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "ADMIN_GROUP", + "value": "${ADMIN_GROUP}" + }, + { + "name": "HOTROD_AUTHENTICATION", + "value": "${HOTROD_AUTHENTICATION}" + }, + { + "name": "CONTAINER_SECURITY_ROLE_MAPPER", + "value": "${CONTAINER_SECURITY_ROLE_MAPPER}" + }, + { + "name": "CONTAINER_SECURITY_ROLES", + "value": "${CONTAINER_SECURITY_ROLES}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/datagrid-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "TX_DATABASE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "DEFAULT_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "DEFAULT_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "MEMCACHED_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "MEMCACHED_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "JGROUPS_PING_PROTOCOL", + "value": "openshift.DNS_PING" + }, + { + "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", + "value": "${APPLICATION_NAME}-ping" + }, + { + "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", + "value": "8888" + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "DATAVIRT_CACHE_NAMES", + "value": "${DATAVIRT_CACHE_NAMES}" + }, + { + "name": "CACHE_TYPE_DEFAULT", + "value": "${CACHE_TYPE_DEFAULT}" + }, + { + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "HOTROD_ENCRYPTION", + "value": "${HTTPS_NAME}" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "datagrid-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "datagrid-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-postgresql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "containers": [ + { + "name": "${APPLICATION_NAME}-postgresql", + "image": "postgresql", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 5432, + "protocol": "TCP" + } + ], + "readinessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 5, + "exec": { + "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U $POSTGRESQL_USER -q -d $POSTGRESQL_DATABASE -c 'SELECT 1'"] + } + }, + "livenessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 5432 + } + }, + "volumeMounts": [ + { + "mountPath": "/var/lib/pgsql/data", + "name": "${APPLICATION_NAME}-postgresql-pvol" + } + ], + "env": [ + { + "name": "POSTGRESQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "POSTGRESQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "POSTGRESQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "POSTGRESQL_MAX_CONNECTIONS", + "value": "${POSTGRESQL_MAX_CONNECTIONS}" + }, + { + "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS", + "value": "${POSTGRESQL_MAX_CONNECTIONS}" + }, + { + "name": "POSTGRESQL_SHARED_BUFFERS", + "value": "${POSTGRESQL_SHARED_BUFFERS}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-postgresql-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-postgresql-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-postgresql.json b/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-postgresql.json new file mode 100644 index 00000000000..c30c68e0696 --- /dev/null +++ b/roles/openshift_examples/files/examples/latest/xpaas-templates/datagrid72-postgresql.json @@ -0,0 +1,899 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-datagrid", + "tags": "datagrid,jboss,hidden", + "version": "1.1", + "openshift.io/display-name": "Red Hat JBoss Data Grid 7.2 + PostgreSQL (Ephemeral with https)", + "openshift.io/provider-display-name": "Red Hat, Inc.", + "description": "An example Red Hat JBoss Data Grid application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.", + "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.2 based applications, including a deployment configuration, using PostgreSQL database with ephemeral (temporary) storage and secure communication using https.", + "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/", + "template.openshift.io/support-url": "https://access.redhat.com" + }, + "name": "datagrid72-postgresql" + }, + "labels": { + "template": "datagrid72-postgresql" + }, + "message": "A new data grid service (using PostgreSQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.", + "parameters": [ + { + "displayName": "Application Name", + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "datagrid-app", + "required": true + }, + { + "displayName": "Custom http Route Hostname", + "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", + "name": "HOSTNAME_HTTP", + "value": "", + "required": false + }, + { + "displayName": "Custom https Route Hostname", + "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", + "name": "HOSTNAME_HTTPS", + "value": "", + "required": false + }, + { + "displayName": "Username", + "description": "User name for JDG user.", + "name": "USERNAME", + "value": "", + "required": false + }, + { + "displayName": "Password", + "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)", + "name": "PASSWORD", + "value": "", + "required": false + }, + { + "displayName": "JDG User Roles/Groups", + "description": "Comma delimited list of roles/groups associated with the JDG user", + "name": "ADMIN_GROUP", + "value": "", + "required": false + }, + { + "displayName": "Hotrod Authentication", + "description": "Enable Hotrod Authentication", + "name": "HOTROD_AUTHENTICATION", + "value": "", + "required": false + }, + { + "displayName": "Container Security Role Mapper", + "description": "Defines which role mapper to use for cache authentication", + "name": "CONTAINER_SECURITY_ROLE_MAPPER", + "value": "", + "required": false + }, + { + "displayName": "Container Security Roles", + "description": "Comma delimited list of role names and assigned permissions", + "name": "CONTAINER_SECURITY_ROLES", + "value": "", + "required": false + }, + { + "displayName": "Server Keystore Secret Name", + "description": "The name of the secret containing the keystore file", + "name": "HTTPS_SECRET", + "value": "datagrid-app-secret", + "required": true + }, + { + "displayName": "Server Keystore Filename", + "description": "The name of the keystore file within the secret", + "name": "HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "displayName": "Server Certificate Name", + "description": "The name associated with the server certificate", + "name": "HTTPS_NAME", + "value": "", + "required": false + }, + { + "displayName": "Server Keystore Password", + "description": "The password for the keystore and certificate", + "name": "HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "displayName": "Database JNDI Name", + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql", + "name": "DB_JNDI", + "value": "java:jboss/datasources/postgresql", + "required": false + }, + { + "displayName": "Database Name", + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "displayName": "Database Username", + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "displayName": "Database Password", + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "displayName": "Datasource Minimum Pool Size", + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "displayName": "Datasource Maximum Pool Size", + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "displayName": "Datasource Transaction Isolation", + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "displayName": "PostgreSQL Maximum number of connections", + "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", + "name": "POSTGRESQL_MAX_CONNECTIONS", + "required": false + }, + { + "displayName": "PostgreSQL Shared Buffers", + "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", + "name": "POSTGRESQL_SHARED_BUFFERS", + "required": false + }, + { + "displayName": "ImageStream Namespace", + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + }, + { + "displayName": "Infinispan Connectors", + "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", + "name": "INFINISPAN_CONNECTORS", + "value": "hotrod,memcached,rest", + "required": false + }, + { + "displayName": "Cache Names", + "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configurd for each entry.", + "name": "CACHE_NAMES", + "value": "", + "required": false + }, + { + "displayName": "Datavirt Cache Names", + "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: , _staging and _alias.", + "name": "DATAVIRT_CACHE_NAMES", + "value": "", + "required": false + }, + { + "displayName": "Default Cache Type", + "description": "Default cache type for all caches. If empty then distributed will be the default", + "name": "CACHE_TYPE_DEFAULT", + "value": "", + "required": false + }, + { + "displayName": "Encryption Requires SSL Client Authentication?", + "description": "Whether to require client certificate authentication. Defaults to false", + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "", + "required": false + }, + { + "displayName": "Memcached Cache Name", + "description": "The name of the cache to expose through this memcached connector", + "name": "MEMCACHED_CACHE", + "value": "default_memcached", + "required": false + }, + { + "displayName": "REST Security Domain", + "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", + "name": "REST_SECURITY_DOMAIN", + "value": "", + "required": false + }, + { + "displayName": "JGroups Secret Name", + "description": "The name of the secret containing the keystore file", + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "datagrid-app-secret", + "required": false + }, + { + "displayName": "JGroups Keystore Filename", + "description": "The name of the keystore file within the secret", + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "jgroups.jceks", + "required": false + }, + { + "displayName": "JGroups Certificate Name", + "description": "The name associated with the server certificate", + "name": "JGROUPS_ENCRYPT_NAME", + "value": "", + "required": false + }, + { + "displayName": "JGroups Keystore Password", + "description": "The password for the keystore and certificate", + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "", + "required": false + }, + { + "displayName": "JGroups Cluster Password", + "description": "JGroups cluster password", + "name": "JGROUPS_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "displayName": "PostgreSQL Image Stream Tag", + "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.", + "name": "POSTGRESQL_IMAGE_STREAM_TAG", + "value": "9.5", + "required": true + }, + { + "description": "Container memory limit", + "name": "MEMORY_LIMIT", + "value": "1Gi", + "required": false + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port.", + "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]" + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port.", + "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]" + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11211, + "targetPort": 11211 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-memcached", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Memcached service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 11333, + "targetPort": 11333 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-hotrod", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Hot Rod service for clustered applications." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5432, + "targetPort": 5432 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "clusterIP": "None", + "ports": [ + { + "name": "ping", + "port": 8888 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-ping", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "service.alpha.kubernetes.io/tolerate-unready-endpoints": "true", + "description": "The JGroups ping port for clustering." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTP}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${HOSTNAME_HTTPS}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-datagrid72-openshift:1.1" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "jboss-datagrid72-openshift", + "imagePullPolicy": "Always", + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, + "volumeMounts": [ + { + "name": "datagrid-keystore-volume", + "mountPath": "/etc/datagrid-secret-volume", + "readOnly": true + }, + { + "name": "datagrid-jgroups-keystore-volume", + "mountPath": "/etc/jgroups-encrypt-secret-volume", + "readOnly": true + } + ], + "livenessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/livenessProbe.sh" + ] + }, + "initialDelaySeconds": 60 + }, + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/datagrid/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "jolokia", + "containerPort": 8778, + "protocol": "TCP" + }, + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + }, + { + "name": "memcached", + "containerPort": 11211, + "protocol": "TCP" + }, + { + "name": "hotrod-internal", + "containerPort": 11222, + "protocol": "TCP" + }, + { + "name": "hotrod", + "containerPort": 11333, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "USERNAME", + "value": "${USERNAME}" + }, + { + "name": "PASSWORD", + "value": "${PASSWORD}" + }, + { + "name": "ADMIN_GROUP", + "value": "${ADMIN_GROUP}" + }, + { + "name": "HOTROD_AUTHENTICATION", + "value": "${HOTROD_AUTHENTICATION}" + }, + { + "name": "CONTAINER_SECURITY_ROLE_MAPPER", + "value": "${CONTAINER_SECURITY_ROLE_MAPPER}" + }, + { + "name": "CONTAINER_SECURITY_ROLES", + "value": "${CONTAINER_SECURITY_ROLES}" + }, + { + "name": "HTTPS_KEYSTORE_DIR", + "value": "/etc/datagrid-secret-volume" + }, + { + "name": "HTTPS_KEYSTORE", + "value": "${HTTPS_KEYSTORE}" + }, + { + "name": "HTTPS_NAME", + "value": "${HTTPS_NAME}" + }, + { + "name": "HTTPS_PASSWORD", + "value": "${HTTPS_PASSWORD}" + }, + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "TX_DATABASE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "DEFAULT_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "DEFAULT_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "MEMCACHED_JDBC_STORE_TYPE", + "value": "string" + }, + { + "name": "MEMCACHED_JDBC_STORE_DATASOURCE", + "value": "${DB_JNDI}" + }, + { + "name": "JGROUPS_PING_PROTOCOL", + "value": "openshift.DNS_PING" + }, + { + "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", + "value": "${APPLICATION_NAME}-ping" + }, + { + "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", + "value": "8888" + }, + { + "name": "INFINISPAN_CONNECTORS", + "value": "${INFINISPAN_CONNECTORS}" + }, + { + "name": "CACHE_NAMES", + "value": "${CACHE_NAMES}" + }, + { + "name": "DATAVIRT_CACHE_NAMES", + "value": "${DATAVIRT_CACHE_NAMES}" + }, + { + "name": "CACHE_TYPE_DEFAULT", + "value": "${CACHE_TYPE_DEFAULT}" + }, + { + "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", + "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" + }, + { + "name": "HOTROD_SERVICE_NAME", + "value": "${APPLICATION_NAME}-hotrod" + }, + { + "name": "HOTROD_ENCRYPTION", + "value": "${HTTPS_NAME}" + }, + { + "name": "MEMCACHED_CACHE", + "value": "${MEMCACHED_CACHE}" + }, + { + "name": "REST_SECURITY_DOMAIN", + "value": "${REST_SECURITY_DOMAIN}" + }, + { + "name": "JGROUPS_ENCRYPT_SECRET", + "value": "${JGROUPS_ENCRYPT_SECRET}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE", + "value": "${JGROUPS_ENCRYPT_KEYSTORE}" + }, + { + "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", + "value": "/etc/jgroups-encrypt-secret-volume" + }, + { + "name": "JGROUPS_ENCRYPT_NAME", + "value": "${JGROUPS_ENCRYPT_NAME}" + }, + { + "name": "JGROUPS_ENCRYPT_PASSWORD", + "value": "${JGROUPS_ENCRYPT_PASSWORD}" + }, + { + "name": "JGROUPS_CLUSTER_PASSWORD", + "value": "${JGROUPS_CLUSTER_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "datagrid-keystore-volume", + "secret": { + "secretName": "${HTTPS_SECRET}" + } + }, + { + "name": "datagrid-jgroups-keystore-volume", + "secret": { + "secretName": "${JGROUPS_ENCRYPT_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-postgresql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "containers": [ + { + "name": "${APPLICATION_NAME}-postgresql", + "image": "postgresql", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 5432, + "protocol": "TCP" + } + ], + "readinessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 5, + "exec": { + "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U $POSTGRESQL_USER -q -d $POSTGRESQL_DATABASE -c 'SELECT 1'"] + } + }, + "livenessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 5432 + } + }, + "env": [ + { + "name": "POSTGRESQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "POSTGRESQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "POSTGRESQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "POSTGRESQL_MAX_CONNECTIONS", + "value": "${POSTGRESQL_MAX_CONNECTIONS}" + }, + { + "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS", + "value": "${POSTGRESQL_MAX_CONNECTIONS}" + }, + { + "name": "POSTGRESQL_SHARED_BUFFERS", + "value": "${POSTGRESQL_SHARED_BUFFERS}" + } + ], + "volumeMounts": [ + { + "mountPath": "/var/lib/pgsql/data", + "name": "${APPLICATION_NAME}-data" + } + ] + } + ], + "volumes": [ + { + "emptyDir": { + "medium": "" + }, + "name": "${APPLICATION_NAME}-data" + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/tasks/main.yml b/roles/openshift_examples/tasks/main.yml index b6a8d76de45..2f47778d21d 100644 --- a/roles/openshift_examples/tasks/main.yml +++ b/roles/openshift_examples/tasks/main.yml @@ -17,7 +17,7 @@ run_once: True - name: Chmod local temp dir for OpenShift examples copy - local_action: command chmod 777 "{{ copy_examples_mktemp.stdout }}" + local_action: file path="{{ copy_examples_mktemp.stdout }}" mode=0777 run_once: True - name: Create tar of OpenShift examples @@ -28,7 +28,7 @@ warn: no - name: Chmod local temp dir for OpenShift examples copy - local_action: command chmod 744 "{{ copy_examples_mktemp.stdout }}/openshift-examples.tar" + local_action: file path="{{ copy_examples_mktemp.stdout }}/openshift-examples.tar" mode=0744 run_once: True - name: Create the remote OpenShift examples directory @@ -49,18 +49,32 @@ ###################################################################### # Begin image streams -- name: Create imagestream import secret +- name: Create imagestream import secret for oreg_url command: > - {{ openshift_client_binary }} create secret docker-registry imagestreamsecret --docker-server={{ registry_host }} --docker-username={{ oreg_auth_user }} --docker-email=openshift@openshift.com --docker-password={{ oreg_auth_password }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift + {{ openshift_client_binary }} create secret docker-registry imagestreamsecret + --docker-server={{ registry_host }} --docker-username={{ oreg_auth_user }} + --docker-email=openshift@openshift.com --docker-password={{ oreg_auth_password }} + --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift when: - openshift_examples_load_rhel | bool - oreg_auth_password is defined - with_items: - - "{{ rhel_image_streams }}" register: oex_imagestream_import_secret failed_when: "'already exists' not in oex_imagestream_import_secret.stderr and oex_imagestream_import_secret.rc != 0" changed_when: false +- name: Create imagestream import secrets for any additional registries + command: > + {{ openshift_client_binary }} create secret docker-registry o-a-{{ item.host | hash('md5') }} + --docker-server={{ item.host }} --docker-username={{ item.user }} + --docker-email=openshift@openshift.com --docker-password={{ item.password }} + --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift + when: + - openshift_additional_registry_credentials != [] + with_items: + - "{{ openshift_additional_registry_credentials }}" + register: oex_additional_creds + failed_when: "'already exists' not in oex_additional_creds.stderr and oex_additional_creds.rc != 0" + - name: Modify registry paths if registry_url is not registry.redhat.io shell: > find {{ examples_base }} -type f | xargs -n 1 sed -i 's|registry.redhat.io|{{ registry_host | quote }}|g' @@ -76,6 +90,8 @@ register: oex_import_rhel_streams failed_when: "'already exists' not in oex_import_rhel_streams.stderr and oex_import_rhel_streams.rc != 0" changed_when: false + retries: 3 + until: oex_import_rhel_streams is succeeded - name: Import Centos Image streams command: > @@ -86,6 +102,8 @@ register: oex_import_centos_streams failed_when: "'already exists' not in oex_import_centos_streams.stderr and oex_import_centos_streams.rc != 0" changed_when: false + retries: 3 + until: oex_import_centos_streams is succeeded - name: Import db templates command: > @@ -94,6 +112,8 @@ register: oex_import_db_templates failed_when: "'already exists' not in oex_import_db_templates.stderr and oex_import_db_templates.rc != 0" changed_when: false + retries: 3 + until: oex_import_db_templates is succeeded - name: Remove defunct quickstart template files file: @@ -123,6 +143,8 @@ register: oex_import_quickstarts failed_when: "'already exists' not in oex_import_quickstarts.stderr and oex_import_quickstarts.rc != 0" changed_when: false + retries: 3 + until: oex_import_quickstarts is succeeded - name: Remove old xPaas template files file: @@ -146,6 +168,8 @@ register: oex_import_xpaas_streams failed_when: "'already exists' not in oex_import_xpaas_streams.stderr and oex_import_xpaas_streams.rc != 0" changed_when: false + retries: 3 + until: oex_import_xpaas_streams is succeeded - name: Import xPaas templates command: > @@ -154,3 +178,5 @@ register: oex_import_xpaas_templates failed_when: "'already exists' not in oex_import_xpaas_templates.stderr and oex_import_xpaas_templates.rc != 0" changed_when: false + retries: 3 + until: oex_import_xpaas_templates is succeeded diff --git a/roles/openshift_excluder/tasks/exclude.yml b/roles/openshift_excluder/tasks/exclude.yml index 63906e860ac..53c61b96baf 100644 --- a/roles/openshift_excluder/tasks/exclude.yml +++ b/roles/openshift_excluder/tasks/exclude.yml @@ -1,30 +1,28 @@ --- -- block: - - name: Check for docker-excluder - stat: - path: /sbin/{{ r_openshift_excluder_service_type }}-docker-excluder - get_checksum: false - get_attributes: false - get_mime: false - register: docker_excluder_stat +- name: Check for docker-excluder + stat: + path: /sbin/{{ r_openshift_excluder_service_type }}-docker-excluder + get_checksum: false + get_attributes: false + get_mime: false + register: docker_excluder_stat - - name: Check for openshift excluder - stat: - path: /sbin/{{ r_openshift_excluder_service_type }}-excluder - get_checksum: false - get_attributes: false - get_mime: false - register: openshift_excluder_stat +- name: Check for openshift excluder + stat: + path: /sbin/{{ r_openshift_excluder_service_type }}-excluder + get_checksum: false + get_attributes: false + get_mime: false + register: openshift_excluder_stat - - name: Enable docker excluder - command: "/sbin/{{ r_openshift_excluder_service_type }}-docker-excluder exclude" - when: - - r_openshift_excluder_enable_docker_excluder | bool - - docker_excluder_stat.stat.exists +- name: Enable docker excluder + command: "/sbin/{{ r_openshift_excluder_service_type }}-docker-excluder exclude" + when: + - r_openshift_excluder_enable_docker_excluder | bool + - docker_excluder_stat.stat.exists - - name: Enable openshift excluder - command: "/sbin/{{ r_openshift_excluder_service_type }}-excluder exclude" - when: - - r_openshift_excluder_enable_openshift_excluder | bool - - openshift_excluder_stat.stat.exists - when: not openshift_is_atomic | bool +- name: Enable openshift excluder + command: "/sbin/{{ r_openshift_excluder_service_type }}-excluder exclude" + when: + - r_openshift_excluder_enable_openshift_excluder | bool + - openshift_excluder_stat.stat.exists diff --git a/roles/openshift_excluder/tasks/install.yml b/roles/openshift_excluder/tasks/install.yml index 6532d7fe28f..b926e0e4cde 100644 --- a/roles/openshift_excluder/tasks/install.yml +++ b/roles/openshift_excluder/tasks/install.yml @@ -1,7 +1,6 @@ --- - when: - - not openshift_is_atomic | bool - r_openshift_excluder_install_ran is not defined block: diff --git a/roles/openshift_excluder/tasks/main.yml b/roles/openshift_excluder/tasks/main.yml index 8169437f3c8..451726cd0b0 100644 --- a/roles/openshift_excluder/tasks/main.yml +++ b/roles/openshift_excluder/tasks/main.yml @@ -1,28 +1,23 @@ --- -- block: +- name: Debug r_openshift_excluder_enable_docker_excluder + debug: + var: r_openshift_excluder_enable_docker_excluder - - name: Debug r_openshift_excluder_enable_docker_excluder - debug: - var: r_openshift_excluder_enable_docker_excluder +- name: Debug r_openshift_excluder_enable_openshift_excluder + debug: + var: r_openshift_excluder_enable_openshift_excluder - - name: Debug r_openshift_excluder_enable_openshift_excluder - debug: - var: r_openshift_excluder_enable_openshift_excluder - - - name: Fail if invalid openshift_excluder_action provided - fail: - msg: "openshift_excluder role can only be called with 'enable' or 'disable'" - when: r_openshift_excluder_action not in ['enable', 'disable'] - - - name: Fail if r_openshift_excluder_upgrade_target is not defined - fail: - msg: "r_openshift_excluder_upgrade_target must be provided when using this role for upgrades" - when: - - r_openshift_excluder_verify_upgrade | bool - - r_openshift_excluder_upgrade_target is not defined - - - name: Include main action task file - include_tasks: "{{ r_openshift_excluder_action }}.yml" +- name: Fail if invalid openshift_excluder_action provided + fail: + msg: "openshift_excluder role can only be called with 'enable' or 'disable'" + when: r_openshift_excluder_action not in ['enable', 'disable'] +- name: Fail if r_openshift_excluder_upgrade_target is not defined + fail: + msg: "r_openshift_excluder_upgrade_target must be provided when using this role for upgrades" when: - - not openshift_is_atomic + - r_openshift_excluder_verify_upgrade | bool + - r_openshift_excluder_upgrade_target is not defined + +- name: Include main action task file + include_tasks: "{{ r_openshift_excluder_action }}.yml" diff --git a/roles/openshift_expand_partition/tasks/main.yml b/roles/openshift_expand_partition/tasks/main.yml index 15cab7faf7d..f186a69b939 100644 --- a/roles/openshift_expand_partition/tasks/main.yml +++ b/roles/openshift_expand_partition/tasks/main.yml @@ -3,17 +3,9 @@ package: name: cloud-utils-growpart state: present - when: not openshift_is_atomic | bool register: result until: result is succeeded -- name: Determine if growpart is installed - command: "rpm -q cloud-utils-growpart" - register: has_growpart - failed_when: has_growpart.rc != 0 and 'package cloud-utils-growpart is not installed' not in has_growpart.stdout - changed_when: false - when: openshift_is_atomic | bool - - name: Grow the partitions command: "growpart {{oep_drive}} {{oep_partition}}" diff --git a/roles/openshift_facts/defaults/main.yml b/roles/openshift_facts/defaults/main.yml index 3efdcedd7ab..9ce8c1e9705 100644 --- a/roles/openshift_facts/defaults/main.yml +++ b/roles/openshift_facts/defaults/main.yml @@ -1,5 +1,5 @@ --- -openshift_client_binary: "{{ (openshift_is_atomic | bool) | ternary('/usr/local/bin/oc', 'oc') }}" +openshift_client_binary: "oc" system_images_registry_dict: openshift-enterprise: "registry.redhat.io" @@ -15,13 +15,17 @@ l_oreg_host_temp: "{{ oreg_url | default(l_osm_registry_url_default) }}" # oreg_url is defined by user input. oreg_host: "{{ l_oreg_host_temp.split('/')[0] }}" +# Used to define a list of registry credentials +# ex openshift_additional_registry_credentials=[{'host':'registry.redhat.io','user':'bob','password':'redhat'},{'host':'registry.connect.redhat.com','user':'alice','password':'redhat','test_login':False}] +openshift_additional_registry_credentials: [] + # this variable does not replace ${version} with openshift_image_tag l_os_non_standard_reg_url: "{{ oreg_url | default(l_osm_registry_url_default) }}" l_docker_creds_image_dict: openshift-enterprise: 'openshift3/ose' origin: 'openshift/origin' -l_docker_creds_image_name: "{{ l_docker_creds_image_dict[openshift_deployment_type] }}" +l_docker_creds_test_image: "{{ l_docker_creds_image_dict[openshift_deployment_type] }}" l_docker_creds_http_proxy: "{{ 'HTTP_PROXY=' ~ openshift.common.http_proxy if openshift.common.http_proxy is defined and openshift.common.http_proxy != '' else ''}}" l_docker_creds_https_proxy: "{{ 'HTTPS_PROXY=' ~ openshift.common.https_proxy if openshift.common.https_proxy is defined and openshift.common.https_proxy != '' else ''}}" @@ -35,6 +39,7 @@ openshift_image_default: "{{ l_os_registry_url | regex_replace('${component}' | openshift_cli_image: "{{ (system_images_registry == 'docker') | ternary(openshift_image_default, (openshift_image_default.split('/')|length==2) | ternary(system_images_registry + '/' + openshift_image_default, openshift_image_default)) }}" system_openshift_cli_image: "{{ (system_images_registry == 'docker') | ternary('docker:' + openshift_cli_image, openshift_cli_image) }}" osn_image: "{{ l_os_registry_url | regex_replace('${component}' | regex_escape, 'node') }}" +osn_pod_image: "{{ l_os_registry_url | regex_replace('${component}' | regex_escape, 'pod') }}" osm_image: "{{ l_osm_registry_url | regex_replace('${component}' | regex_escape, 'control-plane') }}" repoquery_cmd: "{{ (ansible_pkg_mgr == 'dnf') | ternary('dnf repoquery --latest-limit 1 -d 0', 'repoquery --plugins') }}" @@ -43,7 +48,7 @@ repoquery_installed: "{{ (ansible_pkg_mgr == 'dnf') | ternary('dnf repoquery --l openshift_use_crio: False openshift_use_crio_only: False openshift_crio_enable_docker_gc: False -openshift_crio_var_sock: "unix:///var/run/crio/crio.sock" +openshift_crio_var_sock: "/var/run/crio/crio.sock" openshift_crio_pause_image: "{{ l_os_registry_url | regex_replace('${component}' | regex_escape, 'pod') }}" openshift_container_cli: "{{ openshift_use_crio | bool | ternary('crictl', 'docker') }}" openshift_crio_docker_gc_node_selector: @@ -82,7 +87,20 @@ openshift_hosted_registry_storage_glusterfs_ips: [] openshift_hosted_registry_storage_hostpath_path: /var/lib/openshift_volumes # Default to ReadWriteOnce if using hostpath, else default to ReadWriteMany openshift_hosted_registry_storage_access_modes: - - "{{ (openshift_hosted_registry_storage_kind == 'hostpath') | ternary('ReadWriteOnce', 'ReadWriteMany') }}" + - "{{ (openshift_hosted_registry_storage_kind | default(none) == 'hostpath') | ternary('ReadWriteOnce', 'ReadWriteMany') }}" + +openshift_hosted_registry_glusterfs_namespace: "{{ openshift_hosted_registry_namespace }}" +openshift_hosted_registry_glusterfs_storage_kind: 'glusterfs' +openshift_hosted_registry_glusterfs_storage_volume_name: "{{ openshift_hosted_registry_storage_volume_name }}-glusterfs" +openshift_hosted_registry_glusterfs_storage_volume_size: "{{ openshift_hosted_registry_storage_volume_size }}" +openshift_hosted_registry_glusterfs_storage_create_pv: False +openshift_hosted_registry_glusterfs_storage_create_pvc: False +openshift_hosted_registry_glusterfs_storage_glusterfs_endpoints: "{{ openshift_hosted_registry_storage_glusterfs_endpoints }}" +openshift_hosted_registry_glusterfs_storage_glusterfs_path: "{{ openshift_hosted_registry_storage_glusterfs_path }}" +openshift_hosted_registry_glusterfs_storage_glusterfs_readOnly: "{{ openshift_hosted_registry_storage_glusterfs_readOnly }}" +openshift_hosted_registry_glusterfs_storage_glusterfs_ips: "{{ openshift_hosted_registry_storage_glusterfs_ips }}" +openshift_hosted_registry_glusterfs_storage_access_modes: + - 'ReadWriteMany' openshift_logging_storage_nfs_directory: '/exports' openshift_logging_storage_nfs_options: '*(rw,root_squash)' @@ -113,27 +131,6 @@ openshift_metrics_storage_nfs_options: '*(rw,root_squash)' openshift_metrics_storage_access_modes: - 'ReadWriteOnce' -openshift_prometheus_storage_volume_name: 'prometheus' -openshift_prometheus_storage_volume_size: '10Gi' -openshift_prometheus_storage_access_modes: - - 'ReadWriteOnce' -openshift_prometheus_storage_create_pv: True -openshift_prometheus_storage_create_pvc: False - -openshift_prometheus_alertmanager_storage_volume_name: 'prometheus-alertmanager' -openshift_prometheus_alertmanager_storage_volume_size: '10Gi' -openshift_prometheus_alertmanager_storage_access_modes: - - 'ReadWriteOnce' -openshift_prometheus_alertmanager_storage_create_pv: True -openshift_prometheus_alertmanager_storage_create_pvc: False - -openshift_prometheus_alertbuffer_storage_volume_name: 'prometheus-alertbuffer' -openshift_prometheus_alertbuffer_storage_volume_size: '10Gi' -openshift_prometheus_alertbuffer_storage_access_modes: - - 'ReadWriteOnce' -openshift_prometheus_alertbuffer_storage_create_pv: True -openshift_prometheus_alertbuffer_storage_create_pvc: False - openshift_service_type_dict: origin: origin openshift-enterprise: atomic-openshift diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 86df82a8c41..b5a79831848 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -609,6 +609,7 @@ def build_controller_args(facts): 'cloudprovider') if 'master' in facts: controller_args = {} + if 'cloudprovider' in facts: if 'kind' in facts['cloudprovider']: if facts['cloudprovider']['kind'] == 'aws': @@ -1055,7 +1056,9 @@ def generate_facts(self, roles = local_facts.keys() defaults = self.get_defaults(roles) - provider_facts = self.init_provider_facts() + provider_facts = {} + if 'common' in local_facts and 'cloudprovider' in local_facts['common']: + provider_facts = self.init_provider_facts() facts = apply_provider_facts(defaults, provider_facts) facts = merge_facts(facts, local_facts, diff --git a/roles/openshift_gcp/tasks/setup_scale_group_facts.yml b/roles/openshift_gcp/tasks/setup_scale_group_facts.yml index 348df3d27e6..336c41bb864 100644 --- a/roles/openshift_gcp/tasks/setup_scale_group_facts.yml +++ b/roles/openshift_gcp/tasks/setup_scale_group_facts.yml @@ -1,10 +1,14 @@ --- +- name: Set var to exclude bootstrapped nodes + set_fact: + bootstrapped_nodes: "{{ all_nodes | default(false) | ternary([], groups['tag_ocp-bootstrap']) | default([]) }}" + - name: Add node instances to node group add_host: name: "{{ hostvars[item].gce_name }}" groups: nodes, new_nodes openshift_node_group_name: "{{ openshift_gcp_node_group_mapping['compute'] }}" - with_items: "{{ groups['tag_ocp-node'] | default([]) | difference(groups['tag_ocp-bootstrap'] | default([])) }}" + with_items: "{{ groups['tag_ocp-node'] | default([]) | difference(bootstrapped_nodes) }}" - name: Add bootstrap node instances as nodes add_host: @@ -17,14 +21,14 @@ add_host: name: "{{ hostvars[item].gce_name }}" groups: nodes - with_items: "{{ groups['tag_ocp-master'] | default([]) | difference(groups['tag_ocp-bootstrap'] | default([])) }}" + with_items: "{{ groups['tag_ocp-master'] | default([]) | difference(bootstrapped_nodes) }}" - name: Add infra node instances to node group add_host: name: "{{ hostvars[item].gce_name }}" groups: nodes, new_nodes openshift_node_group_name: "{{ openshift_gcp_node_group_mapping['infra'] }}" - with_items: "{{ groups['tag_ocp-infra-node'] | default([]) | difference(groups['tag_ocp-bootstrap'] | default([])) }}" + with_items: "{{ groups['tag_ocp-infra-node'] | default([]) | difference(bootstrapped_nodes) }}" - name: Add masters to requisite groups add_host: diff --git a/roles/openshift_gcp/templates/provision_ssh.j2.sh b/roles/openshift_gcp/templates/provision_ssh.j2.sh index e417c15e6bb..8868070890c 100755 --- a/roles/openshift_gcp/templates/provision_ssh.j2.sh +++ b/roles/openshift_gcp/templates/provision_ssh.j2.sh @@ -23,7 +23,7 @@ if [[ -n "{{ openshift_gcp_ssh_private_key }}" ]]; then pub_key=$(cut -d ' ' -f 2 < "${pub_file}") fi key_tmp_file='/tmp/ocp-gce-keys' - if ! gcloud --project "{{ openshift_gcp_project }}" compute project-info describe | grep -q "$pub_key"; then + if ! gcloud --project "{{ openshift_gcp_project }}" compute project-info describe | grep "$pub_key" | grep -q cloud-user; then if gcloud --project "{{ openshift_gcp_project }}" compute project-info describe | grep -q ssh-rsa; then gcloud --project "{{ openshift_gcp_project }}" compute project-info describe | grep ssh-rsa | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//' -e 's/value: //' > "$key_tmp_file" fi diff --git a/roles/openshift_gcp/templates/remove.j2.sh b/roles/openshift_gcp/templates/remove.j2.sh index 4626087c48a..64e087a7a11 100644 --- a/roles/openshift_gcp/templates/remove.j2.sh +++ b/roles/openshift_gcp/templates/remove.j2.sh @@ -131,29 +131,17 @@ teardown "{{ openshift_gcp_prefix }}master-ssl-lb-backend" compute backend-servi teardown "{{ openshift_gcp_prefix }}master-ssl-lb-health-check" compute health-checks ) & -#Firewall rules -#['name']='parameters for "gcloud compute firewall-rules create"' -#For all possible parameters see: gcloud compute firewall-rules create --help -declare -A FW_RULES=( - ['icmp']="" - ['ssh-external']="" - ['ssh-internal']="" - ['master-internal']="" - ['master-external']="" - ['node-internal']="" - ['infra-node-internal']="" - ['infra-node-external']="" -) -for rule in "${!FW_RULES[@]}"; do - ( if gcloud --project "{{ openshift_gcp_project }}" compute firewall-rules describe "{{ openshift_gcp_prefix }}$rule" &>/dev/null; then - # retry a few times because this call can be flaky - for i in `seq 1 3`; do - if gcloud -q --project "{{ openshift_gcp_project }}" compute firewall-rules delete "{{ openshift_gcp_prefix }}$rule"; then - break - fi - done - fi ) & -done +# Firewall rules +( + if ! firewalls=$( gcloud --project "{{ openshift_gcp_project }}" compute firewall-rules list --filter="network~projects/{{ openshift_gcp_project }}/global/networks/{{ openshift_gcp_network_name }}" --format="value[terminator=' '](name)" 2>/dev/null ); then + exit 0 + fi + firewalls="${firewalls%?}" + if [[ -z "${firewalls}" ]]; then + exit 0 + fi + gcloud --project "{{ openshift_gcp_project }}" compute firewall-rules delete -q ${firewalls} +) & for i in `jobs -p`; do wait $i; done @@ -172,12 +160,9 @@ for name in $( gcloud --project "{{ openshift_gcp_project }}" compute images lis ( gcloud --project "{{ openshift_gcp_project }}" compute images delete "${name}" ) & done -# Network -( teardown "{{ openshift_gcp_network_name }}" compute networks ) & - # Disks ( - if ! disks=$( gcloud --project "{{ openshift_gcp_project }}" compute disks list --filter="users~projects/{{ openshift_gcp_project }}/zones/{{ openshift_gcp_zone }}/instances/{{ openshift_gcp_prefix }}-.*" --format="value[terminator=' '](name)" 2>/dev/null ); then + if ! disks=$( gcloud --project "{{ openshift_gcp_project }}" compute disks list --filter="users~projects/{{ openshift_gcp_project }}/zones/{{ openshift_gcp_zone }}/instances/{{ openshift_gcp_prefix }}.*" --format="value[terminator=' '](name)" 2>/dev/null ); then exit 0 fi disks="${disks%?}" @@ -185,7 +170,10 @@ done echo "warning: No disks in use by {{ openshift_gcp_prefix }}" 1>&2 exit 0 fi - gcloud --project "{{ openshift_gcp_project }}" compute disks delete "${disks}" + gcloud --project "{{ openshift_gcp_project }}" compute disks delete -q "${disks}" ) & +# Network +( teardown "{{ openshift_gcp_network_name }}" compute networks ) & + for i in `jobs -p`; do wait $i; done \ No newline at end of file diff --git a/roles/openshift_grafana/README.md b/roles/openshift_grafana/README.md deleted file mode 100644 index 002b226b023..00000000000 --- a/roles/openshift_grafana/README.md +++ /dev/null @@ -1,78 +0,0 @@ -OpenShift Grafana Playbooks -=========================== - -OpenShift Grafana Configuration. - -NOTE: Grafana is not yet supported by Red hat. This is community version of playbooks and grafana. - -This role handles the configuration of Grafana dashboard with Prometheus. - -Requirements ------------- - -* Ansible 2.2 - - -Host Variables --------------- - -For configuring new clusters, the following role variables are available. - -Each host in either of the above groups must have the following variable -defined: - -| Name | Default value | Description | -|----------------------------------------------|-------------------|----------------------------------------------| -| openshift_grafana_namespace | openshift-grafana | Default grafana namespace | -| openshift_grafana_timeout | 300 | Default pod wait timeout | -| openshift_grafana_prometheus_namespace | openshift-metrics | Default prometheus namespace | -| openshift_grafana_prometheus_serviceaccount | prometheus | Prometheus service account | -| openshift_grafana_serviceaccount_name | grafana | Grafana service account name | -| openshift_grafana_datasource_name | prometheus | Default datasource name | -| openshift_grafana_node_exporter | false | Do we want to deploy node exported dashboard | -| openshift_grafana_graph_granularity | 2m | Default dashboard granularity | -| openshift_grafana_node_selector | {"region":"infra"}| Default node selector | -| openshift_grafana_serviceaccount_annotations | empty | Additional service account annotation list | -| openshift_grafana_dashboards | (check defaults) | Additional list of dashboards to deploy | -| openshift_grafana_hostname | grafana | Grafana route hostname | -| openshift_grafana_service_name | grafana | Grafana Service name | -| openshift_grafana_service_port | 443 | Grafana service port | -| openshift_grafana_service_targetport | 8443 | Grafana TargetPort to auth proxy | -| openshift_grafana_container_port | 3000 | Grafana container port | -| openshift_grafana_oauth_proxy_memory_requests| nil | OAuthProxy memory request | -| openshift_grafana_oauth_proxy_cpu_requests | nil | OAuthProxy CPY request | -| openshift_grafana_oauth_proxy_memory_limit | nil | OAuthProxy Memory Limit | -| openshift_grafana_oauth_proxy_cpu_limit | nil | OAuthProxy CPY limit | -| openshift_grafana_storage_type | emptydir | Default grafana storage type [emptydir, pvc] | -| openshift_grafana_pvc_name | grafana | Grafana Storage Claim name | -| openshift_grafana_pvc_access_modes | ReadWriteOnce | Grafana Storage Claim mode | -| openshift_grafana_pvc_pv_selector | {} | Grafana PV Selector | -| openshift_grafana_sc_name | None | StorageClass name to use | - -Dependencies ------------- - -* openshift_hosted_facts -* openshift_repos -* lib_openshift - -Example Playbook ----------------- - -``` -- name: Configure Grafana - hosts: oo_first_master - roles: - - role: openshift_grafana -``` - -License -------- - -Apache License, Version 2.0 - -Author Information ------------------- - -Mangirdas Judeikis (mudeiki@redhat.com) -Eldad Marciano diff --git a/roles/openshift_grafana/defaults/main.yaml b/roles/openshift_grafana/defaults/main.yaml deleted file mode 100644 index ff9a0505e48..00000000000 --- a/roles/openshift_grafana/defaults/main.yaml +++ /dev/null @@ -1,60 +0,0 @@ ---- -# We should probably use something more official here. -openshift_grafana_image: "docker.io/grafana/grafana:master" -openshift_grafana_proxy_image: "{{ l2_os_logging_proxy_image }}" - -openshift_grafana_state: present -openshift_grafana_namespace: openshift-grafana -openshift_grafana_pod_timeout: 300 -openshift_grafana_prometheus_namespace: "openshift-monitoring" -openshift_grafana_prometheus_serviceaccount: "prometheus-k8s" -openshift_grafana_prometheus_route: "prometheus-k8s" -openshift_grafana_serviceaccount_name: grafana -openshift_grafana_serviceaccount_annotations: [] -l_openshift_grafana_serviceaccount_annotations: - - serviceaccounts.openshift.io/oauth-redirectreference.primary='{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"grafana"}}' -openshift_grafana_datasource_name: "prometheus" -openshift_grafana_node_exporter: false -openshift_grafana_graph_granularity: "2m" -openshift_grafana_node_selector: {"node-role.kubernetes.io/infra":"true"} -openshift_grafana_hostname: grafana-{{openshift_grafana_namespace}}.{{openshift_master_default_subdomain}} -openshift_grafana_service_name: grafana -openshift_grafana_service_port: 443 -openshift_grafana_service_targetport: 8443 -openshift_grafana_container_port: 3000 - -openshift_grafana_storage_type: "emptydir" -openshift_grafana_pvc_name: grafana -openshift_grafana_pvc_size: "{{ openshift_grafana_storage_volume_size | default('10Gi') }}" -openshift_grafana_pvc_access_modes: [ReadWriteOnce] -openshift_grafana_pvc_pv_selector: "{{ openshift_grafana_storage_labels | default({}) }}" -openshift_grafana_sc_name: "{{ openshift_grafana_storage_class | default(None) }}" - -openshift_grafana_dashboards: [] -l_openshift_grafana_dashboards: - - openshift-cluster-monitoring.json - - node-exporter-full-dashboard.json - -# container resources -openshift_grafana_cpu_limit: null -openshift_grafana_memory_limit: null -openshift_grafana_cpu_requests: null -openshift_grafana_memory_requests: null -openshift_grafana_oauth_proxy_cpu_limit: null -openshift_grafana_oauth_proxy_memory_limit: null -openshift_grafana_oauth_proxy_cpu_requests: null -openshift_grafana_oauth_proxy_memory_requests: null - -openshift_grafana_datasource_payload: - name: grafana_name - type: prometheus - typeLogoUrl: '' - access: proxy - url: https://prometheus_url - basicAuth: false - withCredentials: false - jsonData: - tlsSkipVerify: true - httpHeaderName1: Authorization - secureJsonData: - httpHeaderValue1: Bearer diff --git a/roles/openshift_grafana/files/dashboards/node-exporter-full-dashboard.json b/roles/openshift_grafana/files/dashboards/node-exporter-full-dashboard.json deleted file mode 100644 index c156c23037a..00000000000 --- a/roles/openshift_grafana/files/dashboards/node-exporter-full-dashboard.json +++ /dev/null @@ -1,19478 +0,0 @@ -{ - "dashboard": { - "description": "Based on https://grafana.com/dashboards/1860 , with some small changes for job naming under kubernetes.", - "editable": true, - "gnetId": 3320, - "graphTooltip": 0, - "hideControls": false, - "id": null, - "links": [], - "refresh": "1m", - "rows": [ - { - "collapse": false, - "height": 151, - "panels": [ - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": true, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "##DS_PR##", - "decimals": null, - "description": "Busy state of all CPU cores together", - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "id": 20, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "minSpan": 1, - "nullPointMode": "null", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": true - }, - "tableColumn": "", - "targets": [ - { - "expr": "(((count(count(node_cpu{instance=~\"$node\"}) by (cpu))) - avg(sum by (mode)(irate(node_cpu{mode='idle',instance=~\"$node\"}[5m])))) * 100) / count(count(node_cpu{instance=~\"$node\"}) by (cpu))", - "hide": false, - "intervalFactor": 1, - "legendFormat": "", - "refId": "A", - "step": 10 - } - ], - "thresholds": "85,95", - "title": "CPU Busy", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": true, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "##DS_PR##", - "decimals": 0, - "description": "Non available RAM memory", - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "hideTimeOverride": false, - "id": 16, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "minSpan": 2, - "nullPointMode": "null", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": true - }, - "tableColumn": "", - "targets": [ - { - "expr": "((node_memory_MemTotal{instance=~\"$node\"} - node_memory_MemFree{instance=~\"$node\"}) / (node_memory_MemTotal{instance=~\"$node\"} )) * 100", - "format": "time_series", - "hide": true, - "intervalFactor": 1, - "refId": "A", - "step": 900 - }, - { - "expr": "100 - ((node_memory_MemAvailable{instance=~\"$node\"} * 100) / node_memory_MemTotal{instance=~\"$node\"})", - "format": "time_series", - "hide": false, - "intervalFactor": 1, - "refId": "B", - "step": 10 - } - ], - "thresholds": "80,90", - "title": "Used RAM Memory", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": true, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "##DS_PR##", - "decimals": null, - "description": "Used Swap", - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "id": 21, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "minSpan": 2, - "nullPointMode": "null", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": true - }, - "tableColumn": "", - "targets": [ - { - "expr": "((node_memory_SwapTotal{instance=~\"$node\"} - node_memory_SwapFree{instance=~\"$node\"}) / (node_memory_SwapTotal{instance=~\"$node\"} )) * 100", - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "thresholds": "10,25", - "title": "Used SWAP", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": true, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "##DS_PR##", - "decimals": null, - "description": "Used Root FS", - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "id": 154, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "minSpan": 2, - "nullPointMode": "null", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": true - }, - "tableColumn": "", - "targets": [ - { - "expr": "100 - ((node_filesystem_avail{instance=~\"$node\",mountpoint=\"/\",fstype!=\"rootfs\"} * 100) / node_filesystem_size{instance=~\"$node\",mountpoint=\"/\",fstype!=\"rootfs\"})", - "format": "time_series", - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "thresholds": "80,90", - "title": "Used Root FS", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": true, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "##DS_PR##", - "decimals": null, - "description": "Busy state of all CPU cores together (1 min average)", - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "id": 19, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "minSpan": 1, - "nullPointMode": "null", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": true - }, - "tableColumn": "", - "targets": [ - { - "expr": "avg(node_load1{instance=~\"$node\"}) / count(count(node_cpu{instance=~\"$node\"}) by (cpu)) * 100", - "hide": false, - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "thresholds": "85, 95", - "title": "CPU System Load (1m avg)", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": true, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "##DS_PR##", - "decimals": null, - "description": "Busy state of all CPU cores together (5 min average)", - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "id": 155, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "minSpan": 1, - "nullPointMode": "null", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": true - }, - "tableColumn": "", - "targets": [ - { - "expr": "avg(node_load5{instance=~\"$node\"}) / count(count(node_cpu{instance=~\"$node\"}) by (cpu)) * 100", - "format": "time_series", - "hide": false, - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "thresholds": "85, 95", - "title": "CPU System Load (5m avg)", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Basic CPU / Mem / Disk Gauge", - "titleSize": "h6" - }, - { - "collapse": false, - "height": 46, - "panels": [ - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "##DS_PR##", - "description": "Total number of CPU cores", - "format": "short", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "id": 14, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "minSpan": 2, - "nullPointMode": "null", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "count(count(node_cpu{instance=~\"$node\"}) by (cpu))", - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "thresholds": "", - "title": "CPU Cores", - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "##DS_PR##", - "decimals": 2, - "description": "Total RAM", - "format": "bytes", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "id": 75, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "minSpan": 2, - "nullPointMode": "null", - "nullText": null, - "postfix": "", - "postfixFontSize": "70%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "node_memory_MemTotal{instance=~\"$node\"}", - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "thresholds": "", - "title": "Total RAM", - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "##DS_PR##", - "decimals": 2, - "description": "Total SWAP", - "format": "bytes", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "id": 18, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "minSpan": 2, - "nullPointMode": "null", - "nullText": null, - "postfix": "", - "postfixFontSize": "70%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "node_memory_SwapTotal{instance=~\"$node\"}", - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "thresholds": "", - "title": "Total SWAP", - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "##DS_PR##", - "decimals": null, - "description": "Total RootFS", - "format": "bytes", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "id": 23, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "minSpan": 2, - "nullPointMode": "null", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "node_filesystem_size{instance=~\"$node\",mountpoint=\"/\",fstype!=\"rootfs\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "thresholds": "70,90", - "title": "Total RootFS", - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "##DS_PR##", - "decimals": 2, - "description": "System Load (1m avg)", - "format": "short", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "id": 17, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "minSpan": 1, - "nullPointMode": "null", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "node_load1{instance=~\"$node\"}", - "hide": false, - "intervalFactor": 1, - "refId": "A", - "step": 10 - } - ], - "thresholds": "", - "title": "System Load (1m avg)", - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "##DS_PR##", - "decimals": 1, - "description": "System uptime", - "format": "s", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "hideTimeOverride": true, - "id": 15, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "null", - "nullText": null, - "postfix": "s", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "node_time{instance=~\"$node\"} - node_boot_time{instance=~\"$node\"}", - "intervalFactor": 2, - "refId": "A", - "step": 20 - } - ], - "thresholds": "", - "title": "Uptime", - "transparent": false, - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Basic CPU / Mem / Disk Info", - "titleSize": "h6" - }, - { - "collapse": false, - "height": "275", - "panels": [ - { - "aliasColors": { - "Busy": "#EAB839", - "Busy Iowait": "#890F02", - "Busy other": "#1F78C1", - "Idle": "#052B51", - "Idle - Waiting for something to happen": "#052B51", - "guest": "#9AC48A", - "idle": "#052B51", - "iowait": "#EAB839", - "irq": "#BF1B00", - "nice": "#C15C17", - "softirq": "#E24D42", - "steal": "#FCE2DE", - "system": "#508642", - "user": "#5195CE" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "description": "Basic CPU info", - "fill": 4, - "id": 77, - "legend": { - "alignAsTable": false, - "avg": false, - "current": false, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "sideWidth": 250, - "sort": null, - "sortDesc": null, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": true, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "Busy Iowait", - "color": "#890F02" - }, - { - "alias": "Idle", - "color": "#7EB26D" - }, - { - "alias": "Busy System", - "color": "#EAB839" - }, - { - "alias": "Busy User", - "color": "#0A437C" - }, - { - "alias": "Busy Other", - "color": "#6D1F62" - } - ], - "spaceLength": 10, - "span": 6, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "sum by (instance)(rate(node_cpu{mode=\"system\",instance=~\"$node\"}[5m])) * 100", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "Busy System", - "refId": "B", - "step": 2 - }, - { - "expr": "sum by (instance)(rate(node_cpu{mode='user',instance=~\"$node\"}[5m])) * 100", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "Busy User", - "refId": "D", - "step": 2 - }, - { - "expr": "sum by (instance)(rate(node_cpu{mode='iowait',instance=~\"$node\"}[5m])) * 100", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Busy Iowait", - "refId": "E", - "step": 2 - }, - { - "expr": "sum by (instance)(rate(node_cpu{mode=~\".*irq\",instance=~\"$node\"}[5m])) * 100", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Busy IRQs", - "refId": "F", - "step": 2 - }, - { - "expr": "sum (rate(node_cpu{mode!='idle',mode!='user',mode!='system',mode!='iowait',mode!='irq',mode!='softirq',instance=~\"$node\"}[5m])) * 100", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Busy Other", - "refId": "A", - "step": 2 - }, - { - "expr": "sum by (mode)(rate(node_cpu{mode='idle',instance=~\"$node\"}[5m])) * 100", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Idle", - "refId": "C", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "CPU Basic", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "transparent": false, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "", - "logBase": 1, - "max": "100", - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "SWAP Used": "#BF1B00", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap Used": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "description": "Basic memory usage", - "fill": 4, - "id": 78, - "legend": { - "alignAsTable": false, - "avg": false, - "current": false, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "RAM Total", - "color": "#E0F9D7", - "fill": 0, - "stack": false - }, - { - "alias": "RAM Cache + Buffer", - "color": "#052B51" - }, - { - "alias": "RAM Free", - "color": "#7EB26D" - }, - { - "alias": "Avaliable", - "color": "#DEDAF7", - "fill": 0, - "stack": false - } - ], - "spaceLength": 10, - "span": 6, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_MemTotal{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "RAM Total", - "refId": "A", - "step": 2 - }, - { - "expr": "node_memory_MemTotal{instance=~\"$node\"} - node_memory_MemFree{instance=~\"$node\"} - (node_memory_Cached{instance=~\"$node\"} + node_memory_Buffers{instance=~\"$node\"})", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "RAM Used", - "refId": "D", - "step": 2 - }, - { - "expr": "node_memory_Cached{instance=~\"$node\"} + node_memory_Buffers{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "RAM Cache + Buffer", - "refId": "B", - "step": 2 - }, - { - "expr": "node_memory_MemFree{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "RAM Free", - "refId": "F", - "step": 2 - }, - { - "expr": "(node_memory_SwapTotal{instance=~\"$node\"} - node_memory_SwapFree{instance=~\"$node\"})", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "SWAP Used", - "refId": "G", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Basic", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Basic CPU / Mem Graph", - "titleSize": "h6" - }, - { - "collapse": false, - "height": "275", - "panels": [ - { - "aliasColors": { - "Recv_bytes_eth2": "#7EB26D", - "Recv_bytes_lo": "#0A50A1", - "Recv_drop_eth2": "#6ED0E0", - "Recv_drop_lo": "#E0F9D7", - "Recv_errs_eth2": "#BF1B00", - "Recv_errs_lo": "#CCA300", - "Trans_bytes_eth2": "#7EB26D", - "Trans_bytes_lo": "#0A50A1", - "Trans_drop_eth2": "#6ED0E0", - "Trans_drop_lo": "#E0F9D7", - "Trans_errs_eth2": "#BF1B00", - "Trans_errs_lo": "#CCA300", - "recv_bytes_lo": "#0A50A1", - "recv_drop_eth0": "#99440A", - "recv_drop_lo": "#967302", - "recv_errs_eth0": "#BF1B00", - "recv_errs_lo": "#890F02", - "trans_bytes_eth0": "#7EB26D", - "trans_bytes_lo": "#0A50A1", - "trans_drop_eth0": "#99440A", - "trans_drop_lo": "#967302", - "trans_errs_eth0": "#BF1B00", - "trans_errs_lo": "#890F02" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "Basic network info per interface", - "fill": 4, - "id": 74, - "legend": { - "alignAsTable": false, - "avg": false, - "current": false, - "hideEmpty": false, - "hideZero": false, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*trans.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*lo.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*eth0.*/", - "color": "#EAB839" - }, - { - "alias": "/.*eth1.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*eth2.*/", - "color": "#EF843C" - }, - { - "alias": "/.*eth3.*/", - "color": "#E24D42" - }, - { - "alias": "/.*eth4.*/", - "color": "#1F78C1" - }, - { - "alias": "/.*eth5.*/", - "color": "#BA43A9" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(node_network_receive_bytes{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "recv {{device}}", - "refId": "A", - "step": 2 - }, - { - "expr": "rate(node_network_transmit_bytes{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "trans {{device}} ", - "refId": "B", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Network Traffic Basic", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "transparent": false, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "pps", - "label": "", - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 3, - "description": "Disk space used of all filesystems mounted", - "fill": 4, - "height": "", - "id": 152, - "legend": { - "alignAsTable": false, - "avg": false, - "current": false, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "100 - ((node_filesystem_avail{instance=~\"$node\",device!~'rootfs'} * 100) / node_filesystem_size{instance=~\"$node\",device!~'rootfs'})", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{mountpoint}}", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Disk Space Used Basic", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "percent", - "label": null, - "logBase": 1, - "max": "100", - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Basic Net / Disk Info", - "titleSize": "h6" - }, - { - "collapse": false, - "height": "450", - "panels": [ - { - "aliasColors": { - "Idle - Waiting for something to happen": "#052B51", - "guest": "#9AC48A", - "idle": "#052B51", - "iowait": "#EAB839", - "irq": "#BF1B00", - "nice": "#C15C17", - "softirq": "#E24D42", - "steal": "#FCE2DE", - "system": "#508642", - "user": "#5195CE" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "description": "", - "fill": 4, - "id": 3, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 250, - "sort": null, - "sortDesc": null, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": true, - "pointradius": 5, - "points": false, - "renderer": "flot", - "repeat": null, - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "sum by (mode)(irate(node_cpu{mode=\"system\",instance=~\"$node\"}[5m])) * 100", - "format": "time_series", - "interval": "10s", - "intervalFactor": 2, - "legendFormat": "System - Processes executing in kernel mode", - "refId": "A", - "step": 10 - }, - { - "expr": "sum by (mode)(irate(node_cpu{mode='user',instance=~\"$node\"}[5m])) * 100", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "User - Normal processes executing in user mode", - "refId": "B", - "step": 2 - }, - { - "expr": "sum by (mode)(irate(node_cpu{mode='nice',instance=~\"$node\"}[5m])) * 100", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Nice - Niced processes executing in user mode", - "refId": "C", - "step": 2 - }, - { - "expr": "sum by (mode)(irate(node_cpu{mode='idle',instance=~\"$node\"}[5m])) * 100", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Idle - Waiting for something to happen", - "refId": "F", - "step": 2 - }, - { - "expr": "sum by (mode)(irate(node_cpu{mode='iowait',instance=~\"$node\"}[5m])) * 100", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Iowait - Waiting for I/O to complete", - "refId": "D", - "step": 2 - }, - { - "expr": "sum by (mode)(irate(node_cpu{mode='irq',instance=~\"$node\"}[5m])) * 100", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Irq - Servicing interrupts", - "refId": "G", - "step": 2 - }, - { - "expr": "sum by (mode)(irate(node_cpu{mode='softirq',instance=~\"$node\"}[5m])) * 100", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Softirq - Servicing softirqs", - "refId": "H", - "step": 2 - }, - { - "expr": "sum by (mode)(irate(node_cpu{mode='steal',instance=~\"$node\"}[5m])) * 100", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Steal - Time spent in other operating systems when running in a virtualized environment", - "refId": "E", - "step": 2 - }, - { - "expr": "sum by (mode)(irate(node_cpu{mode='guest',instance=~\"$node\"}[5m])) * 100", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Guest - Time spent running a virtual CPU for a guest operating system", - "refId": "I", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "CPU", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "transparent": false, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Percentage", - "logBase": 1, - "max": "100", - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap - Swap memory usage": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839", - "Unused - Free memory unasigned": "#052B51" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "description": "", - "fill": 4, - "id": 24, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "sort": null, - "sortDesc": null, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Harware Corrupted - *./", - "stack": false - } - ], - "spaceLength": 10, - "span": 6, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_MemTotal{instance=~\"$node\"} - node_memory_MemFree{instance=~\"$node\"} - node_memory_Buffers{instance=~\"$node\"} - node_memory_Cached{instance=~\"$node\"} - node_memory_Slab{instance=~\"$node\"} - node_memory_PageTables{instance=~\"$node\"} - node_memory_SwapCached{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "Apps - Memory used by user-space applications", - "refId": "Q", - "step": 2 - }, - { - "expr": "node_memory_PageTables{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "PageTables - Memory used to map between virtual and physical memory addresses", - "refId": "G", - "step": 2 - }, - { - "expr": "node_memory_SwapCached{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "SwapCache - Memory that keeps track of pages that have been fetched from swap but not yet been modified", - "refId": "F", - "step": 2 - }, - { - "expr": "node_memory_Slab{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "Slab - Memory used by the kernel to cache data structures for its own use (caches like inode, dentry, etc)", - "refId": "E", - "step": 2 - }, - { - "expr": "node_memory_Cached{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "Cache - Parked file data (file content) cache", - "refId": "C", - "step": 2 - }, - { - "expr": "node_memory_Buffers{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "Buffers - Block device (e.g. harddisk) cache", - "refId": "B", - "step": 2 - }, - { - "expr": "node_memory_MemFree{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "Unused - Free memory unasigned", - "refId": "D", - "step": 2 - }, - { - "expr": "(node_memory_SwapTotal{instance=~\"$node\"} - node_memory_SwapFree{instance=~\"$node\"})", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "Swap - Swap space used", - "refId": "I", - "step": 2 - }, - { - "expr": "node_memory_HardwareCorrupted{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working", - "refId": "O", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Stack", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "receive_packets_eth0": "#7EB26D", - "receive_packets_lo": "#E24D42", - "transmit_packets_eth0": "#7EB26D", - "transmit_packets_lo": "#E24D42" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 4, - "id": 84, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Trans.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*lo.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*eth0.*/", - "color": "#EAB839" - }, - { - "alias": "/.*eth1.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*eth2.*/", - "color": "#EF843C" - }, - { - "alias": "/.*eth3.*/", - "color": "#E24D42" - }, - { - "alias": "/.*eth4.*/", - "color": "#1F78C1" - }, - { - "alias": "/.*eth5.*/", - "color": "#BA43A9" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_network_receive_bytes{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{device}} - Receive", - "refId": "O", - "step": 2 - }, - { - "expr": "irate(node_network_transmit_bytes{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{device}} - Transmit", - "refId": "P", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Network Traffic", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "Bps", - "label": "Bytes out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 3, - "description": "", - "fill": 4, - "height": "", - "id": 156, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": false, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_filesystem_size{instance=~\"$node\",device!~'rootfs'} - node_filesystem_avail{instance=~\"$node\",device!~'rootfs'}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{mountpoint}}", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Disk Space Used", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "io time": "#890F02" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 3, - "description": "", - "fill": 4, - "id": 42, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": null, - "sortDesc": null, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*read*./", - "transform": "negative-Y" - }, - { - "alias": "/.*sda.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*sdb.*/", - "color": "#EAB839" - }, - { - "alias": "/.*sdc.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*sdd.*/", - "color": "#EF843C" - }, - { - "alias": "/.*sde.*/", - "color": "#E24D42" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_disk_bytes_read{instance=~\"$node\",device=~\"[a-z]*[a-z]\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "{{device}} - Successfully read bytes", - "refId": "A", - "step": 2 - }, - { - "expr": "irate(node_disk_bytes_written{instance=~\"$node\",device=~\"[a-z]*[a-z]\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "{{device}} - Successfully written bytes", - "refId": "B", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "I/O Usage Read / Write", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": false, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes read (-) / write (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "ms", - "label": "", - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": { - "io time": "#890F02" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 3, - "description": "", - "fill": 4, - "id": 127, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": null, - "sortDesc": null, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_disk_io_time_ms{instance=~\"$node\",device=~\"[a-z]*[a-z]\"} [5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "{{device}} - Milliseconds spent doing I/Os", - "refId": "C", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "I/O Usage Times", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": false, - "values": [] - }, - "yaxes": [ - { - "format": "ms", - "label": "Milliseconds", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "ms", - "label": "", - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "CPU Memory Net Disk", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "375", - "panels": [ - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 136, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 6, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_Inactive{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Inactive - Memory which has been less recently used. It is more eligible to be reclaimed for other purposes", - "refId": "K", - "step": 240 - }, - { - "expr": "node_memory_Active{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Active - Memory that has been used more recently and usually not reclaimed unless absolutely necessary", - "refId": "J", - "step": 240 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Active / Inactive", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 135, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Committed_AS - *./" - }, - { - "alias": "/.*CommitLimit - *./", - "color": "#BF1B00", - "fill": 0 - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_Committed_AS{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Committed_AS - Amount of memory presently allocated on the system", - "refId": "A", - "step": 240 - }, - { - "expr": "node_memory_CommitLimit{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "CommitLimit - Amount of memory currently available to be allocated on the system", - "refId": "M", - "step": 240 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Commited", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 191, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_Inactive_file{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "Inactive_file - File-backed memory on inactive LRU list", - "refId": "A", - "step": 240 - }, - { - "expr": "node_memory_Inactive_anon{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "Inactive_anon - Anonymous and swap cache on inactive LRU list, including tmpfs (shmem)", - "refId": "D", - "step": 240 - }, - { - "expr": "node_memory_Active_file{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "Active_file - File-backed memory on active LRU list", - "refId": "B", - "step": 240 - }, - { - "expr": "node_memory_Active_anon{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "Active_anon - Anonymous and swap cache on active least-recently-used (LRU) list, including tmpfs", - "refId": "C", - "step": 240 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Active / Inactive Detail", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": { - "Active": "#99440A", - "Buffers": "#58140C", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Dirty": "#6ED0E0", - "Free": "#B7DBAB", - "Inactive": "#EA6460", - "Mapped": "#052B51", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "Slab_Cache": "#EAB839", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Total": "#511749", - "Total RAM": "#052B51", - "Total RAM + Swap": "#052B51", - "Total Swap": "#614D93", - "VmallocUsed": "#EA6460" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 130, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": null, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 6, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_Writeback{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Writeback - Memory which is actively being written back to disk", - "refId": "J", - "step": 240 - }, - { - "expr": "node_memory_WritebackTmp{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "WritebackTmp - Memory used by FUSE for temporary writeback buffers", - "refId": "K", - "step": 240 - }, - { - "expr": "node_memory_Dirty{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Dirty - Memory which is waiting to get written back to the disk", - "refId": "A", - "step": 240 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Writeback and Dirty", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 138, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_Mapped{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Mapped - Used memory in mapped pages files which have been mmaped, such as libraries", - "refId": "A", - "step": 240 - }, - { - "expr": "node_memory_Shmem{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Shmem - Used shared memory (shared between several processes, thus including RAM disks)", - "refId": "B", - "step": 240 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Shared and Mapped", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Active": "#99440A", - "Buffers": "#58140C", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Dirty": "#6ED0E0", - "Free": "#B7DBAB", - "Inactive": "#EA6460", - "Mapped": "#052B51", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "Slab_Cache": "#EAB839", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Total": "#511749", - "Total RAM": "#052B51", - "Total RAM + Swap": "#052B51", - "Total Swap": "#614D93", - "VmallocUsed": "#EA6460" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 131, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": null, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 6, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_SUnreclaim{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "SUnreclaim - Part of Slab, that cannot be reclaimed on memory pressure", - "refId": "O", - "step": 240 - }, - { - "expr": "node_memory_SReclaimable{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "SReclaimable - Part of Slab, that might be reclaimed, such as caches", - "refId": "N", - "step": 240 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Slab", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Active": "#99440A", - "Buffers": "#58140C", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Dirty": "#6ED0E0", - "Free": "#B7DBAB", - "Inactive": "#EA6460", - "Mapped": "#052B51", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "Slab_Cache": "#EAB839", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Total": "#511749", - "Total RAM": "#052B51", - "Total RAM + Swap": "#052B51", - "VmallocUsed": "#EA6460" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 70, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": null, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_VmallocChunk{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "VmallocChunk - Largest contigious block of vmalloc area which is free", - "refId": "H", - "step": 240 - }, - { - "expr": "node_memory_VmallocTotal{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "VmallocTotal - Total size of vmalloc memory area", - "refId": "I", - "step": 240 - }, - { - "expr": "node_memory_VmallocUsed{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "VmallocUsed - Amount of vmalloc area which is used", - "refId": "O", - "step": 240 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Vmalloc", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 159, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_Bounce{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Bounce - Memory used for block device bounce buffers", - "refId": "N", - "step": 240 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Bounce", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Active": "#99440A", - "Buffers": "#58140C", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Dirty": "#6ED0E0", - "Free": "#B7DBAB", - "Inactive": "#EA6460", - "Mapped": "#052B51", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "Slab_Cache": "#EAB839", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Total": "#511749", - "Total RAM": "#052B51", - "Total RAM + Swap": "#052B51", - "VmallocUsed": "#EA6460" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 129, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": null, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Inactive *./", - "transform": "negative-Y" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_AnonHugePages{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "AnonHugePages - Memory in anonymous huge pages", - "refId": "D", - "step": 240 - }, - { - "expr": "node_memory_AnonPages{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "AnonPages - Memory in user pages not backed by files", - "refId": "G", - "step": 240 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Anonymous", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 160, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 6, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_KernelStack{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "KernelStack - Kernel memory stack. This is not reclaimable", - "refId": "N", - "step": 240 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Kernel", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Active": "#99440A", - "Buffers": "#58140C", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Dirty": "#6ED0E0", - "Free": "#B7DBAB", - "Inactive": "#EA6460", - "Mapped": "#052B51", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "Slab_Cache": "#EAB839", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Total": "#511749", - "Total RAM": "#806EB7", - "Total RAM + Swap": "#806EB7", - "VmallocUsed": "#EA6460" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 140, - "legend": { - "alignAsTable": true, - "avg": false, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": null, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_HugePages_Free{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "HugePages_Free - Huge pages in the pool that are not yet allocated", - "refId": "I", - "step": 240 - }, - { - "expr": "node_memory_HugePages_Rsvd{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "HugePages_Rsvd - Huge pages for which a commitment to allocate from the pool has been made, but no allocation has yet been made", - "refId": "J", - "step": 240 - }, - { - "expr": "node_memory_HugePages_Surp{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "HugePages_Surp - Huge pages in the pool above the value in /proc/sys/vm/nr_hugepages", - "refId": "K", - "step": 240 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory HugePages Counter", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": "", - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Active": "#99440A", - "Buffers": "#58140C", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Dirty": "#6ED0E0", - "Free": "#B7DBAB", - "Inactive": "#EA6460", - "Mapped": "#052B51", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "Slab_Cache": "#EAB839", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Total": "#511749", - "Total RAM": "#806EB7", - "Total RAM + Swap": "#806EB7", - "VmallocUsed": "#EA6460" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 71, - "legend": { - "alignAsTable": true, - "avg": false, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": null, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 6, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_HugePages_Total{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "HugePages - Total size of the pool of huge pages", - "refId": "L", - "step": 240 - }, - { - "expr": "node_memory_Hugepagesize{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Hugepagesize - Huge Page size", - "refId": "D", - "step": 240 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory HugePages Size", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": "", - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Active": "#99440A", - "Buffers": "#58140C", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Dirty": "#6ED0E0", - "Free": "#B7DBAB", - "Inactive": "#EA6460", - "Mapped": "#052B51", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "Slab_Cache": "#EAB839", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Total": "#511749", - "Total RAM": "#052B51", - "Total RAM + Swap": "#052B51", - "VmallocUsed": "#EA6460" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 128, - "legend": { - "alignAsTable": true, - "avg": true, - "current": false, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": null, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_DirectMap1G{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "DirectMap1G - Amount of pages mapped as this size", - "refId": "J", - "step": 240 - }, - { - "expr": "node_memory_DirectMap2M{instance=~\"$node\"}", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "DirectMap2M - Amount of pages mapped as this size", - "refId": "K", - "step": 240 - }, - { - "expr": "node_memory_DirectMap4k{instance=~\"$node\"}", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "DirectMap4K - Amount of pages mapped as this size", - "refId": "L", - "step": 240 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory DirectMap", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 137, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_Unevictable{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Unevictable - Amount of unevictable memory that can't be swapped out for a variety of reasons", - "refId": "P", - "step": 240 - }, - { - "expr": "node_memory_Mlocked{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "MLocked - Size of pages locked to memory using the mlock() system call", - "refId": "C", - "step": 240 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Unevictable and MLocked", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Active": "#99440A", - "Buffers": "#58140C", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Dirty": "#6ED0E0", - "Free": "#B7DBAB", - "Inactive": "#EA6460", - "Mapped": "#052B51", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "Slab_Cache": "#EAB839", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Total": "#511749", - "Total RAM": "#052B51", - "Total RAM + Swap": "#052B51", - "Total Swap": "#614D93", - "VmallocUsed": "#EA6460" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 132, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": null, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_NFS_Unstable{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "NFS Unstable - Memory in NFS pages sent to the server, but not yet commited to the storage", - "refId": "L", - "step": 240 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory NFS", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Memory Detail Meminfo", - "titleSize": "h6" - }, - { - "collapse": false, - "height": "375", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 176, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*out/", - "transform": "negative-Y" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_pgpgin{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pagesin - Page in operations", - "refId": "A", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgpgout{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pagesout - Page out operations", - "refId": "B", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Pages In / Out", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 22, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*_out/", - "transform": "negative-Y" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_pswpin{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pswpin - Pages swapped in", - "refId": "A", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pswpout{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pswpout - Pages swapped out", - "refId": "B", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Pages Swap In / Out", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 197, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_pgdeactivate{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgdeactivate - Pages moved from active to inactive", - "refId": "B", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgfree{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgfree - Page free operations", - "refId": "D", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgactivate{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgactivate - Pages moved from inactive to active", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Operations", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 175, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "Pgfault - Page major and minor fault operations", - "fill": 0, - "stack": false - } - ], - "spaceLength": 10, - "span": 6, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_pgfault{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgfault - Page major and minor fault operations", - "refId": "C", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgmajfault{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgmajfault - Major page fault operations", - "refId": "F", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgfault{instance=~\"$node\"}[5m]) - irate(node_vmstat_pgmajfault{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgminfault - Minnor page fault operations", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Faults", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Faults", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 172, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 6, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_kswapd_inodesteal{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Kswapd_inodesteal - Pages reclaimed via kswapd inode freeing", - "refId": "A", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pginodesteal{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgindesteal - Pages reclaimed via inode freeing", - "refId": "B", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Pages Reclaimed", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 184, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_pageoutrun{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pageoutrun - Kswapd calls to page reclaim", - "refId": "A", - "step": 2 - }, - { - "expr": "irate(node_vmstat_allocstall{instance=~\"$node\"}[5m])", - "intervalFactor": 2, - "legendFormat": "Allocstall - Direct reclaim calls", - "refId": "B", - "step": 2 - }, - { - "expr": "irate(node_vmstat_zone_reclaim_failed{instance=~\"$node\"}[5m])", - "intervalFactor": 2, - "legendFormat": "Zone_reclaim_failed - Zone reclaim failures", - "refId": "C", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Calls Reclaimed", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Calls", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 200, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_pgrotated{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgrotated - Pages rotated to tail of the LRU", - "refId": "D", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Rotate", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 170, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 6, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_drop_pagecache{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Drop_pagecache - Calls to drop page cache pages", - "refId": "N", - "step": 2 - }, - { - "expr": "node_vmstat_drop_slab{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Drop_slab - Calls to drop slab cache pages", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Drop", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Calls", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 183, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_slabs_scanned{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Slabs_scanned - Slab pages scanned", - "refId": "B", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Scan Slab", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 181, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 6, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_unevictable_pgs_cleared{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Unevictable_pgs_cleared - Unevictable pages cleared", - "refId": "B", - "step": 2 - }, - { - "expr": "irate(node_vmstat_unevictable_pgs_culled{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Unevictable_pgs_culled - Unevictable pages culled", - "refId": "C", - "step": 2 - }, - { - "expr": "irate(node_vmstat_unevictable_pgs_mlocked{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Unevictable_pgs_mlocked - Unevictable pages mlocked", - "refId": "D", - "step": 2 - }, - { - "expr": "irate(node_vmstat_unevictable_pgs_munlocked{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Unevictable_pgs_munlocked - Unevictable pages munlocked", - "refId": "E", - "step": 2 - }, - { - "expr": "irate(node_vmstat_unevictable_pgs_rescued{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Unevictable_pgs_rescued- Unevictable pages rescued", - "refId": "F", - "step": 2 - }, - { - "expr": "irate(node_vmstat_unevictable_pgs_scanned{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Unevictable_pgs_scanned - Unevictable pages scanned", - "refId": "G", - "step": 2 - }, - { - "expr": "irate(node_vmstat_unevictable_pgs_stranded{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "unevictable_pgs_stranded - Unevictable pages stranded", - "refId": "H", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Unevictable Pages", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 174, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_pgalloc_dma{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgalloc_dma - Dma mem page allocations", - "refId": "A", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgalloc_dma32{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgalloc_dma32 - Dma32 mem page allocations", - "refId": "B", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgalloc_movable{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgalloc_movable - Movable mem page allocations", - "refId": "C", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgalloc_normal{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgalloc_normal - Normal mem page allocations", - "refId": "D", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Allocation", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 177, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_pgrefill_dma{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgrefill_dma - Dma mem pages inspected in refill_inactive_zone", - "refId": "B", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgrefill_dma32{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgrefill_dma32 - Dma32 mem pages inspected in refill_inactive_zone", - "refId": "C", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgrefill_movable{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgrefill_movable - Movable mem pages inspected in refill_inactive_zone", - "refId": "D", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgrefill_normal{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgrefill_normal - Normal mem pages inspected in refill_inactive_zone", - "refId": "E", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Refill", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 179, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_pgsteal_direct_dma{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgsteal_direct_dma - Dma mem pages stealed", - "refId": "B", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgsteal_direct_dma32{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgsteal_direct_dma32 - Dma32 mem pages scanned", - "refId": "C", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgsteal_direct_movable{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgsteal_direct_movable - Movable mem pages scanned", - "refId": "D", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgsteal_direct_normal{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgsteal_direct_normal - Normal mem pages scanned", - "refId": "E", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Steal Direct", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 198, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_pgsteal_kswapd_dma{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgsteal_kswapd_dma - Dma mem pages scanned by kswapd", - "refId": "F", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgsteal_kswapd_dma32{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgsteal_kswapd_dma32 - Dma32 mem pages scanned by kswapd", - "refId": "G", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgsteal_kswapd_movable{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgsteal_kswapd_movable - Movable mem pages scanned by kswapd", - "refId": "H", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgsteal_kswapd_normal{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgsteal_kswapd_normal - Normal mem pages scanned by kswapd", - "refId": "I", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Steal Kswapd", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 192, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 6, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_pgscan_direct_dma{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgscan_direct_dma - Dma mem pages scanned", - "refId": "A", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgscan_direct_dma32{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgscan_direct_dma32 - Dma32 mem pages scanned", - "refId": "C", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgscan_direct_movable{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgscan_direct_movable - Movable mem pages scanned", - "refId": "D", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgscan_direct_normal{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgscan_direct_normal - Normal mem pages scanned", - "refId": "E", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgscan_direct_throttle{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": true, - "intervalFactor": 2, - "legendFormat": "Pgscan_direct_throttle - ", - "refId": "F", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Scan Direct", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 178, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 6, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_pgscan_kswapd_dma{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgscan_kswapd_dma - Dma mem pages scanned by kswapd", - "refId": "B", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgscan_kswapd_dma32{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgscan_kswapd_dma32 - Dma32 mem pages scanned by kswapd", - "refId": "G", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgscan_kswapd_movable{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgscan_kswapd_movable - Movable mem pages scanned by kswapd", - "refId": "H", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgscan_kswapd_normal{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgscan_kswapd_normal - Normal mem pages scanned by kswapd", - "refId": "I", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Scan Kswapd", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Active": "#99440A", - "Buffers": "#58140C", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Dirty": "#6ED0E0", - "Free": "#B7DBAB", - "Inactive": "#EA6460", - "Mapped": "#052B51", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "Slab_Cache": "#EAB839", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Total": "#511749", - "Total RAM": "#052B51", - "Total RAM + Swap": "#052B51", - "Total Swap": "#614D93", - "VmallocUsed": "#EA6460" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 169, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": null, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 6, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*fail*./", - "color": "#890F02" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_compact_free_scanned{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Compact_free_scanned - Pages scanned for freeing by compaction daemon", - "refId": "B", - "step": 2 - }, - { - "expr": "irate(node_vmstat_compact_isolated{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Compact_isolated - Page isolations for memory compaction", - "refId": "C", - "step": 2 - }, - { - "expr": "irate(node_vmstat_compact_migrate_scanned{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Compact_migrate_scanned - Pages scanned for migration by compaction daemon", - "refId": "D", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Compact", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Active": "#99440A", - "Buffers": "#58140C", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Dirty": "#6ED0E0", - "Free": "#B7DBAB", - "Inactive": "#EA6460", - "Mapped": "#052B51", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "Slab_Cache": "#EAB839", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Total": "#511749", - "Total RAM": "#052B51", - "Total RAM + Swap": "#052B51", - "Total Swap": "#614D93", - "VmallocUsed": "#EA6460" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 189, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": null, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 6, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*fail*./", - "color": "#890F02" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_compact_fail{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Compact_fail - Unsuccessful compactions for high order allocations", - "refId": "A", - "step": 2 - }, - { - "expr": "irate(node_vmstat_compact_stall{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Compact_stall - Failures to even start compacting", - "refId": "E", - "step": 2 - }, - { - "expr": "irate(node_vmstat_compact_success{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Compact_sucess - Successful compactions for high order allocations", - "refId": "F", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Compactions", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Compactions", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 190, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 6, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_kswapd_high_wmark_hit_quickly{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Kswapd_high_wmark_hit_quickly - Times high watermark reached quickly", - "refId": "N", - "step": 2 - }, - { - "expr": "node_vmstat_kswapd_low_wmark_hit_quickly{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Kswapd_low_wmark_hit_quickly - Times low watermark reached quickly", - "refId": "B", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Kswapd Watermark", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 171, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 6, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_htlb_buddy_alloc_fail{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Htlb_buddy_alloc_fail - Huge TLB page buddy allocation failures", - "refId": "N", - "step": 2 - }, - { - "expr": "node_vmstat_htlb_buddy_alloc_success{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Htlb_buddy_alloc_success - Huge TLB page buddy allocation successes", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Buddy Alloc", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Allocations", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 173, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_numa_foreign{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Numa_foreign - Foreign NUMA zone allocations", - "refId": "A", - "step": 2 - }, - { - "expr": "irate(node_vmstat_numa_hit{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Numa_hit - Successful allocations from preferred NUMA zone", - "refId": "D", - "step": 2 - }, - { - "expr": "irate(node_vmstat_numa_interleave{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Numa_interleave - Interleaved NUMA allocations in each zone for each NUMA node", - "refId": "F", - "step": 2 - }, - { - "expr": "irate(node_vmstat_numa_local{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Numa_local - Successful allocations from local NUMA zone", - "refId": "G", - "step": 2 - }, - { - "expr": "irate(node_vmstat_numa_miss{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Numa_miss - Unsuccessful allocations from preferred NUMA zona", - "refId": "H", - "step": 2 - }, - { - "expr": "irate(node_vmstat_numa_other{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Numa_other - Unsuccessful allocations from local NUMA zone", - "refId": "I", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Numa Allocations", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Allocations", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 193, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 6, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Numa_pages_migrated - *./", - "fill": 0, - "stack": false - } - ], - "spaceLength": 10, - "span": 6, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_numa_pages_migrated{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Numa_pages_migrated - NUMA page migrations", - "refId": "J", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgmigrate_fail{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgmigrate_fail - Unsuccessful NUMA page migrations", - "refId": "A", - "step": 2 - }, - { - "expr": "irate(node_vmstat_pgmigrate_success{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Pgmigrate_success - Successful NUMA page migrations", - "refId": "B", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Numa Page Migrations", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 194, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 6, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_numa_hint_faults{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Numa_hint_faults - NUMA hint faults trapped", - "refId": "B", - "step": 2 - }, - { - "expr": "irate(node_vmstat_numa_hint_faults_local{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Numa_hint_faults_local - Hinting faults to local nodes", - "refId": "C", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Numa Hints", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "HInts", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 196, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 6, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_numa_pte_updates{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Numa_pte_updates - NUMA page table entry updates", - "refId": "K", - "step": 2 - }, - { - "expr": "irate(node_vmstat_numa_huge_pte_updates{instance=~\"$node\"}[5m])", - "intervalFactor": 2, - "legendFormat": "Numa_huge_pte_updates - NUMA huge page table entry updates", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Numa Table Updates", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Updates", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 199, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_thp_split{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Thp_split - Transparent huge page splits", - "refId": "F", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory THP Splits", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Splits", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 182, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_workingset_activate{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Workingset_activate - Page activations to form the working set", - "refId": "C", - "step": 2 - }, - { - "expr": "irate(node_vmstat_workingset_nodereclaim{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Workingset_nodereclaim - NUMA node working set page reclaims", - "refId": "D", - "step": 2 - }, - { - "expr": "irate(node_vmstat_workingset_refault{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Workingset_refault - Refaults of previously evicted pages", - "refId": "E", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Workingset", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 180, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_vmstat_thp_collapse_alloc{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Thp_collapse_alloc - Transparent huge page collapse allocations", - "refId": "A", - "step": 2 - }, - { - "expr": "irate(node_vmstat_thp_collapse_alloc_failed{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Thp_collapse_alloc_failed - Transparent huge page collapse allocation failures", - "refId": "C", - "step": 2 - }, - { - "expr": "irate(node_vmstat_thp_zero_page_alloc{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Thp_zero_page_alloc - Transparent huge page zeroed page allocations", - "refId": "G", - "step": 2 - }, - { - "expr": "irate(node_vmstat_thp_zero_page_alloc_failed{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Thp_zero_page_alloc_failed - Transparent huge page zeroed page allocation failures", - "refId": "H", - "step": 2 - }, - { - "expr": "irate(node_vmstat_thp_fault_alloc{instance=~\"$node\"}[5m])", - "intervalFactor": 2, - "legendFormat": "Thp_fault_alloc - Transparent huge page fault allocations", - "refId": "B", - "step": 2 - }, - { - "expr": "irate(node_vmstat_thp_fault_fallback{instance=~\"$node\"}[5m])", - "intervalFactor": 2, - "legendFormat": "Thp_fault_fallback - Transparent huge page fault fallbacks", - "refId": "D", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory THP Allocations", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Allocations", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Memory Detail Vmstat", - "titleSize": "h6" - }, - { - "collapse": false, - "height": "375", - "panels": [ - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 185, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_nr_active_anon{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Active_anon - Active anonymous memory pages", - "refId": "B", - "step": 2 - }, - { - "expr": "node_vmstat_nr_active_file{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Active_file - Active file memory memory pages", - "refId": "C", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Active", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 228, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_nr_inactive_anon{instance=~\"$node\"}", - "intervalFactor": 2, - "legendFormat": "Inactive_anon - Inactive anonymous memory pages in each zone for each NUMA node", - "refId": "A", - "step": 2 - }, - { - "expr": "node_vmstat_nr_inactive_file{instance=~\"$node\"}", - "intervalFactor": 2, - "legendFormat": "Inactive_file - Inactive file memory pages in each zone for each NUMA node", - "refId": "D", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Inactive", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 188, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_nr_slab_reclaimable{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Reclaimable - Instantaneous reclaimable slab pages", - "refId": "A", - "step": 2 - }, - { - "expr": "node_vmstat_nr_slab_unreclaimable{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Unreclaimable - Instantaneous unreclaimable slab pages", - "refId": "C", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Reclaimed / Unreclaimed", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 186, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_nr_free_pages{instance=~\"$node\"}", - "intervalFactor": 2, - "legendFormat": "Free_pages - Free pages", - "refId": "B", - "step": 2 - }, - { - "expr": "node_vmstat_nr_written{instance=~\"$node\"}", - "intervalFactor": 2, - "legendFormat": "Written - Pages written out in each zone for each NUMA node", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Free / Written", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 218, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_nr_dirty{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Dirty - Pages in dirty state", - "refId": "C", - "step": 2 - }, - { - "expr": "node_vmstat_nr_bounce{instance=~\"$node\"}", - "intervalFactor": 2, - "legendFormat": "Bounce - Bounce buffer pages", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Dirty / Bounce", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 201, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_nr_unevictable{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Unevictable - Unevictable pages", - "refId": "B", - "step": 2 - }, - { - "expr": "node_vmstat_nr_mlock{instance=~\"$node\"}", - "intervalFactor": 2, - "legendFormat": "Mlock - Pages under mlock", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Pages Unevictable / Mlock", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 214, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_nr_shmem{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Shmem - Shared memory pages", - "refId": "H", - "step": 2 - }, - { - "expr": "node_vmstat_nr_mapped{instance=~\"$node\"}", - "intervalFactor": 2, - "legendFormat": "Mapped - Mapped pagecache pages in each zone for each NUMA node", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Shmem / Mapped", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 212, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_nr_kernel_stack{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Kernel_stack - Pages of kernel stack", - "refId": "F", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Kernel_stack", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 203, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_nr_writeback{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Writeback - Writeback pages", - "refId": "G", - "step": 2 - }, - { - "expr": "node_vmstat_nr_writeback_temp{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Writeback_temp - Temporary writeback pages", - "refId": "H", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Pages Writeback", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 205, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_nr_file_pages{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "File_pages - File pagecache pages in each zone for each NUMA node", - "refId": "F", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page File_pages", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 206, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_nr_dirty_background_threshold{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Dirty_background_threshold - Background writeback threshold", - "refId": "D", - "step": 2 - }, - { - "expr": "node_vmstat_nr_dirty_threshold{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Dirty_threshold - Dirty throttling threshold", - "refId": "E", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Dirty Threshold", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 208, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_nr_unstable{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Unstable - Pages unstable state in each zone for each NUMA node", - "refId": "D", - "step": 2 - }, - { - "expr": "node_vmstat_nr_dirtied{instance=~\"$node\"}", - "intervalFactor": 2, - "legendFormat": "Dirtied - Pages entering dirty state in each zone for each NUMA node", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Unstable / Dirtied", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 209, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_nr_page_table_pages{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Page_table_pages - Page table pages in each zone for each NUMA node", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Page_table_pages", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 217, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_nr_alloc_batch{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Alloc_batch - Pages allocated to other zones due to insufficient memory for each zone for each NUMA node", - "refId": "D", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Alloc_batch", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 213, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_nr_isolated_anon{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Isolated_anon - Isolated anonymous memory pages in each zone for each NUMA node", - "refId": "D", - "step": 2 - }, - { - "expr": "node_vmstat_nr_isolated_file{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Isolated_file - Isolated file memory pages in each zone for each NUMA node", - "refId": "E", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Isolated", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 216, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_nr_anon_pages{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Anon_pages - Anonymous mapped pagecache pages in each zone for each NUMA node", - "refId": "E", - "step": 2 - }, - { - "expr": "node_vmstat_nr_anon_transparent_hugepages{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Anon_transparent_hugepages - Anonymous transparent huge pages in each zone for each NUMA node", - "refId": "F", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Anon", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "Apps": "#629E51", - "Buffers": "#614D93", - "Cache": "#6D1F62", - "Cached": "#511749", - "Committed": "#508642", - "Free": "#0A437C", - "Harware Corrupted - Amount of RAM that the kernel identified as corrupted / not working": "#CFFAFF", - "Inactive": "#584477", - "PageTables": "#0A50A1", - "Page_Tables": "#0A50A1", - "RAM_Free": "#E0F9D7", - "Slab": "#806EB7", - "Slab_Cache": "#E0752D", - "Swap": "#BF1B00", - "Swap_Cache": "#C15C17", - "Swap_Free": "#2F575E", - "Unused": "#EAB839" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "fill": 2, - "id": 204, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 350, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_vmstat_nr_free_cma{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Free_cma - Free Contiguous Memory Allocator pages in each zone for each NUMA node", - "refId": "G", - "step": 2 - }, - { - "expr": "node_vmstat_nr_vmscan_write{instance=~\"$node\"}", - "intervalFactor": 2, - "legendFormat": "Vmscan_write - Pages written by VM scanner from LRU", - "refId": "B", - "step": 2 - }, - { - "expr": "node_vmstat_nr_vmscan_immediate_reclaim{instance=~\"$node\"}", - "intervalFactor": 2, - "legendFormat": "Immediate_reclaim - Prioritise for reclaim when writeback ends in each zone for each NUMA node", - "refId": "C", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Page Misc", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Pages", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Memory Detail Vmstat Counters", - "titleSize": "h6" - }, - { - "collapse": false, - "height": "375", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 8, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "repeat": null, - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_context_switches{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Context switches", - "refId": "A", - "step": 2 - }, - { - "expr": "irate(node_intr{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Interrupts", - "refId": "B", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Context Switches / Interrupts", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 151, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_entropy_available_bits{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Entropy available to random number generators", - "refId": "C", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Entropy", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Entropy", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 7, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "repeat": null, - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_load1{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 4, - "legendFormat": "Load 1m", - "refId": "A", - "step": 4 - }, - { - "expr": "node_load5{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 4, - "legendFormat": "Load 5m", - "refId": "B", - "step": 4 - }, - { - "expr": "node_load15{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 4, - "legendFormat": "Load 15m", - "refId": "C", - "step": 4 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "System Load", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Load", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 64, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Max*./", - "color": "#890F02", - "fill": 0 - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "process_max_fds{instance=~\"$node\"}", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Maximum open file descriptors", - "refId": "A", - "step": 2 - }, - { - "expr": "process_open_fds{instance=~\"$node\"}", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Open file descriptors", - "refId": "B", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "File Descriptors", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Descriptors", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 62, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_procs_blocked{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Processes blocked waiting for I/O to complete", - "refId": "A", - "step": 2 - }, - { - "expr": "node_procs_running{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Processes in runnable state", - "refId": "B", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Processes State", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Processes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 148, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(node_forks{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "Processes forks second", - "refId": "C", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Processes Forks", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Forks / sec", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 149, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "process_virtual_memory_bytes{instance=~\"$node\"}", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Processes virtual memory size in bytes", - "refId": "C", - "step": 2 - }, - { - "expr": "process_resident_memory_bytes{instance=~\"$node\"}", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Processes resident memory size in bytes", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Processes Memory", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "decbytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "id": 168, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Variation*./", - "color": "#890F02" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_time{instance=~\"$node\"}[5m])", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "Of reported time", - "refId": "B", - "step": 2 - }, - { - "expr": "irate(process_start_time_seconds{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Of the process since unix epoch in seconds", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Time Variation", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "s", - "label": "Seconds", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 158, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Critical*./", - "color": "#E24D42", - "fill": 0 - }, - { - "alias": "/.*Max*./", - "color": "#EF843C", - "fill": 0 - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_hwmon_temp_celsius{instance=~\"$node\"}", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "{{ chip }} {{ sensor }} temp", - "refId": "A", - "step": 2 - }, - { - "expr": "node_hwmon_temp_crit_alarm_celsius{instance=~\"$node\"}", - "format": "time_series", - "hide": true, - "interval": "", - "intervalFactor": 2, - "legendFormat": "{{ chip }} {{ sensor }} Critical Alarm", - "refId": "B", - "step": 240 - }, - { - "expr": "node_hwmon_temp_crit_celsius{instance=~\"$node\"}", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "{{ chip }} {{ sensor }} Critical", - "refId": "C", - "step": 2 - }, - { - "expr": "node_hwmon_temp_crit_hyst_celsius{instance=~\"$node\"}", - "format": "time_series", - "hide": true, - "interval": "", - "intervalFactor": 2, - "legendFormat": "{{ chip }} {{ sensor }} Critical Historical", - "refId": "D", - "step": 240 - }, - { - "expr": "node_hwmon_temp_max_celsius{instance=~\"$node\"}", - "format": "time_series", - "hide": true, - "interval": "", - "intervalFactor": 2, - "legendFormat": "{{ chip }} {{ sensor }} Max", - "refId": "E", - "step": 240 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Hardware temperature monitor", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "celsius", - "label": "Temperature", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "System Detail", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "375", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 3, - "id": 37, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*read.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*sda_.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*sdb_.*/", - "color": "#EAB839" - }, - { - "alias": "/.*sdc_.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*sdd_.*/", - "color": "#EF843C" - }, - { - "alias": "/.*sde_.*/", - "color": "#E24D42" - }, - { - "alias": "/.*sda1.*/", - "color": "#584477" - }, - { - "alias": "/.*sda2_.*/", - "color": "#BA43A9" - }, - { - "alias": "/.*sda3_.*/", - "color": "#F4D598" - }, - { - "alias": "/.*sdb1.*/", - "color": "#0A50A1" - }, - { - "alias": "/.*sdb2.*/", - "color": "#BF1B00" - }, - { - "alias": "/.*sdb3.*/", - "color": "#E0752D" - }, - { - "alias": "/.*sdc1.*/", - "color": "#962D82" - }, - { - "alias": "/.*sdc2.*/", - "color": "#614D93" - }, - { - "alias": "/.*sdc3.*/", - "color": "#9AC48A" - }, - { - "alias": "/.*sdd1.*/", - "color": "#65C5DB" - }, - { - "alias": "/.*sdd2.*/", - "color": "#F9934E" - }, - { - "alias": "/.*sdd3.*/", - "color": "#EA6460" - }, - { - "alias": "/.*sde1.*/", - "color": "#E0F9D7" - }, - { - "alias": "/.*sdd2.*/", - "color": "#FCEACA" - }, - { - "alias": "/.*sde3.*/", - "color": "#F9E2D2" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_disk_read_time_ms{instance=~\"$node\"}[5m])", - "hide": false, - "intervalFactor": 4, - "legendFormat": "{{device}} - Read time ms", - "refId": "A", - "step": 1200 - }, - { - "expr": "irate(node_disk_write_time_ms{instance=~\"$node\"}[5m])", - "hide": false, - "intervalFactor": 2, - "legendFormat": "{{device}} - Write time ms", - "refId": "B", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Disk R/W Time", - "tooltip": { - "shared": false, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "ms", - "label": "Millisec. read (-) / write (+)", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "id": 33, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*read.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*sda_.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*sdb_.*/", - "color": "#EAB839" - }, - { - "alias": "/.*sdc_.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*sdd_.*/", - "color": "#EF843C" - }, - { - "alias": "/.*sde_.*/", - "color": "#E24D42" - }, - { - "alias": "/.*sda1.*/", - "color": "#584477" - }, - { - "alias": "/.*sda2_.*/", - "color": "#BA43A9" - }, - { - "alias": "/.*sda3_.*/", - "color": "#F4D598" - }, - { - "alias": "/.*sdb1.*/", - "color": "#0A50A1" - }, - { - "alias": "/.*sdb2.*/", - "color": "#BF1B00" - }, - { - "alias": "/.*sdb3.*/", - "color": "#E0752D" - }, - { - "alias": "/.*sdc1.*/", - "color": "#962D82" - }, - { - "alias": "/.*sdc2.*/", - "color": "#614D93" - }, - { - "alias": "/.*sdc3.*/", - "color": "#9AC48A" - }, - { - "alias": "/.*sdd1.*/", - "color": "#65C5DB" - }, - { - "alias": "/.*sdd2.*/", - "color": "#F9934E" - }, - { - "alias": "/.*sdd3.*/", - "color": "#EA6460" - }, - { - "alias": "/.*sde1.*/", - "color": "#E0F9D7" - }, - { - "alias": "/.*sdd2.*/", - "color": "#FCEACA" - }, - { - "alias": "/.*sde3.*/", - "color": "#F9E2D2" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_disk_bytes_read{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 4, - "legendFormat": "{{device}} - Bytes read", - "refId": "A", - "step": 1200 - }, - { - "expr": "irate(node_disk_bytes_written{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{device}} - Bytes written", - "refId": "B", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Disk R/W Data", - "tooltip": { - "shared": false, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "Bps", - "label": "Bytes read (-) / write (+)", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "id": 9, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "repeat": null, - "seriesOverrides": [ - { - "alias": "/.*read.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*sda_.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*sdb_.*/", - "color": "#EAB839" - }, - { - "alias": "/.*sdc_.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*sdd_.*/", - "color": "#EF843C" - }, - { - "alias": "/.*sde_.*/", - "color": "#E24D42" - }, - { - "alias": "/.*sda1.*/", - "color": "#584477" - }, - { - "alias": "/.*sda2_.*/", - "color": "#BA43A9" - }, - { - "alias": "/.*sda3_.*/", - "color": "#F4D598" - }, - { - "alias": "/.*sdb1.*/", - "color": "#0A50A1" - }, - { - "alias": "/.*sdb2.*/", - "color": "#BF1B00" - }, - { - "alias": "/.*sdb3.*/", - "color": "#E0752D" - }, - { - "alias": "/.*sdc1.*/", - "color": "#962D82" - }, - { - "alias": "/.*sdc2.*/", - "color": "#614D93" - }, - { - "alias": "/.*sdc3.*/", - "color": "#9AC48A" - }, - { - "alias": "/.*sdd1.*/", - "color": "#65C5DB" - }, - { - "alias": "/.*sdd2.*/", - "color": "#F9934E" - }, - { - "alias": "/.*sdd3.*/", - "color": "#EA6460" - }, - { - "alias": "/.*sde1.*/", - "color": "#E0F9D7" - }, - { - "alias": "/.*sdd2.*/", - "color": "#FCEACA" - }, - { - "alias": "/.*sde3.*/", - "color": "#F9E2D2" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_disk_reads_completed{instance=~\"$node\"}[5m])", - "intervalFactor": 4, - "legendFormat": "{{device}} - Reads completed", - "refId": "A", - "step": 1200 - }, - { - "expr": "irate(node_disk_writes_completed{instance=~\"$node\"}[5m])", - "intervalFactor": 2, - "legendFormat": "{{device}} - Writes completed", - "refId": "B", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Disk IOs Completed", - "tooltip": { - "shared": false, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "iops", - "label": "IO read (-) / write (+)", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "id": 134, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*read.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*sda_.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*sdb_.*/", - "color": "#EAB839" - }, - { - "alias": "/.*sdc_.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*sdd_.*/", - "color": "#EF843C" - }, - { - "alias": "/.*sde_.*/", - "color": "#E24D42" - }, - { - "alias": "/.*sda1.*/", - "color": "#584477" - }, - { - "alias": "/.*sda2_.*/", - "color": "#BA43A9" - }, - { - "alias": "/.*sda3_.*/", - "color": "#F4D598" - }, - { - "alias": "/.*sdb1.*/", - "color": "#0A50A1" - }, - { - "alias": "/.*sdb2.*/", - "color": "#BF1B00" - }, - { - "alias": "/.*sdb3.*/", - "color": "#E0752D" - }, - { - "alias": "/.*sdc1.*/", - "color": "#962D82" - }, - { - "alias": "/.*sdc2.*/", - "color": "#614D93" - }, - { - "alias": "/.*sdc3.*/", - "color": "#9AC48A" - }, - { - "alias": "/.*sdd1.*/", - "color": "#65C5DB" - }, - { - "alias": "/.*sdd2.*/", - "color": "#F9934E" - }, - { - "alias": "/.*sdd3.*/", - "color": "#EA6460" - }, - { - "alias": "/.*sde1.*/", - "color": "#E0F9D7" - }, - { - "alias": "/.*sdd2.*/", - "color": "#FCEACA" - }, - { - "alias": "/.*sde3.*/", - "color": "#F9E2D2" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_disk_sectors_read{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 4, - "legendFormat": "{{device}} - Sectors read", - "refId": "A", - "step": 1200 - }, - { - "expr": "irate(node_disk_sectors_written{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "{{device}} - Sectors written", - "refId": "B", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Disk R/W Sectors", - "tooltip": { - "shared": false, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Sectors read (-) / write (+)", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "id": 35, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*sda_.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*sdb_.*/", - "color": "#EAB839" - }, - { - "alias": "/.*sdc_.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*sdd_.*/", - "color": "#EF843C" - }, - { - "alias": "/.*sde_.*/", - "color": "#E24D42" - }, - { - "alias": "/.*sda1.*/", - "color": "#584477" - }, - { - "alias": "/.*sda2_.*/", - "color": "#BA43A9" - }, - { - "alias": "/.*sda3_.*/", - "color": "#F4D598" - }, - { - "alias": "/.*sdb1.*/", - "color": "#0A50A1" - }, - { - "alias": "/.*sdb2.*/", - "color": "#BF1B00" - }, - { - "alias": "/.*sdb3.*/", - "color": "#E0752D" - }, - { - "alias": "/.*sdc1.*/", - "color": "#962D82" - }, - { - "alias": "/.*sdc2.*/", - "color": "#614D93" - }, - { - "alias": "/.*sdc3.*/", - "color": "#9AC48A" - }, - { - "alias": "/.*sdd1.*/", - "color": "#65C5DB" - }, - { - "alias": "/.*sdd2.*/", - "color": "#F9934E" - }, - { - "alias": "/.*sdd3.*/", - "color": "#EA6460" - }, - { - "alias": "/.*sde1.*/", - "color": "#E0F9D7" - }, - { - "alias": "/.*sdd2.*/", - "color": "#FCEACA" - }, - { - "alias": "/.*sde3.*/", - "color": "#F9E2D2" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_disk_io_time_weighted{instance=~\"$node\"}[5m])", - "intervalFactor": 4, - "legendFormat": "{{device}} - IO time weighted", - "refId": "A", - "step": 1200 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Disk IOs Weighted", - "tooltip": { - "shared": false, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "ms", - "label": "Milliseconds", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "id": 133, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*read.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*sda_.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*sdb_.*/", - "color": "#EAB839" - }, - { - "alias": "/.*sdc_.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*sdd_.*/", - "color": "#EF843C" - }, - { - "alias": "/.*sde_.*/", - "color": "#E24D42" - }, - { - "alias": "/.*sda1.*/", - "color": "#584477" - }, - { - "alias": "/.*sda2_.*/", - "color": "#BA43A9" - }, - { - "alias": "/.*sda3_.*/", - "color": "#F4D598" - }, - { - "alias": "/.*sdb1.*/", - "color": "#0A50A1" - }, - { - "alias": "/.*sdb2.*/", - "color": "#BF1B00" - }, - { - "alias": "/.*sdb3.*/", - "color": "#E0752D" - }, - { - "alias": "/.*sdc1.*/", - "color": "#962D82" - }, - { - "alias": "/.*sdc2.*/", - "color": "#614D93" - }, - { - "alias": "/.*sdc3.*/", - "color": "#9AC48A" - }, - { - "alias": "/.*sdd1.*/", - "color": "#65C5DB" - }, - { - "alias": "/.*sdd2.*/", - "color": "#F9934E" - }, - { - "alias": "/.*sdd3.*/", - "color": "#EA6460" - }, - { - "alias": "/.*sde1.*/", - "color": "#E0F9D7" - }, - { - "alias": "/.*sdd2.*/", - "color": "#FCEACA" - }, - { - "alias": "/.*sde3.*/", - "color": "#F9E2D2" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_disk_reads_merged{instance=~\"$node\"}[5m])", - "intervalFactor": 2, - "legendFormat": "{{device}} - Merged read", - "refId": "C", - "step": 600 - }, - { - "expr": "irate(node_disk_writes_merged{instance=~\"$node\"}[5m])", - "intervalFactor": 2, - "legendFormat": "{{device}} - Merged write", - "refId": "D", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Disk R/W Merged", - "tooltip": { - "shared": false, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "iops", - "label": "I/Os", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 3, - "id": 36, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*sda_.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*sdb_.*/", - "color": "#EAB839" - }, - { - "alias": "/.*sdc_.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*sdd_.*/", - "color": "#EF843C" - }, - { - "alias": "/.*sde_.*/", - "color": "#E24D42" - }, - { - "alias": "/.*sda1.*/", - "color": "#584477" - }, - { - "alias": "/.*sda2_.*/", - "color": "#BA43A9" - }, - { - "alias": "/.*sda3_.*/", - "color": "#F4D598" - }, - { - "alias": "/.*sdb1.*/", - "color": "#0A50A1" - }, - { - "alias": "/.*sdb2.*/", - "color": "#BF1B00" - }, - { - "alias": "/.*sdb3.*/", - "color": "#E0752D" - }, - { - "alias": "/.*sdc1.*/", - "color": "#962D82" - }, - { - "alias": "/.*sdc2.*/", - "color": "#614D93" - }, - { - "alias": "/.*sdc3.*/", - "color": "#9AC48A" - }, - { - "alias": "/.*sdd1.*/", - "color": "#65C5DB" - }, - { - "alias": "/.*sdd2.*/", - "color": "#F9934E" - }, - { - "alias": "/.*sdd3.*/", - "color": "#EA6460" - }, - { - "alias": "/.*sde1.*/", - "color": "#E0F9D7" - }, - { - "alias": "/.*sdd2.*/", - "color": "#FCEACA" - }, - { - "alias": "/.*sde3.*/", - "color": "#F9E2D2" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_disk_io_time_ms{instance=~\"$node\"}[5m])", - "intervalFactor": 4, - "legendFormat": "{{device}} - IO time ms", - "refId": "A", - "step": 1200 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Milliseconds Spent Doing I/Os", - "tooltip": { - "shared": false, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "ms", - "label": "Milliseconds", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "id": 34, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*sda_.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*sdb_.*/", - "color": "#EAB839" - }, - { - "alias": "/.*sdc_.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*sdd_.*/", - "color": "#EF843C" - }, - { - "alias": "/.*sde_.*/", - "color": "#E24D42" - }, - { - "alias": "/.*sda1.*/", - "color": "#584477" - }, - { - "alias": "/.*sda2_.*/", - "color": "#BA43A9" - }, - { - "alias": "/.*sda3_.*/", - "color": "#F4D598" - }, - { - "alias": "/.*sdb1.*/", - "color": "#0A50A1" - }, - { - "alias": "/.*sdb2.*/", - "color": "#BF1B00" - }, - { - "alias": "/.*sdb3.*/", - "color": "#E0752D" - }, - { - "alias": "/.*sdc1.*/", - "color": "#962D82" - }, - { - "alias": "/.*sdc2.*/", - "color": "#614D93" - }, - { - "alias": "/.*sdc3.*/", - "color": "#9AC48A" - }, - { - "alias": "/.*sdd1.*/", - "color": "#65C5DB" - }, - { - "alias": "/.*sdd2.*/", - "color": "#F9934E" - }, - { - "alias": "/.*sdd3.*/", - "color": "#EA6460" - }, - { - "alias": "/.*sde1.*/", - "color": "#E0F9D7" - }, - { - "alias": "/.*sdd2.*/", - "color": "#FCEACA" - }, - { - "alias": "/.*sde3.*/", - "color": "#F9E2D2" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_disk_io_now{instance=~\"$node\"}[5m])", - "intervalFactor": 4, - "legendFormat": "{{device}} - IO now", - "refId": "A", - "step": 1200 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Disk IOs Current in Progress", - "tooltip": { - "shared": false, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "iops", - "label": "I/Os", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "id": 66, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*sda_.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*sdb_.*/", - "color": "#EAB839" - }, - { - "alias": "/.*sdc_.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*sdd_.*/", - "color": "#EF843C" - }, - { - "alias": "/.*sde_.*/", - "color": "#E24D42" - }, - { - "alias": "/.*sda1.*/", - "color": "#584477" - }, - { - "alias": "/.*sda2_.*/", - "color": "#B7DBAB" - }, - { - "alias": "/.*sda3_.*/", - "color": "#F4D598" - }, - { - "alias": "/.*sdb1.*/", - "color": "#0A50A1" - }, - { - "alias": "/.*sdb2.*/", - "color": "#BF1B00" - }, - { - "alias": "/.*sdb3.*/", - "color": "#E0752D" - }, - { - "alias": "/.*sdc1.*/", - "color": "#962D82" - }, - { - "alias": "/.*sdc2.*/", - "color": "#614D93" - }, - { - "alias": "/.*sdc3.*/", - "color": "#9AC48A" - }, - { - "alias": "/.*sdd1.*/", - "color": "#65C5DB" - }, - { - "alias": "/.*sdd2.*/", - "color": "#F9934E" - }, - { - "alias": "/.*sdd3.*/", - "color": "#EA6460" - }, - { - "alias": "/.*sde1.*/", - "color": "#E0F9D7" - }, - { - "alias": "/.*sdd2.*/", - "color": "#FCEACA" - }, - { - "alias": "/.*sde3.*/", - "color": "#F9E2D2" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_textfile_scrape_error{instance=~\"$node\"}", - "intervalFactor": 4, - "legendFormat": "Textfile scrape error (1 = true)", - "refId": "A", - "step": 1200 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Open Error File", - "tooltip": { - "shared": false, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Errors", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Disk Detail", - "titleSize": "h6" - }, - { - "collapse": false, - "height": 391, - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 3, - "description": "", - "fill": 2, - "id": 43, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_filesystem_avail{instance=~\"$node\",device!~'rootfs'}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "{{mountpoint}} - Available", - "metric": "", - "refId": "A", - "step": 2 - }, - { - "expr": "node_filesystem_free{instance=~\"$node\",device!~'rootfs'}", - "format": "time_series", - "hide": true, - "intervalFactor": 2, - "legendFormat": "{{mountpoint}} - Free", - "refId": "B", - "step": 2 - }, - { - "expr": "node_filesystem_size{instance=~\"$node\",device!~'rootfs'}", - "format": "time_series", - "hide": true, - "intervalFactor": 2, - "legendFormat": "{{mountpoint}} - Size", - "refId": "D", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Filesystem space available", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "id": 41, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_filesystem_files_free{instance=~\"$node\",device!~'rootfs'}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "{{mountpoint}} - Free file nodes", - "refId": "B", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "File Nodes Free", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "File Nodes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "id": 28, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_filefd_maximum{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 4, - "legendFormat": "Max open files", - "refId": "A", - "step": 4 - }, - { - "expr": "node_filefd_allocated{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Open files", - "refId": "B", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "File Descriptor", - "tooltip": { - "shared": false, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Files", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "id": 219, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_filesystem_files{instance=~\"$node\",device!~'rootfs'}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "{{mountpoint}} - File nodes total", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "File Nodes Size", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "File Nodes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": { - "/ ReadOnly": "#890F02" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": null, - "description": "", - "fill": 2, - "id": 44, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": true, - "hideZero": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 2, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "node_filesystem_readonly{instance=~\"$node\",device!~'rootfs'}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{mountpoint}} - ReadOnly", - "refId": "C", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Filesystem in ReadOnly", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Read Only", - "logBase": 1, - "max": "1", - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Filesystem Detail", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "375", - "panels": [ - { - "aliasColors": { - "receive_packets_eth0": "#7EB26D", - "receive_packets_lo": "#E24D42", - "transmit_packets_eth0": "#7EB26D", - "transmit_packets_lo": "#E24D42" - }, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 60, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Trans.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*lo.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*eth0.*/", - "color": "#EAB839" - }, - { - "alias": "/.*eth1.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*eth2.*/", - "color": "#EF843C" - }, - { - "alias": "/.*eth3.*/", - "color": "#E24D42" - }, - { - "alias": "/.*eth4.*/", - "color": "#1F78C1" - }, - { - "alias": "/.*eth5.*/", - "color": "#BA43A9" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_network_receive_packets{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{device}} - Receive", - "refId": "O", - "step": 600 - }, - { - "expr": "irate(node_network_transmit_packets{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{device}} - Transmit", - "refId": "P", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Network Traffic by Packets", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "pps", - "label": "Packets out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 142, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Trans.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*lo.*.errors.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*eth0.*.errors.*/", - "color": "#EAB839" - }, - { - "alias": "/.*eth1.*.errors.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*eth2.*.errors.*/", - "color": "#EF843C" - }, - { - "alias": "/.*eth3.*.errors.*/", - "color": "#E24D42" - }, - { - "alias": "/.*eth4.*.errors.*/", - "color": "#1F78C1" - }, - { - "alias": "/.*eth5.*.errors.*/", - "color": "#BA43A9" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_network_receive_errs{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{device}} - Receive errors", - "refId": "E", - "step": 600 - }, - { - "expr": "irate(node_network_transmit_errs{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{device}} - Rransmit errors", - "refId": "F", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Network Traffic Errors", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "pps", - "label": "Packets out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 143, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Trans.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*lo.*.drop.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*eth0.*.drop.*/", - "color": "#EAB839" - }, - { - "alias": "/.*eth1.*.drop.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*eth2.*.drop.*/", - "color": "#EF843C" - }, - { - "alias": "/.*eth3.*.drop.*/", - "color": "#E24D42" - }, - { - "alias": "/.*eth4.*.drop.*/", - "color": "#1F78C1" - }, - { - "alias": "/.*eth5.*.drop.*/", - "color": "#BA43A9" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_network_receive_drop{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{device}} - Receive drop", - "refId": "G", - "step": 600 - }, - { - "expr": "irate(node_network_transmit_drop{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{device}} - Transmit drop", - "refId": "H", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Network Traffic Drop", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "pps", - "label": "Packets out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 141, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Trans.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*lo.*.compressed.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*eth0.*.compressed.*/", - "color": "#EAB839" - }, - { - "alias": "/.*eth1.*.compressed.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*eth2.*.compressed.*/", - "color": "#EF843C" - }, - { - "alias": "/.*eth3.*.compressed.*/", - "color": "#E24D42" - }, - { - "alias": "/.*eth4.*.compressed.*/", - "color": "#1F78C1" - }, - { - "alias": "/.*eth5.*.compressed.*/", - "color": "#BA43A9" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_network_receive_compressed{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{device}} - Receive compressed", - "refId": "C", - "step": 600 - }, - { - "expr": "irate(node_network_transmit_compressed{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{device}} - Transmit compressed", - "refId": "D", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Network Traffic Compressed", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "pps", - "label": "Packets out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 146, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Trans.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*lo.*.multicast.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*eth0.*.multicast.*/", - "color": "#EAB839" - }, - { - "alias": "/.*eth1.*.multicast.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*eth2.*.multicast.*/", - "color": "#EF843C" - }, - { - "alias": "/.*eth3.*.multicast.*/", - "color": "#E24D42" - }, - { - "alias": "/.*eth4.*.multicast.*/", - "color": "#1F78C1" - }, - { - "alias": "/.*eth5.*.multicast.*/", - "color": "#BA43A9" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_network_receive_multicast{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{device}} - Receive multicast", - "refId": "M", - "step": 600 - }, - { - "expr": "irate(node_network_transmit_multicast{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{device}} - Transmit multicast", - "refId": "N", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Network Traffic Multicast", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "pps", - "label": "Packets out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 144, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Trans.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*lo.*.fifo.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*eth0.*.fifo.*/", - "color": "#EAB839" - }, - { - "alias": "/.*eth1.*.fifo.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*eth2.*.fifo.*/", - "color": "#EF843C" - }, - { - "alias": "/.*eth3.*.fifo.*/", - "color": "#E24D42" - }, - { - "alias": "/.*eth4.*.fifo.*/", - "color": "#1F78C1" - }, - { - "alias": "/.*eth5.*.fifo.*/", - "color": "#BA43A9" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_network_receive_fifo{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{device}} - Receive fifo", - "refId": "I", - "step": 600 - }, - { - "expr": "irate(node_network_transmit_fifo{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{device}} - Transmit fifo", - "refId": "J", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Network Traffic Fifo", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "pps", - "label": "Packets out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 145, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Trans.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*lo.*.frame.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*eth0.*.frame.*/", - "color": "#EAB839" - }, - { - "alias": "/.*eth1.*.frame.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*eth2.*.frame.*/", - "color": "#EF843C" - }, - { - "alias": "/.*eth3.*.frame.*/", - "color": "#E24D42" - }, - { - "alias": "/.*eth4.*.frame.*/", - "color": "#1F78C1" - }, - { - "alias": "/.*eth5.*.frame.*/", - "color": "#BA43A9" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_network_receive_frame{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "{{device}} - Receive frame", - "refId": "K", - "step": 600 - }, - { - "expr": "irate(node_network_transmit_frame{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "{{device}} - Transmit frame", - "refId": "L", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Network Traffic Frame", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "pps", - "label": "Packets out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 61, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "NF conntrack limit", - "color": "#890F02", - "fill": 0 - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_nf_conntrack_entries{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "NF conntrack entries", - "refId": "O", - "step": 600 - }, - { - "expr": "node_nf_conntrack_entries_limit{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "NF conntrack limit", - "refId": "P", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "NF Contrack", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Entries", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Network traffic Detail", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "375", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 63, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_sockstat_TCP_alloc{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCP_alloc - Allocated sockets", - "refId": "D", - "step": 600 - }, - { - "expr": "node_sockstat_TCP_inuse{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCP_inuse - Tcp sockets currently in use", - "refId": "E", - "step": 600 - }, - { - "expr": "node_sockstat_TCP_mem{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCP_mem - Used memory for tcp", - "refId": "F", - "step": 600 - }, - { - "expr": "node_sockstat_TCP_orphan{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCP_orphan - Orphan sockets", - "refId": "H", - "step": 600 - }, - { - "expr": "node_sockstat_TCP_tw{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCP_tw - Sockets wating close", - "refId": "I", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Sockstat TCP", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Sockets", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 124, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_sockstat_UDPLITE_inuse{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "UDPLITE_inuse - Udplite sockets currently in use", - "refId": "J", - "step": 600 - }, - { - "expr": "node_sockstat_UDP_inuse{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "UDP_inuse - Udp sockets currently in use", - "refId": "K", - "step": 600 - }, - { - "expr": "node_sockstat_UDP_mem{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "UDP_mem - Used memory for udp", - "refId": "L", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Sockstat UDP", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Sockets", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 126, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_sockstat_sockets_used{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Sockets_used - Sockets currently in use", - "refId": "N", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Sockstat Used", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Sockets", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 220, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_sockstat_TCP_mem_bytes{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCP_mem_bytes - ", - "refId": "G", - "step": 600 - }, - { - "expr": "node_sockstat_UDP_mem_bytes{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "UDP_mem_bytes - ", - "refId": "A", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Sockstat Memory Size", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "Bytes", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "id": 125, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_sockstat_FRAG_inuse{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "FRAG_inuse - Frag sockets currently in use", - "refId": "A", - "step": 600 - }, - { - "expr": "node_sockstat_FRAG_memory{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "FRAG_memory - Used memory for frag", - "refId": "B", - "step": 600 - }, - { - "expr": "node_sockstat_RAW_inuse{instance=~\"$node\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "RAW_inuse - Raw sockets currently in use", - "refId": "C", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Sockstat FRAG / RAW", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Sockets", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Network Sockstat", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "375", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 49, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": null, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*Discards.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*NoRoutes.*/", - "color": "#EAB839" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_Ip_InReceives{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "InReceives - Ip inreceives", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_Ip_DefaultTTL{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": true, - "intervalFactor": 2, - "legendFormat": "DefaultTTL - Default TTL", - "refId": "B", - "step": 10 - }, - { - "expr": "irate(node_netstat_Ip_InDelivers{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InDelivers - Ip indelivers", - "refId": "I", - "step": 600 - }, - { - "expr": "irate(node_netstat_Ip_OutRequests{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "OutRequests - Ip outrequests", - "refId": "P", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Netstat IP In / Out", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Datagrams out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 221, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*Octets.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*McastPkts.*/", - "color": "#EAB839" - }, - { - "alias": "/.*McastOctets.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*BcastPkts.*/", - "color": "#EF843C" - }, - { - "alias": "/.*BcastOctets.*/", - "color": "#E24D42" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_IpExt_InOctets{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InOctets - Received octets", - "refId": "K", - "step": 600 - }, - { - "expr": "irate(node_netstat_IpExt_OutOctets{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutOctets - Sent octets", - "refId": "Q", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Netstat IP In / Out Octets", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Octects out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 119, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*Octets.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*McastPkts.*/", - "color": "#EAB839" - }, - { - "alias": "/.*McastOctets.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*BcastPkts.*/", - "color": "#EF843C" - }, - { - "alias": "/.*BcastOctets.*/", - "color": "#E24D42" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_IpExt_InBcastPkts{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InBcastPkts - Received IP broadcast datagrams", - "refId": "B", - "step": 600 - }, - { - "expr": "irate(node_netstat_IpExt_OutBcastPkts{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutBcastPkts - Sent IP broadcast datagrams", - "refId": "N", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Netstat IP Bcast", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Datagrams out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 222, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*Octets.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*McastPkts.*/", - "color": "#EAB839" - }, - { - "alias": "/.*McastOctets.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*BcastPkts.*/", - "color": "#EF843C" - }, - { - "alias": "/.*BcastOctets.*/", - "color": "#E24D42" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_IpExt_InBcastOctets{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InBcastOctets - Received IP broadcast octets", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_IpExt_OutBcastOctets{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutBcastOctets - Sent IP broadcast octects", - "refId": "M", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Netstat IP Bcast Octets", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Octets out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 120, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*Octets.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*McastPkts.*/", - "color": "#EAB839" - }, - { - "alias": "/.*McastOctets.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*BcastPkts.*/", - "color": "#EF843C" - }, - { - "alias": "/.*BcastOctets.*/", - "color": "#E24D42" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_IpExt_InMcastPkts{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "InMcastPkts - Received IP multicast datagrams", - "refId": "H", - "step": 600 - }, - { - "expr": "irate(node_netstat_IpExt_OutMcastPkts{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "OutMcastPkts - Sent IP multicast datagrams", - "refId": "P", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Netstat IP Mcast", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Datagrams out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 223, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*Octets.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*McastPkts.*/", - "color": "#EAB839" - }, - { - "alias": "/.*McastOctets.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*BcastPkts.*/", - "color": "#EF843C" - }, - { - "alias": "/.*BcastOctets.*/", - "color": "#E24D42" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_IpExt_InMcastOctets{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "InMcastOctets - Received IP multicast octets", - "refId": "G", - "step": 600 - }, - { - "expr": "irate(node_netstat_IpExt_OutMcastOctets{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "OutMcastOctets - Sent IP multicast octets", - "refId": "O", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Netstat IP Mcast Octets", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Octets out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 81, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": null, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_Ip_ForwDatagrams{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "ForwDatagrams - Ip outforwdatagrams", - "refId": "C", - "step": 600 - }, - { - "expr": "irate(node_netstat_Ip_Forwarding{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Forwarding - Ip forwarding", - "refId": "D", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Netstat IP Forwarding", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Datagrams", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 122, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": null, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_Ip_FragCreates{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "FragCreates - Ip fragmentation creations", - "refId": "E", - "step": 600 - }, - { - "expr": "irate(node_netstat_Ip_FragFails{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "FragFails - Ip fragmentation failures", - "refId": "F", - "step": 600 - }, - { - "expr": "irate(node_netstat_Ip_FragOKs{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "FragOKs - Ip fragmentation oks", - "refId": "G", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Netstat IP Fragmented", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Datagrams", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 51, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_IpExt_InCEPkts{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InCEPkts - Congestion Experimented datagrams in", - "refId": "C", - "step": 600 - }, - { - "expr": "irate(node_netstat_IpExt_InECT0Pkts{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InECT0Pkts - Datagrams received with ECT(0)", - "refId": "E", - "step": 600 - }, - { - "expr": "irate(node_netstat_IpExt_InECT1Pkts{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InECT1Pkt - Datarams received with ECT(1)", - "refId": "F", - "step": 600 - }, - { - "expr": "irate(node_netstat_IpExt_InNoECTPkts{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InNoECTPkts - Datagrams received with NOECT", - "refId": "A", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Netstat IP ECT / CEP", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Datagrams", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 123, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": null, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_Ip_ReasmFails{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "ReasmFails - Ip reassembly failures", - "refId": "Q", - "step": 600 - }, - { - "expr": "irate(node_netstat_Ip_ReasmOKs{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "ReasmOKs - Ip reassembly oks", - "refId": "R", - "step": 600 - }, - { - "expr": "irate(node_netstat_Ip_ReasmReqds{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "ReasmReqds - Ip reassembly requireds", - "refId": "S", - "step": 600 - }, - { - "expr": "irate(node_netstat_Ip_ReasmTimeout{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "ReasmTimeout - Ip reasmtimeout", - "refId": "T", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Netstat IP Reasambled", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Datagrams", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 118, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sideWidth": 300, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": null, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*Discards.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*NoRoutes.*/", - "color": "#EAB839" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_Ip_InDiscards{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InDiscards - Ip indiscards", - "refId": "J", - "step": 600 - }, - { - "expr": "irate(node_netstat_Ip_InHdrErrors{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InHdrErrors - Ip inhdrerrors", - "refId": "K", - "step": 600 - }, - { - "expr": "irate(node_netstat_Ip_InUnknownProtos{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InUnknownProtos - Ip inunknownprotos", - "refId": "M", - "step": 600 - }, - { - "expr": "irate(node_netstat_Ip_OutDiscards{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutDiscards - Ip outdiscards", - "refId": "N", - "step": 600 - }, - { - "expr": "irate(node_netstat_Ip_OutNoRoutes{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutNoRoutes - Ip outnoroutes", - "refId": "O", - "step": 600 - }, - { - "expr": "irate(node_netstat_IpExt_InNoRoutes{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InNoRoutes - IP datagrams discarded due to no routes in forwarding path", - "refId": "C", - "step": 600 - }, - { - "expr": "irate(node_netstat_IpExt_InCsumErrors{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InCsumErrors - IP datagrams with checksum errors", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_IpExt_InTruncatedPkts{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InTruncatedPkts - IP datagrams discarded due to frame not carrying enough data", - "refId": "B", - "step": 600 - }, - { - "expr": "irate(node_netstat_Ip_InAddrErrors{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InAddrErrors - Ip inaddrerrors", - "refId": "D", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Netstat IP Errors / Discards", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Datagrams out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Network Netstat", - "titleSize": "h6" - }, - { - "collapse": false, - "height": "375", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 52, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": true, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*InSegs.*/", - "color": "#CCA300" - }, - { - "alias": "/.*OutSegs.*/", - "color": "#CCA300" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_Tcp_InCsumErrors{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "InCsumErrors - Segments received with checksum errors", - "refId": "E", - "step": 2 - }, - { - "expr": "irate(node_netstat_Tcp_InErrs{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "InErrs - Segments received in error (e.g., bad TCP checksums)", - "refId": "F", - "step": 2 - }, - { - "expr": "irate(node_netstat_Tcp_InSegs{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "InSegs - Segments received, including those received in error. This count includes segments received on currently established connections", - "refId": "G", - "step": 2 - }, - { - "expr": "irate(node_netstat_Tcp_OutRsts{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "OutRsts - Segments sent containing the RST flag", - "refId": "I", - "step": 2 - }, - { - "expr": "irate(node_netstat_Tcp_OutSegs{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "OutSegs - Segments sent, including those on current connections but excluding those containing only retransmitted octets", - "refId": "J", - "step": 2 - }, - { - "expr": "irate(node_netstat_Tcp_RetransSegs{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "RetransSegs - Segments retransmitted - that is, the number of TCP segments transmitted containing one or more previously transmitted octets", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Segments", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Segments out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 85, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*MaxConn *./", - "color": "#890F02", - "fill": 0 - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_netstat_Tcp_CurrEstab{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "CurrEstab - TCP connections for which the current state is either ESTABLISHED or CLOSE- WAIT", - "refId": "C", - "step": 2 - }, - { - "expr": "node_netstat_Tcp_MaxConn{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "MaxConn - Limit on the total number of TCP connections the entity can support (Dinamic is \"-1\")", - "refId": "H", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Connections", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Connections", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 86, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_netstat_Tcp_RtoAlgorithm{instance=~\"$node\"}", - "format": "time_series", - "hide": true, - "intervalFactor": 2, - "legendFormat": "RtoAlgorithm - Algorithm used to determine the timeout value used for retransmitting unacknowledged octets", - "refId": "M", - "step": 4 - }, - { - "expr": "node_netstat_Tcp_RtoMax{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "RtoMax - Maximum value permitted by a TCP implementation for the retransmission timeout, measured in milliseconds", - "refId": "N", - "step": 2 - }, - { - "expr": "node_netstat_Tcp_RtoMin{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "RtoMin - Minimum value permitted by a TCP implementation for the retransmission timeout, measured in milliseconds", - "refId": "O", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Retransmission", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "ms", - "label": "Milliseconds", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 82, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_Tcp_ActiveOpens{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "ActiveOpens - TCP connections that have made a direct transition to the SYN-SENT state from the CLOSED state", - "refId": "A", - "step": 2 - }, - { - "expr": "irate(node_netstat_Tcp_AttemptFails{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "AttemptFails - TCP connections that have made a direct transition to the CLOSED state from either the SYN-SENT and SYN-RCVD", - "refId": "B", - "step": 2 - }, - { - "expr": "irate(node_netstat_Tcp_EstabResets{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "EstabResets - TCP connections that have made a direct transition to the CLOSED state from either the ESTABLISHED state or the CLOSE-WAIT state", - "refId": "D", - "step": 2 - }, - { - "expr": "irate(node_netstat_Tcp_PassiveOpens{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "PassiveOpens - TCP connections that have made a direct transition to the SYN-RCVD state from the LISTEN state", - "refId": "K", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Direct Transition", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Connections", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Network Netstat TCP", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "375", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "height": "", - "id": 94, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPAbortOnClose{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPAbortOnClose - Connections aborted due to early user close", - "refId": "V", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPAbortOnData{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPAbortOnData - Connections aborted due to unexpected data", - "refId": "W", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPAbortOnLinger{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPAbortOnLinger - Connections aborted in lingered state after being closed", - "refId": "X", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPAbortOnMemory{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPAbortOnMemory - Connections aborted before attached to a socket", - "refId": "Y", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPAbortOnTimeout{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPAbortOnTimeout - Connections aborted due timeout", - "refId": "B", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPAbortFailed{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPAbortFailed - Connections aborted without send RST due insuffient memory", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPTimeouts{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPTimeouts - Other TCP connections timeouts", - "refId": "C", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Aborts / Tiemouts", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Connections", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "height": "", - "id": 92, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_DelayedACKLocked{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "DelayedACKLocked - Delayed acks further delayed because of locked socket", - "refId": "C", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_DelayedACKLost{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "DelayedACKLost - Times quick ack mode was activated", - "refId": "D", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_DelayedACKs{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "DelayedACKs - Delayed acks sent", - "refId": "E", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Delayed ACK", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "height": "", - "id": 91, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Sent.*/", - "transform": "negative-Y" - }, - { - "alias": "SyncookiesSent - SYN cookies sent", - "color": "#E0F9D7" - }, - { - "alias": "SyncookiesRecv - SYN cookies received", - "color": "#E0F9D7" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_SyncookiesFailed{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "SyncookiesFailed - Invalid SYN cookies received", - "refId": "R", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_SyncookiesRecv{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "SyncookiesRecv - SYN cookies received", - "refId": "S", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_SyncookiesSent{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "SyncookiesSent - SYN cookies sent", - "refId": "T", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPSYNChallenge{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "SynChallenge - Challenge ACKs sent in response to SYN packets", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPChallengeACK{instance=~\"$node\"}[5m])", - "intervalFactor": 2, - "legendFormat": "TCPChallengeACK - Challenge ACKs sent (RFC 5961 3.2)", - "refId": "B", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP SynCookie / Challenge", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": null, - "description": "", - "fill": 2, - "height": "", - "id": 90, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPLossFailures{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPLossFailures - Timeouts in loss state", - "refId": "C", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPLossProbeRecovery{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPLossProbeRecovery - TCP loss probe recoveries", - "refId": "D", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPLossProbes{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPLossProbes - Sent TCP loss probes", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPLossUndo{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPLossUndo - Congestion windows recovered without slow start after partial ack", - "refId": "B", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPLostRetransmit{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPLostRetransmit - Retransmits lost", - "refId": "E", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP LOSS", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "height": "", - "id": 53, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_ListenDrops{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "ListenDrops - SYNs to LISTEN sockets ignored", - "refId": "H", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_LockDroppedIcmps{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "LockDroppedIcmps - ICMP packets dropped because socket was locked", - "refId": "J", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPDeferAcceptDrop{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPDeferAcceptDrop - Dropped ACK frames received by a socket in SYN_RECV state", - "refId": "D", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPBacklogDrop{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPBacklogDrop - Packets dropped bacause the socket's receive queue was full", - "refId": "P", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_OutOfWindowIcmps{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutOfWindowIcmps - ICMP packets dropped because they were out-of-window", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPMinTTLDrop{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPMinTTLDrop - TCP packets dropped under minTTL condition", - "refId": "B", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP DROPS", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "height": "", - "id": 101, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPForwardRetrans{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPForwardRetrans - Packets losts retransmitted with Forward RTO-Recovery", - "refId": "O", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPSlowStartRetrans{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPSlowStartRetrans - Packets losts retransmitted after a slow start", - "refId": "P", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPSynRetrans{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPSynRetrans - SYN-SYN/ACK retransmits to break down retransmissions in SYN, fast/timeout retransmits", - "refId": "Q", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPSpuriousRTOs{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPSpuriousRTOs - FRTO's successfully detected spurious RTOs", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPSpuriousRtxHostQueues{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPSpuriousRtxHostQueues - Times detected that the fast clone is not yet freed in tcp_transmit_skb()", - "refId": "B", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPFullUndo{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPFullUndo - Retransmits that undid the CWND reduction", - "refId": "C", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPRetransFail{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPRetransFail - Failed tcp_retransmit_skb() calls", - "refId": "D", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPPartialUndo{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPPartialUndo - Congestion windows partially recovered using Hoe heuristic", - "refId": "E", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Retrans", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "height": "", - "id": 87, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_PruneCalled{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "PruneCalled - Pkts pruned from recv queue because of soc buf overrun", - "refId": "P", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_RcvPruned{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "RcvPruned - Packets pruned from receive queue", - "refId": "Q", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_OfoPruned{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OfoPruned - Packets dropped from out-of-order queue because of socket buffer overrun", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_OfoPruned{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OfoPruned - Packets dropped from out-of-order queue because of socket buffer overrun", - "refId": "B", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Pruned", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": null, - "description": "", - "fill": 2, - "height": "", - "id": 96, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPDirectCopyFromBacklog{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPDirectCopyFromBacklog - Packets directly received from backlog", - "refId": "M", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPDirectCopyFromPrequeue{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPDirectCopyFromPrequeue - Packets directly received from prequeue", - "refId": "N", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Direct Copy", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 100, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TW{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TW - TCP sockets finished time wait in fast timer", - "refId": "O", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TWKilled{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TWKilled - TCP sockets finished time wait in slow timer", - "refId": "P", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TWRecycled{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TWRecycled - Time wait sockets recycled by time stamp", - "refId": "Q", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPTimeWaitOverflow{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPTimeWaitOverflow - Occurences of time wait bucket overflow", - "refId": "A", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP TimeWait", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "height": "", - "id": 93, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_PAWSActive{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "PAWSActive - Active connections rejected because of time stamp", - "refId": "M", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_PAWSEstab{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "PAWSEstab - Pkts rejects in estab connections because of timestamp", - "refId": "N", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_PAWSPassive{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "PAWSPassive - Passive connections rejected because of time stamp", - "refId": "O", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP PAWS", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": null, - "description": "", - "fill": 2, - "height": "", - "id": 98, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPSackRecovery{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPSackRecovery - Times recovered from packet loss by selective acknowledgements", - "refId": "E", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPSackRecoveryFail{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPSackRecoveryFail - Issue while recovering packets lost using selective ACK", - "refId": "F", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPSackShiftFallback{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPSackShiftFallback - SACKs fallbacks", - "refId": "G", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPSackShifted{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPSackShifted - SACKs shifted", - "refId": "H", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPSACKDiscard{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPSackDiscard - Discarded due invalid SACK block.", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPSackFailures{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPSackFailures - Timeouts after SACK recovery", - "refId": "B", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPSackMerged{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPSackMerged - SACKs merged", - "refId": "C", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPSACKReneging{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPSACKReneging - Bad SACK blocks received", - "refId": "D", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPSACKReorder{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPSACKReorder - Times detected reordering using SACK", - "refId": "I", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP SACK", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": null, - "description": "", - "fill": 2, - "height": "", - "id": 95, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPDSACKIgnoredOld{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPDSACKIgnoredOld - Discarded packets with duplicate SACK while retransmitting", - "refId": "F", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPDSACKOfoRecv{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPDSACKOfoRecv - DSACKs for out of order packets received", - "refId": "G", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPDSACKOfoSent{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPDSACKOfoSent - DSACKs sent for out of order packets", - "refId": "H", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPDSACKOldSent{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPDSACKOldSent - DSACKs sent for old packets", - "refId": "I", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPDSACKRecv{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPDSACKRecv - DSACKs received", - "refId": "J", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPDSACKUndo{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPDSACKUndo - Discarded packets with erroneous retransmit", - "refId": "K", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPDSACKIgnoredNoUndo{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPDSACKIgnoredNoUndo - Discarded packets with duplicate SACK", - "refId": "A", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP DSACK", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": null, - "description": "", - "fill": 2, - "height": "", - "id": 97, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPFastOpenActive{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPFastOpenActive - Successful outbound TFO connections", - "refId": "P", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPFastOpenActiveFail{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPFastOpenActiveFail - SYN-ACK packets received that did not acknowledge data sent in the SYN packet and caused a retransmissions without SYN data", - "refId": "Q", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPFastOpenCookieReqd{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPFastOpenCookieReqd - Inbound SYN packets requesting TFO with TFO set but no cookie", - "refId": "R", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPFastOpenListenOverflow{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPFastOpenListenOverflow - Times the fastopen listen queue overflowed", - "refId": "S", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPFastOpenPassive{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPFastOpenPassive - Successful inbound TFO connections", - "refId": "T", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPFastOpenPassiveFail{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPFastOpenPassiveFail - Inbound SYN packets with TFO cookie that was invalid", - "refId": "U", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPFastRetrans{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPFastRetrans - Packets lost fast-retransmitted", - "refId": "V", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP FastOpen / FastRetrans", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": null, - "description": "", - "fill": 2, - "height": "", - "id": 99, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPHPAcks{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPHPAcks - Acknowledgments not containing data received", - "refId": "Z", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPHPHits{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPHPHits - Packets header predicted", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPHPHitsToUser{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPHPHitsToUser - Packets header predicted and directly queued to user", - "refId": "B", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP HP", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "height": "", - "id": 102, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPToZeroWindowAdv{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPToZeroWindowAdv - Times window went from zero to non-zero", - "refId": "V", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPWantZeroWindowAdv{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPWantZeroWindowAdv - Times zero window announced", - "refId": "W", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPFromZeroWindowAdv{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPFromZeroWindowAdv - Times window went from zero to non-zero", - "refId": "A", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP ZeroWindow", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "height": "", - "id": 103, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPFACKReorder{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPFACKReorder - Detected packets with re-ordering using FACK", - "refId": "E", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPTSReorder{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPTSReorder - Times detected packets with re-ordering using timestamp option", - "refId": "S", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Reorder", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "height": "", - "id": 162, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPRenoFailures{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPRenoFailures - Timeouts after reno fast retransmit", - "refId": "O", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPRenoRecovery{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPRenoRecovery - Times recovered from packet loss due to fast retransmit", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPRenoRecoveryFail{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPRenoRecoveryFail - Times reno fast retransmits failed", - "refId": "B", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPRenoReorder{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPRenoReorder - Times detected reordering using reno fast retransmit", - "refId": "C", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Reno", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "height": "", - "id": 163, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPReqQFullDoCookies{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPReqQFullDoCookies - Times SYNCOOKIE was replied to client", - "refId": "O", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPReqQFullDrop{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPReqQFullDrop - Times SYN request was dropped due to disabled syncookies", - "refId": "A", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP ReqQ", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "height": "", - "id": 164, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPOFODrop{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPOFODrop - Packets meant to be queued in OFO but dropped because socket rcvbuf limit reached", - "refId": "P", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPOFOMerge{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPOFOMerge - Packets in OFO that were merged with other packets", - "refId": "Q", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPOFOQueue{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPOFOQueue - Packets queued in OFO queue", - "refId": "B", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Out of order", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": null, - "description": "", - "fill": 2, - "height": "", - "id": 165, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPMD5NotFound{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPMD5NotFound - Times MD5 hash expected but not found", - "refId": "Z", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPMD5Unexpected{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPMD5Unexpected - Times MD5 hash unexpected but found", - "refId": "A", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP MD5", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": null, - "description": "", - "fill": 2, - "height": "", - "id": 166, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPPrequeued{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPPrequeued - Packets directly queued to recvmsg prequeue", - "refId": "Z", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPPrequeueDropped{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPPrequeueDropped - Packets dropped from prequeue", - "refId": "A", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Prequeued", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": null, - "description": "", - "fill": 2, - "height": "", - "id": 167, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPRcvCoalesce{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPRcvCoalesce - Times tried to coalesce the receive queue", - "refId": "Z", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPRcvCollapsed{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "TCPRcvCollapsed - Packets collapsed in receive queue due to low socket buffer", - "refId": "A", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Rcv", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "height": "", - "id": 224, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPOrigDataSent{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPOrigDataSent - Outgoing packets with original data", - "refId": "C", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Original Data", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "height": "", - "id": 225, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_ArpFilter{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "ArpFilter - Arp packets filtered", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_IPReversePathFilter{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "IPReversePathFilter - Packets arrive from non directly connected network", - "refId": "G", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Filters", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "height": "", - "id": 226, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPPureAcks{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPPureAcks - Acknowledgments not containing data payload received", - "refId": "C", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Pure ACK", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "height": "", - "id": 227, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_TCPAutoCorking{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "TCPAutoCorking - Times stack detected skb was underused and its flush was deferred", - "refId": "A", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Auto Corking", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "height": "", - "id": 104, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_TcpExt_BusyPollRxPackets{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "BusyPollRxPackets - Low latency application-fetched packets", - "refId": "B", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_EmbryonicRsts{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "EmbryonicRsts - Resets received for embryonic SYN_RECV sockets", - "refId": "F", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_ListenOverflows{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "ListenOverflows - Times the listen queue of a socket overflowed", - "refId": "I", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPSchedulerFailed{instance=~\"$node\"}[5m])", - "intervalFactor": 2, - "legendFormat": "TCPSchedulerFailed - Times receiver scheduled too late for direct processing", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_TcpExt_TCPMemoryPressures{instance=~\"$node\"}[5m])", - "intervalFactor": 2, - "legendFormat": "TCPMemoryPressures - TCP ran low on memory", - "refId": "C", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "TCP Issues", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Network Netstat TCP Linux MIPs", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "375", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": null, - "fill": 2, - "height": "", - "id": 55, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*Snd.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*Datagrams.*/", - "color": "#EAB839" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_Udp_InDatagrams{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InDatagrams - Datagrams received", - "refId": "B", - "step": 600 - }, - { - "expr": "irate(node_netstat_Udp_OutDatagrams{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutDatagrams - Datagrams sent", - "refId": "E", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "UDP In / Out", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Datagrams out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 109, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*Snd.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*bufErrors.*/", - "color": "#70DBED" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_Udp_InCsumErrors{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InCsumErrors - Datagrams with checksum errors", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_Udp_InErrors{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InErrors - Datagrams that could not be delivered to an application", - "refId": "C", - "step": 600 - }, - { - "expr": "irate(node_netstat_Udp_RcvbufErrors{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "RcvbufErrors - Datagrams for which not enough socket buffer memory to receive", - "refId": "F", - "step": 600 - }, - { - "expr": "irate(node_netstat_Udp_SndbufErrors{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "SndbufErrors - Datagrams for which not enough socket buffer memory to transmit", - "refId": "G", - "step": 600 - }, - { - "expr": "irate(node_netstat_Udp_NoPorts{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "NoPorts - Datagrams received on a port with no listener", - "refId": "B", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "UDP Errors", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Datagrams out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 57, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*Datagrams.*/", - "color": "#EAB839" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_UdpLite_InDatagrams{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InDatagrams - Packets received", - "refId": "B", - "step": 600 - }, - { - "expr": "irate(node_netstat_UdpLite_OutDatagrams{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutDatagrams - Packets sent", - "refId": "E", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "UDP Lite In / Out", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Datagrams out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 2, - "height": "", - "id": 110, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*bufErrors.*/", - "color": "#6ED0E0" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_UdpLite_InCsumErrors{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InCsumErrors - Datagrams with checksum errors", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_UdpLite_InErrors{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InErrors - Datagrams that could not be delivered to an application", - "refId": "C", - "step": 600 - }, - { - "expr": "irate(node_netstat_UdpLite_RcvbufErrors{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "RcvbufErrors - Datagrams for which not enough socket buffer memory to receive", - "refId": "F", - "step": 600 - }, - { - "expr": "irate(node_netstat_UdpLite_SndbufErrors{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "SndbufErrors - Datagrams for which not enough socket buffer memory to transmit", - "refId": "G", - "step": 600 - }, - { - "expr": "irate(node_netstat_UdpLite_NoPorts{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "NoPorts - Datagrams received on a port with no listener", - "refId": "B", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "UDP Lite Errors", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Datagrams out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Network Netstat UDP", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "375", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": null, - "fill": 2, - "height": "", - "id": 50, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*Type3.*/", - "color": "#EAB839" - }, - { - "alias": "/.*SrcQuenchs.*/", - "color": "#705DA0" - }, - { - "alias": "/.*ParmProb.*/", - "color": "#70DBED" - }, - { - "alias": "/.*TimeExcds.*/", - "color": "#EA6460" - }, - { - "alias": "/.*DestUnreachs.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*InErrors.*/", - "color": "#890F02" - }, - { - "alias": "/.*OutErrors.*/", - "color": "#890F02" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_Icmp_InErrors{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InErrors - Messages which the entity received but determined as having ICMP-specific errors (bad ICMP checksums, bad length, etc.)", - "refId": "I", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_OutErrors{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutErrors - Messages which this entity did not send due to problems discovered within ICMP, such as a lack of buffers", - "refId": "V", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_InDestUnreachs{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InDestUnreachs - Destination Unreachable messages received", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_OutDestUnreachs{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutDestUnreachs - Destination Unreachable messages sent", - "refId": "B", - "step": 600 - }, - { - "expr": "irate(node_netstat_IcmpMsg_InType3{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "InType3 - Destination unreachable", - "refId": "K", - "step": 600 - }, - { - "expr": "irate(node_netstat_IcmpMsg_OutType3{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "OutType3 - Destination unreachable", - "refId": "L", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "ICMP Errors 1", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Messages out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": null, - "fill": 2, - "height": "", - "id": 147, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*Type3.*/", - "color": "#EAB839" - }, - { - "alias": "/.*SrcQuenchs.*/", - "color": "#705DA0" - }, - { - "alias": "/.*ParmProb.*/", - "color": "#70DBED" - }, - { - "alias": "/.*TimeExcds.*/", - "color": "#EA6460" - }, - { - "alias": "/.*DestUnreachs.*/", - "color": "#7EB26D" - }, - { - "alias": "/.*InErrors.*/", - "color": "#890F02" - }, - { - "alias": "/.*OutErrors.*/", - "color": "#890F02" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_Icmp_InCsumErrors{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "InCsumErrors - Messages with ICMP checksum errors", - "refId": "E", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_InTimeExcds{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "InTimeExcds - Time Exceeded messages received", - "refId": "C", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_OutTimeExcds{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "OutTimeExcds - Time Exceeded messages sent", - "refId": "D", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_InParmProbs{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "InParmProbs - Parameter Problem messages received", - "refId": "F", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_OutParmProbs{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "OutParmProb - Parameter Problem messages sent", - "refId": "G", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_InSrcQuenchs{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "InSrcQuenchs - Source Quench messages received", - "refId": "H", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_OutSrcQuenchs{instance=~\"$node\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "OutSrcQuenchs - Source Quench messages sent", - "refId": "J", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "ICMP Errors 2", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Messages out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": null, - "fill": 2, - "height": "", - "id": 115, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*Msgs.*/", - "color": "#6ED0E0" - }, - { - "alias": "/.*Redirects.*/", - "color": "#F9BA8F" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_Icmp_InMsgs{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InMsgs - Messages which the entity received. Note that this counter includes all those counted by icmpInErrors", - "refId": "J", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_InRedirects{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InRedirects - Redirect messages received", - "refId": "L", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_OutMsgs{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutMsgs - Messages which this entity attempted to send. Note that this counter includes all those counted by icmpOutErrors", - "refId": "W", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_OutRedirects{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutRedirects - Redirect messages sent. For a host, this object will always be zero, since hosts do not send redirects", - "refId": "Y", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "ICMP In / Out - Messages / Redirects", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Messages out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": null, - "fill": 2, - "height": "", - "id": 112, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*TimestampReps.*/", - "color": "#F9934E" - }, - { - "alias": "/.*Timestamps -.*/", - "color": "#6ED0E0" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_Icmp_InTimestampReps{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InTimestampReps - Timestamp Reply messages received", - "refId": "O", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_InTimestamps{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InTimestamps - Timestamp (request) messages received", - "refId": "P", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_OutTimestampReps{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutTimestampReps - Timestamp Reply messages sent", - "refId": "A", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_OutTimestamps{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutTimestamps - Timestamp (request) messages sent", - "refId": "B", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "ICMP Timestamps", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Messages out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": null, - "fill": 2, - "height": "", - "id": 114, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*EchoReps.*/", - "color": "#D683CE" - }, - { - "alias": "/.*Echos -.*/", - "color": "#F9934E" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_Icmp_InEchoReps{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InEchoReps - Echo Reply messages received", - "refId": "G", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_InEchos{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InEchos - Echo (request) messages received", - "refId": "H", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_OutEchoReps{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutEchoReps - Echo Reply messages sent", - "refId": "T", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_OutEchos{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutEchos - Echo (request) messages sent", - "refId": "U", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "ICMP Echos", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Messages out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": null, - "fill": 2, - "height": "", - "id": 113, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideZero": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "minSpan": 1, - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "/.*Out.*/", - "transform": "negative-Y" - }, - { - "alias": "/.*AddrMaskReps.*/", - "color": "#B7DBAB" - }, - { - "alias": "/.*Masks -.*/", - "color": "#E5AC0E" - } - ], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_netstat_Icmp_InAddrMaskReps{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InAddrMaskReps - Address Mask Reply messages received", - "refId": "C", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_InAddrMasks{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "InAddrMasks - Address Mask Request messages received", - "refId": "D", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_OutAddrMaskReps{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutAddrMaskReps - Address Mask Reply messages sent", - "refId": "Q", - "step": 600 - }, - { - "expr": "irate(node_netstat_Icmp_OutAddrMasks{instance=~\"$node\"}[5m])", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "OutAddrMasks - Address Mask Request messages sent", - "refId": "R", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "ICMP Masks", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Messages out (-) / in (+)", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Network Netstat ICMP", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "375", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "id": 40, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_exporter_scrape_duration_seconds_sum{instance=~\"$node\",result=\"success\"}[5m])", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "{{collector}} - Scrape duration", - "refId": "A", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Node Exporter Scrape Time", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "s", - "label": "Seconds", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "description": "", - "fill": 2, - "id": 157, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": true, - "min": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_exporter_scrape_duration_seconds_count{instance=~\"$node\"}", - "format": "time_series", - "hide": false, - "intervalFactor": 2, - "legendFormat": "{{collector}} - Scrape duration count", - "refId": "A", - "step": 600 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Node Exporter Scrape Counter", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": "Counter", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Node Exporter", - "titleSize": "h6" - } - ], - "schemaVersion": 14, - "style": "dark", - "tags": [], - "templating": { - "list": [ - { - "allValue": null, - "current": {}, - "datasource": "##DS_PR##", - "hide": 0, - "includeAll": true, - "label": "Host:", - "multi": true, - "name": "node", - "options": [], - "query": "label_values(node_boot_time{job=\"kubernetes-nodes-exporter\"}, instance)", - "refresh": 1, - "regex": "", - "sort": 0, - "tagValuesQuery": "", - "tags": [], - "tagsQuery": "", - "type": "query", - "useTags": false - } - ] - }, - "time": { - "from": "now-15m", - "to": "now" - }, - "timepicker": { - "refresh_intervals": [ - "5s", - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options": [ - "5m", - "15m", - "1h", - "6h", - "12h", - "24h", - "2d", - "7d", - "30d" - ] - }, - "timezone": "browser", - "title": "Kubernetes Node Exporter Full", - "version": 2 - } - } diff --git a/roles/openshift_grafana/files/dashboards/openshift-cluster-monitoring.json b/roles/openshift_grafana/files/dashboards/openshift-cluster-monitoring.json deleted file mode 100644 index 00871088418..00000000000 --- a/roles/openshift_grafana/files/dashboards/openshift-cluster-monitoring.json +++ /dev/null @@ -1,5057 +0,0 @@ -{ - "dashboard": { - "description": "Monitors Openshift cluster using Prometheus. Shows overall cluster CPU / Memory / Filesystem usage as well as individual pod, containers, systemd services statistics. Uses cAdvisor metrics only.", - "editable": true, - "gnetId": 315, - "graphTooltip": 0, - "hideControls": false, - "id": null, - "links": [], - "rows": [ - { - "collapse": true, - "height": "200px", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "height": "200px", - "id": 32, - "legend": { - "alignAsTable": false, - "avg": true, - "current": true, - "max": false, - "min": false, - "rightSide": false, - "show": false, - "sideWidth": 200, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 12, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum (irate (container_network_receive_bytes_total{kubernetes_io_hostname=~\"^$Node$\"}[Xs]))", - "format": "time_series", - "instant": false, - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "Received", - "metric": "network", - "refId": "A", - "step": 2 - }, - { - "expr": "- sum (irate (container_network_transmit_bytes_total{kubernetes_io_hostname=~\"^$Node$\"}[Xs]))", - "format": "time_series", - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "Sent", - "metric": "network", - "refId": "B", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Network I/O pressure", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "transparent": false, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "Bps", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "Bps", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Network I/O pressure", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "250px", - "panels": [ - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": true, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "##DS_PR##", - "editable": true, - "error": false, - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "height": "180px", - "id": 4, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 4, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum (container_memory_rss{id=\"/\",kubernetes_io_hostname=~\"^$Node$\"}) / sum (machine_memory_bytes{kubernetes_io_hostname=~\"^$Node$\"}) * 100", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 30 - } - ], - "thresholds": "", - "title": "Cluster memory usage", - "transparent": false, - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": true, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "##DS_PR##", - "decimals": 2, - "editable": true, - "error": false, - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "height": "180px", - "id": 6, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 4, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum (irate (container_cpu_usage_seconds_total{id=\"/\",kubernetes_io_hostname=~\"^$Node$\"}[Xs])) / sum (machine_cpu_cores{kubernetes_io_hostname=~\"^$Node$\"}) * 100", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 30 - } - ], - "thresholds": "", - "title": "Cluster CPU usage ", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": true, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "##DS_PR##", - "decimals": 2, - "editable": true, - "error": false, - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "height": "180px", - "id": 7, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 4, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum (container_fs_usage_bytes{device=~\"^/dev/mapper/docker_.*\",id=\"/\",kubernetes_io_hostname=~\"^$Node$\"}) / sum (container_fs_limit_bytes{device=~\"^/dev/mapper/docker_.*\",id=\"/\",kubernetes_io_hostname=~\"^$Node$\"}) * 100", - "format": "time_series", - "hide": false, - "interval": "", - "intervalFactor": 1, - "legendFormat": "", - "metric": "", - "refId": "A", - "step": 30 - } - ], - "thresholds": "", - "title": "Cluster filesystem usage", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "##DS_PR##", - "decimals": 2, - "editable": true, - "error": false, - "format": "bytes", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "height": "1px", - "id": 9, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "20%", - "prefix": "", - "prefixFontSize": "20%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum (container_memory_rss{id=\"/\",kubernetes_io_hostname=~\"^$Node$\"})", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 30 - } - ], - "thresholds": "", - "title": "Used", - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "##DS_PR##", - "decimals": 2, - "editable": true, - "error": false, - "format": "bytes", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "height": "1px", - "id": 10, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum (machine_memory_bytes{kubernetes_io_hostname=~\"^$Node$\"})", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 30 - } - ], - "thresholds": "", - "title": "Total", - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "##DS_PR##", - "decimals": 2, - "editable": true, - "error": false, - "format": "none", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "height": "1px", - "id": 11, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": " cores", - "postfixFontSize": "30%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum (irate (container_cpu_usage_seconds_total{id=\"/\",kubernetes_io_hostname=~\"^$Node$\"}[Xs]))", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 30 - } - ], - "thresholds": "", - "title": "Used", - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "##DS_PR##", - "decimals": 2, - "editable": true, - "error": false, - "format": "none", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "height": "1px", - "id": 12, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": " cores", - "postfixFontSize": "30%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum (machine_cpu_cores{kubernetes_io_hostname=~\"^$Node$\"})", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 30 - } - ], - "thresholds": "", - "title": "Total", - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "##DS_PR##", - "decimals": 2, - "editable": true, - "error": false, - "format": "bytes", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "height": "1px", - "id": 13, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum (container_fs_usage_bytes{device=~\"^/dev/mapper/docker_.*$\",id=\"/\",kubernetes_io_hostname=~\"^$Node$\"})", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 30 - } - ], - "thresholds": "", - "title": "Used", - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "##DS_PR##", - "decimals": 2, - "editable": true, - "error": false, - "format": "bytes", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "height": "1px", - "id": 14, - "interval": null, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "span": 2, - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum (container_fs_limit_bytes{device=~\"^/dev/mapper/docker_.*$\",id=\"/\",kubernetes_io_hostname=~\"^$Node$\"})", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "refId": "A", - "step": 30 - } - ], - "thresholds": "", - "title": "Total", - "type": "singlestat", - "valueFontSize": "50%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Total usage", - "titleSize": "h6" - }, - { - "collapse": true, - "height": 250, - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 33, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 12, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum (irate (container_cpu_usage_seconds_total{id=\"/\",kubernetes_io_hostname=~\"^$Node$\"}[Xs])) / sum (machine_cpu_cores{kubernetes_io_hostname=~\"^$Node$\"}) ", - "format": "time_series", - "hide": false, - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "overall cpu usage", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Cluster CPU Usage", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "percent", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Dashboard Row", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "250px", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 3, - "editable": true, - "error": false, - "fill": 0, - "grid": {}, - "height": "", - "id": 17, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": false, - "min": false, - "rightSide": true, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 12, - "stack": false, - "steppedLine": true, - "targets": [ - { - "expr": "sum (irate (container_cpu_usage_seconds_total{image!=\"\",name=~\"^k8s_.*\",kubernetes_io_hostname=~\"^$Node$\"}[2m])) by (pod_name) * 100", - "format": "time_series", - "hide": false, - "interval": "", - "intervalFactor": 1, - "legendFormat": "{{ pod_name }}", - "metric": "container_cpu", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Pods CPU usage ", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "transparent": false, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "percent", - "label": "% Usage", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Pods CPU usage", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "250px", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 3, - "editable": true, - "error": false, - "fill": 0, - "grid": {}, - "height": "", - "id": 24, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "hideEmpty": false, - "hideZero": false, - "max": false, - "min": false, - "rightSide": true, - "show": true, - "sideWidth": null, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 12, - "stack": false, - "steppedLine": true, - "targets": [ - { - "expr": "sum (irate (container_cpu_usage_seconds_total{image!=\"\",name=~\"^k8s_.*\",container_name!=\"POD\",kubernetes_io_hostname=~\"^$Node$\"}[Xs])) by (container_name, pod_name)", - "format": "time_series", - "hide": false, - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "pod: {{ pod_name }} | {{ container_name }}", - "metric": "container_cpu", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Containers Cores Usage", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": "cores", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Containers CPU usage", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "250px", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 3, - "editable": true, - "error": false, - "fill": 0, - "grid": {}, - "height": "", - "id": 23, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": false, - "min": false, - "rightSide": true, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 12, - "stack": false, - "steppedLine": true, - "targets": [ - { - "expr": "sum (irate (container_cpu_usage_seconds_total{id!=\"/\",kubernetes_io_hostname=~\"^$Node$\"}[Xs])) by (id)", - "format": "time_series", - "hide": false, - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "{{ id }}", - "metric": "container_cpu", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "System services CPU usage ", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": "cores", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "System services CPU usage", - "titleSize": "h6" - }, - { - "collapse": true, - "height": 411, - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 3, - "editable": true, - "error": false, - "fill": 0, - "grid": {}, - "id": 34, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": false, - "min": false, - "rightSide": true, - "show": true, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 12, - "stack": false, - "steppedLine": true, - "targets": [ - { - "expr": "sum (irate (container_memory_rss{id!=\"/\",kubernetes_io_hostname=~\"^$Node$\"}[Xs])) by (id)", - "format": "time_series", - "hide": false, - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "{{ id }}", - "metric": "container_cpu", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "All processes Memory usage ", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": "cores", - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "All processes CPU usage", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "250px", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "editable": true, - "error": false, - "fill": 0, - "grid": {}, - "id": 25, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": false, - "min": false, - "rightSide": true, - "show": true, - "sideWidth": 200, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 12, - "stack": false, - "steppedLine": true, - "targets": [ - { - "expr": "sum (container_memory_rss{image!=\"\",name=~\"^k8s_.*\",kubernetes_io_hostname=~\"^$Node$\"}) by (pod_name)", - "format": "time_series", - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "{{ pod_name }}", - "metric": "container_memory_usage:sort_desc", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Pods memory usage", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Pods memory usage", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "250px", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "editable": true, - "error": false, - "fill": 0, - "grid": {}, - "id": 26, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": false, - "min": false, - "rightSide": true, - "show": true, - "sideWidth": 200, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 12, - "stack": false, - "steppedLine": true, - "targets": [ - { - "expr": "sum (container_memory_rss{systemd_service_name=\"\",kubernetes_io_hostname=~\"^$Node$\"}) by (systemd_service_name)", - "format": "time_series", - "hide": false, - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "{{ systemd_service_name }}", - "metric": "container_memory_usage:sort_desc", - "refId": "B", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "System services memory usage", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "System services memory usage", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "250px", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "editable": true, - "error": false, - "fill": 0, - "grid": {}, - "id": 27, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": false, - "min": false, - "rightSide": true, - "show": true, - "sideWidth": 200, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 12, - "stack": false, - "steppedLine": true, - "targets": [ - { - "expr": "sum (container_memory_rss{image!=\"\",name=~\"^k8s_.*\",container_name!=\"POD\",kubernetes_io_hostname=~\"^$Node$\"}) by (container_name, pod_name)", - "format": "time_series", - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "pod: {{ pod_name }} | {{ container_name }}", - "metric": "container_memory_usage:sort_desc", - "refId": "A", - "step": 10 - }, - { - "expr": "sum (container_memory_rss{image!=\"\",name!~\"^k8s_.*\",kubernetes_io_hostname=~\"^$Node$\"}) by (kubernetes_io_hostname, name, image)", - "format": "time_series", - "hide": false, - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "docker: {{ kubernetes_io_hostname }} | {{ image }} ({{ name }})", - "metric": "container_memory_usage:sort_desc", - "refId": "B", - "step": 10 - }, - { - "expr": "sum (container_memory_rss{rkt_container_name!=\"\",kubernetes_io_hostname=~\"^$Node$\"}) by (kubernetes_io_hostname, rkt_container_name)", - "format": "time_series", - "hide": false, - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "rkt: {{ kubernetes_io_hostname }} | {{ rkt_container_name }}", - "metric": "container_memory_usage:sort_desc", - "refId": "C", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Containers memory usage", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Containers memory usage", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "500px", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "editable": true, - "error": false, - "fill": 0, - "grid": {}, - "id": 28, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "sideWidth": 200, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 12, - "stack": false, - "steppedLine": true, - "targets": [ - { - "expr": "sum (container_memory_rss{id!=\"/\",kubernetes_io_hostname=~\"^$Node$\"}) by (id)", - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "{{ id }}", - "metric": "container_memory_usage:sort_desc", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "All processes memory usage", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "All processes memory usage", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "250px", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "id": 30, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": false, - "min": false, - "rightSide": true, - "show": true, - "sideWidth": 200, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 12, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum (irate (container_network_receive_bytes_total{image!=\"\",name=~\"^k8s_.*\",kubernetes_io_hostname=~\"^$Node$\"}[Xs])) by (container_name, pod_name)", - "format": "time_series", - "hide": false, - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "-> pod: {{ pod_name }} | {{ container_name }}", - "metric": "network", - "refId": "B", - "step": 2 - }, - { - "expr": "- sum (irate (container_network_transmit_bytes_total{image!=\"\",name=~\"^k8s_.*\",kubernetes_io_hostname=~\"^$Node$\"}[Xs])) by (container_name, pod_name)", - "format": "time_series", - "hide": false, - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "<- pod: {{ pod_name }} | {{ container_name }}", - "metric": "network", - "refId": "D", - "step": 2 - }, - { - "expr": "sum (irate (container_network_receive_bytes_total{image!=\"\",name!~\"^k8s_.*\",kubernetes_io_hostname=~\"^$Node$\"}[Xs])) by (kubernetes_io_hostname, name, image)", - "format": "time_series", - "hide": false, - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "-> docker: {{ kubernetes_io_hostname }} | {{ image }} ({{ name }})", - "metric": "network", - "refId": "A", - "step": 2 - }, - { - "expr": "- sum (irate (container_network_transmit_bytes_total{image!=\"\",name!~\"^k8s_.*\",kubernetes_io_hostname=~\"^$Node$\"}[Xs])) by (kubernetes_io_hostname, name, image)", - "format": "time_series", - "hide": false, - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "<- docker: {{ kubernetes_io_hostname }} | {{ image }} ({{ name }})", - "metric": "network", - "refId": "C", - "step": 2 - }, - { - "expr": "sum (irate (container_network_transmit_bytes_total{rkt_container_name!=\"\",kubernetes_io_hostname=~\"^$Node$\"}[Xs])) by (kubernetes_io_hostname, rkt_container_name)", - "format": "time_series", - "hide": false, - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "-> rkt: {{ kubernetes_io_hostname }} | {{ rkt_container_name }}", - "metric": "network", - "refId": "E", - "step": 2 - }, - { - "expr": "- sum (irate (container_network_transmit_bytes_total{rkt_container_name!=\"\",kubernetes_io_hostname=~\"^$Node$\"}[Xs])) by (kubernetes_io_hostname, rkt_container_name)", - "format": "time_series", - "hide": false, - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "<- rkt: {{ kubernetes_io_hostname }} | {{ rkt_container_name }}", - "metric": "network", - "refId": "F", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Containers network I/O ", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "Bps", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Containers network I/O", - "titleSize": "h6" - }, - { - "collapse": true, - "height": 277, - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "id": 16, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": false, - "min": false, - "rightSide": true, - "show": true, - "sideWidth": 200, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 12, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum (irate (container_network_receive_bytes_total{image!=\"\",name=~\"^k8s_.*\",kubernetes_io_hostname=~\"^$Node$\"}[Xs])) by (pod_name)", - "format": "time_series", - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "-> {{ pod_name }}", - "metric": "network", - "refId": "A", - "step": 1 - }, - { - "expr": "- sum (irate (container_network_transmit_bytes_total{image!=\"\",name=~\"^k8s_.*\",kubernetes_io_hostname=~\"^$Node$\"}[Xs])) by (pod_name)", - "format": "time_series", - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "<- {{ pod_name }}", - "metric": "network", - "refId": "B", - "step": 1 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Pods network I/O ", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "Bps", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "Pods network I/O", - "titleSize": "h6" - }, - { - "collapse": true, - "height": "500px", - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "decimals": 2, - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "id": 29, - "legend": { - "alignAsTable": true, - "avg": true, - "current": true, - "max": false, - "min": false, - "rightSide": false, - "show": true, - "sideWidth": 200, - "sort": "current", - "sortDesc": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 12, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum (irate (container_network_receive_bytes_total{id!=\"/\",kubernetes_io_hostname=~\"^$Node$\"}[Xs])) by (id)", - "format": "time_series", - "instant": true, - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "-> {{ id }}", - "metric": "network", - "refId": "A", - "step": 1 - }, - { - "expr": "- sum (irate (container_network_transmit_bytes_total{id!=\"/\",kubernetes_io_hostname=~\"^$Node$\"}[Xs])) by (id)", - "format": "time_series", - "interval": "1s", - "intervalFactor": 1, - "legendFormat": "<- {{ id }}", - "metric": "network", - "refId": "B", - "step": 1 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "All processes network I/O ", - "tooltip": { - "msResolution": false, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "Bps", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": false, - "title": "All processes network I/O", - "titleSize": "h6" - }, - { - "collapse": true, - "height": 250, - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 35, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": true, - "total": false, - "values": false, - "alignAsTable": true, - "rightSide": true - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 12, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "openshift_build_total", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 4, - "legendFormat": "{{ phase }}" - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "openshift_build_total", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 54, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "count(openshift_build_active_time_seconds{phase=\"Running\"} < time() - 600)", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Returns the number of builds that have been running for more than 10 minutes (600 seconds).", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 55, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "count(openshift_build_active_time_seconds{phase=\"Pending\"} < time() - 600)", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Returns the number of build that have been waiting at least 10 minutes (600 seconds) to start.", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 56, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum(openshift_build_total{phase=\"Failed\"})", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Returns the number of failed builds, regardless of the failure reason.", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 57, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "openshift_build_total{phase=\"Failed\",reason=\"fetchsourcefailed\"}", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Returns the number of failed builds because of problems retrieving source from the associated Git repository.", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 58, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum(openshift_build_total{phase=\"Complete\"})", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Returns the number of successfully completed builds.", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 59, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "openshift_build_total{phase=\"Failed\"} offset 5m", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Returns the failed builds totals, per failure reason, from 5 minutes ago.", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": true, - "title": "OpenShift Builds", - "titleSize": "h6" - }, - { - "collapse": true, - "height": 250, - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 36, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "openshift_sdn_pod_setup_latency_sum", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "openshift_sdn_pod_setup_latency_sum", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 41, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "openshift_sdn_pod_teardown_latency", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "openshift_sdn_pod_teardown_latency", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 37, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "openshift_sdn_pod_ips", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "openshift_sdn_pod_ips", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 39, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "garbage_collector_monitoring_route:openshift:io_v1_rate_limiter_use", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "garbage_collector_monitoring_route:openshift:io_v1_rate_limiter_use", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 42, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "openshift_sdn_arp_cache_entries", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "openshift_sdn_arp_cache_entries", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 40, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "openshift_sdn_arp_cache_entries", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "openshift_sdn_arp_cache_entries", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 50, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "topk(10, (sum by (pod_name) (irate(container_network_receive_bytes_total[5m]))))", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Top 10 pods doing the most receive network traffic", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "decbytes", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": true, - "title": "OpenShift SDN", - "titleSize": "h6" - }, - { - "collapse": true, - "height": 250, - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 44, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "kubelet_pleg_relist_latency_microseconds", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 4 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "kubelet_pleg_relist", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "µs", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 51, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "kubelet_docker_operations_latency_microseconds{quantile=\"0.9\"}", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 4 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "kubelet_docker_operations_latency_microseconds{quantile=\"0.9\"}", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "µs", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 52, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "kubelet_docker_operations_timeout", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 4 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Returns a running count (not a rate) of docker operations that have timed out since the kubelet was started.", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 53, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "kubelet_docker_operations_errors", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Returns a running count (not a rate) of docker operations that have failed since the kubelet was started.", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": true, - "title": "Kubelet", - "titleSize": "h6" - }, - { - "collapse": true, - "height": 250, - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 46, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "scrape_samples_scraped", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "scrape_samples_scraped", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 68, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sort_desc(sum without (cpu) (irate(container_cpu_usage_seconds_total{container_name=\"prometheus\"}[5m])))", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "CPU per instance of Prometheus container.", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": true, - "title": "Prometheus", - "titleSize": "h6" - }, - { - "collapse": false, - "height": 250, - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 48, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sort_desc(sum without (instance,type,client,contentType) (irate(apiserver_request_count{verb!~\"GET|LIST|WATCH\"}[Xs]))) > 0", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Number of mutating API requests being made to the control plane.", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 49, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sort_desc(sum without (instance,type,client,contentType) (irate(apiserver_request_count{verb=~\"GET|LIST|WATCH\"}[Xs]))) > 0", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Number of non-mutating API requests being made to the control plane.", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 74, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "endpoint_queue_latency", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "endpoint_queue_latency", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": true, - "title": "API Server", - "titleSize": "h6" - }, - { - "collapse": true, - "height": 250, - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 61, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "etcd_disk_wal_fsync_duration_seconds_count", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "etcd_disk_wal_fsync_duration_seconds_count", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": true, - "title": "etcd", - "titleSize": "h6" - }, - { - "collapse": true, - "height": 250, - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 62, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 12, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum(changes(container_start_time_seconds[10m]))", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 4 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "The number of containers that start or restart over the last ten minutes.", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": true, - "title": "Changes in your cluster", - "titleSize": "h6" - }, - { - "collapse": true, - "height": 250, - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 63, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum(machine_cpu_cores)", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Total number of cores in the cluster.", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 64, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum(sort_desc(irate(container_cpu_usage_seconds_total{id=\"/\"}[5m])))", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Total number of consumed cores.", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 65, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sort_desc(sum by (kubernetes_io_hostname,type) (irate(container_cpu_usage_seconds_total{id=\"/\"}[5m])))", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "CPU consumed per node in the cluster.", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 66, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sort_desc(sum by (cpu,id,pod_name,container_name) (irate(container_cpu_usage_seconds_total{region=\"infra\"}[5m])))", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "CPU consumption per system service or container on the infrastructure nodes.", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 67, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sort_desc(sum by (namespace) (irate(container_cpu_usage_seconds_total[5m])))", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "CPU consumed per namespace on the cluster.", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 47, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum(irate(container_cpu_usage_seconds_total{id=\"/\"}[3m])) / sum(machine_cpu_cores)", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Percentage of total cluster CPU in use", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "percent", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 69, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum(container_memory_rss) / sum(machine_memory_bytes)", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Percentage of total cluster memory in use", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "percent", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 70, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum by (kubernetes_io_hostname) (irate(container_cpu_usage_seconds_total{id=~\"/system.slice/(docker|etcd).service\"}[5m]))", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Aggregate CPU usage (seconds total) of etcd+docker", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": true, - "title": "System and container CPU", - "titleSize": "h6" - }, - { - "collapse": true, - "height": 250, - "panels": [ - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 71, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [ - { - "title": "Kubernetes Storage Metrics via Prometheus", - "type": "absolute", - "url": "https://docs.google.com/document/d/1Fh0T60T_y888LsRwC51CQHO75b2IZ3A34ZQS71s_F0g" - } - ], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "volumes_queue_latency", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "volumes_queue_latency", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 72, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [ - { - "title": "Kubernetes Storage Metrics via Prometheus", - "type": "absolute", - "url": "https://docs.google.com/document/d/1Fh0T60T_y888LsRwC51CQHO75b2IZ3A34ZQS71s_F0g" - } - ], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "cloudprovider_aws_api_request_duration_seconds_count", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "cloudprovider_aws_api_request_duration_seconds_count", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "##DS_PR##", - "fill": 1, - "id": 73, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 1, - "links": [ - { - "title": "Kubernetes Storage Metrics via Prometheus", - "type": "absolute", - "url": "https://docs.google.com/document/d/1Fh0T60T_y888LsRwC51CQHO75b2IZ3A34ZQS71s_F0g" - } - ], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "span": 6, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "storage_operation_duration_seconds_sum", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "storage_operation_duration_seconds_sum", - "tooltip": { - "shared": true, - "sort": 0, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ] - } - ], - "repeat": null, - "repeatIteration": null, - "repeatRowId": null, - "showTitle": true, - "title": "OpenShift Volumes", - "titleSize": "h6" - } - ], - "schemaVersion": 14, - "style": "dark", - "tags": [ - "kubernetes", - "openshift" - ], - "templating": { - "list": [ - { - "allValue": ".*", - "current": {}, - "datasource": "##DS_PR##", - "hide": 0, - "includeAll": true, - "label": null, - "multi": false, - "name": "Node", - "options": [], - "query": "label_values(kubernetes_io_hostname)", - "refresh": 1, - "regex": "", - "sort": 0, - "tagValuesQuery": "", - "tags": [], - "tagsQuery": "", - "type": "query", - "useTags": false - } - ] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": { - "refresh_intervals": [ - "5s", - "1s", - "Xs", - "20s", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options": [ - "5m", - "15m", - "1h", - "6h", - "12h", - "24h", - "2d", - "7d", - "30d" - ] - }, - "timezone": "browser", - "title": "openshift cluster monitoring", - "version": 20 - } - } diff --git a/roles/openshift_grafana/meta/main.yml b/roles/openshift_grafana/meta/main.yml deleted file mode 100644 index 853eefd9a53..00000000000 --- a/roles/openshift_grafana/meta/main.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -galaxy_info: - author: OpenShift Development - description: Deploy OpenShift grafana integration for the cluster - company: Red Hat, Inc. - license: license (Apache) - min_ansible_version: 2.4 - platforms: - - name: EL - versions: - - 7 - - name: Fedora - versions: - - all - categories: - - openshift -dependencies: -- role: lib_openshift -- role: openshift_facts -- role: lib_utils -- role: openshift_logging_defaults diff --git a/roles/openshift_grafana/tasks/facts.yaml b/roles/openshift_grafana/tasks/facts.yaml deleted file mode 100644 index 02f3c7b344e..00000000000 --- a/roles/openshift_grafana/tasks/facts.yaml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- set_fact: - grafana_state: "{{ openshift_grafana_state }}" - grafana_namespace: "{{ openshift_grafana_namespace }}" - grafana_timeout: "{{ openshift_grafana_pod_timeout }}" - grafana_prometheus_namespace: "{{ openshift_grafana_prometheus_namespace }}" - grafana_prometheus_serviceaccount: "{{ openshift_grafana_prometheus_serviceaccount }}" - grafana_prometheus_route: "{{ openshift_grafana_prometheus_route }}" - grafana_serviceaccount_name: "{{ openshift_grafana_serviceaccount_name }}" - grafana_datasource_name: "{{ openshift_grafana_datasource_name }}" - grafana_node_exporter: "{{ openshift_grafana_node_exporter }}" - grafana_graph_granularity: "{{ openshift_grafana_graph_granularity }}" - grafana_datasource_json: "{{ openshift_grafana_datasource_payload | to_json }}" - grafana_node_selector: "{{ openshift_grafana_node_selector }}" - grafana_serviceaccount_annotations: "{{ l_openshift_grafana_serviceaccount_annotations + openshift_grafana_serviceaccount_annotations|list }}" - grafana_dashboards: "{{ l_openshift_grafana_dashboards + openshift_grafana_dashboards|list }}" - grafana_hostname: "{{ openshift_grafana_hostname }}" - grafana_service_name: "{{ openshift_grafana_service_name }}" - grafana_service_port: "{{ openshift_grafana_service_port }}" - grafana_service_targetport: "{{ openshift_grafana_service_targetport }}" - grafana_container_port: "{{ openshift_grafana_container_port }}" - grafana_oauth_proxy_memory_requests: "{{ openshift_grafana_oauth_proxy_memory_requests }}" - grafana_oauth_proxy_cpu_requests: "{{ openshift_grafana_oauth_proxy_cpu_requests }}" - grafana_oauth_proxy_memory_limit: "{{ openshift_grafana_oauth_proxy_memory_limit }}" - grafana_oauth_proxy_cpu_limit: "{{ openshift_grafana_oauth_proxy_cpu_limit }}" - grafana_storage_type: "{{ openshift_grafana_storage_type }}" - grafana_pvc_name: "{{ openshift_grafana_pvc_name }}" - grafana_pvc_size: "{{ openshift_grafana_pvc_size }}" - grafana_pvc_access_modes: "{{ openshift_grafana_pvc_access_modes }}" - grafana_pvc_pv_selector: "{{ openshift_grafana_pvc_pv_selector }}" - grafana_sc_name: "{{ openshift_grafana_sc_name }}" diff --git a/roles/openshift_grafana/tasks/install_grafana.yaml b/roles/openshift_grafana/tasks/install_grafana.yaml deleted file mode 100644 index d3ac26e2307..00000000000 --- a/roles/openshift_grafana/tasks/install_grafana.yaml +++ /dev/null @@ -1,284 +0,0 @@ ---- - -- name: Ensure that Grafana has nodes to run on - import_role: - name: openshift_control_plane - tasks_from: ensure_nodes_matching_selector.yml - vars: - openshift_master_ensure_nodes_selector: "{{ grafana_node_selector | map_to_pairs }}" - openshift_master_ensure_nodes_service: Grafana - -- name: Create grafana namespace - oc_project: - state: present - name: "{{ grafana_namespace }}" - node_selector: "{{ grafana_node_selector | lib_utils_oo_selector_to_string_list() }}" - description: Grafana - -- name: create grafana_serviceaccount_name serviceaccount - oc_serviceaccount: - state: present - name: "{{ grafana_serviceaccount_name }}" - namespace: "{{ grafana_namespace }}" - changed_when: no - -# TODO remove this when annotations are supported by oc_serviceaccount -- name: annotate serviceaccount - command: > - {{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig - annotate --overwrite -n {{ grafana_namespace }} - serviceaccount {{ grafana_serviceaccount_name }} {{ item }} - with_items: - "{{ grafana_serviceaccount_annotations }}" - -# create clusterrolebinding for prometheus serviceaccount -- name: Set cluster-reader permissions for grafana - oc_adm_policy_user: - state: present - namespace: "{{ grafana_namespace }}" - resource_kind: cluster-role - resource_name: cluster-reader - user: "{{ openshift_grafana_serviceaccount_name }}" - -- name: create grafana routes - oc_route: - state: present - name: "{{ item.name }}" - host: "{{ item.host }}" - namespace: "{{ grafana_namespace }}" - service_name: "{{ item.name }}" - tls_termination: reencrypt - with_items: - - name: grafana - host: "{{ grafana_hostname }}" - -- name: create services for grafana - oc_service: - name: "{{ grafana_service_name }}" - namespace: "{{ grafana_namespace }}" - labels: - name: grafana - annotations: - prometheus.io/scrape: "true" - prometheus.io/scheme: https - prometheus.io/port: "{{ grafana_service_targetport | int }}" - service.alpha.openshift.io/serving-cert-secret-name: grafana-tls - ports: - - name: grafana - port: "{{ grafana_service_port }}" - targetPort: "{{ grafana_service_targetport }}" - protocol: TCP - selector: - app: grafana - -- name: Set grafana secrets - oc_secret: - state: present - name: "{{ item }}-proxy" - namespace: "{{ grafana_namespace }}" - contents: - - path: session_secret - data: "{{ 43 | lib_utils_oo_random_word }}=" - with_items: - - grafana - -# Storage -- name: create grafana pvc - oc_pvc: - namespace: "{{ grafana_namespace }}" - name: "{{ grafana_pvc_name }}" - access_modes: "{{ grafana_pvc_access_modes }}" - volume_capacity: "{{ grafana_pvc_size }}" - selector: "{{ grafana_pvc_pv_selector }}" - storage_class_name: "{{ grafana_sc_name }}" - when: grafana_storage_type == 'pvc' - -- name: template grafana components - template: - src: "{{ item }}.j2" - dest: "{{ mktemp.stdout }}/{{ item }}" - changed_when: no - with_items: - - "grafana.yml" - - "grafana-config.yml" - -- name: Set grafana configmap - oc_configmap: - state: present - name: "grafana-config" - namespace: "{{ grafana_namespace }}" - from_file: - defaults.ini: "{{ mktemp.stdout }}/grafana-config.yml" - -- name: Set grafana deployment - oc_obj: - state: present - name: "grafana" - namespace: "{{ grafana_namespace }}" - kind: deployment - files: - - "{{ mktemp.stdout }}/grafana.yml" - -- name: Copy Grafana files - copy: - src: "dashboards/{{ item }}" - dest: "{{ mktemp.stdout }}/{{ item }}" - with_items: - - "{{ grafana_dashboards }}" - -- name: Wait for grafana pod - oc_obj: - namespace: "{{ grafana_namespace }}" - kind: pod - state: list - selector: "app=grafana" - register: grafana_pod - until: - - "grafana_pod.results.results[0]['items'] | count > 0" - # Pod's 'Ready' status must be True - - "grafana_pod.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count == 1" - delay: 10 - retries: "{{ (grafana_timeout | int / 10) | int }}" - -- name: Get the prometheus SA token - shell: oc sa get-token {{ grafana_prometheus_serviceaccount }} -n {{ grafana_prometheus_namespace }} - register: prometheus_sa_token - -- name: Get the grafana SA token - shell: oc sa get-token {{ grafana_serviceaccount_name }} -n {{ grafana_namespace }} - register: grafana_sa_token - -- name: Get prometheus route - oc_route: - state: list - name: "{{ grafana_prometheus_route }}" - namespace: "{{ grafana_prometheus_namespace }}" - register: prometheus_route - -- name: Get grafana route - oc_route: - state: list - name: grafana - namespace: "{{ grafana_namespace }}" - register: grafana_route - -- name: set facts - set_fact: - payload_data: "{{ grafana_datasource_json | regex_replace('grafana_name', grafana_datasource_name ) | regex_replace('prometheus_url', prometheus_route.results[0].spec.host ) | regex_replace('Bearer', 'Bearer ' + prometheus_sa_token.stdout) }}" - grafana_route: "https://{{ grafana_route.results[0].spec.host }}" - -- name: Add new datasource to grafana - uri: - url: "{{ grafana_route }}/api/datasources" - user: "{{ grafana_sa_token.stdout }}" - validate_certs: false - method: POST - body: '{{ payload_data }}' - body_format: json - status_code: - - 200 - - 409 - headers: - Content-Type: "Content-Type: application/json" - register: add_ds - -- block: - - name: Retrieve current grafana datasource - uri: - url: "{{ grafana_route }}/api/datasources/name/{{ grafana_datasource_name }}" - user: "{{ grafana_sa_token.stdout }}" - validate_certs: false - method: GET - status_code: - - 200 - register: grafana_ds - - name: Update grafana datasource - uri: - url: "{{ grafana_route }}/api/datasources/{{ grafana_ds.json['id'] }}" - user: "{{ grafana_sa_token.stdout }}" - validate_certs: false - method: PUT - body: '{{ payload_data }}' - body_format: json - headers: - Content-Type: "Content-Type: application/json" - status_code: - - 200 - register: update_ds - when: add_ds.status == 409 - -- name: Regex set data source name for openshift dashboard - replace: - path: "{{ mktemp.stdout }}/openshift-cluster-monitoring.json" - regexp: '{{ item.regexp }}' - replace: '{{ item.replace }}' - backup: yes - with_items: - - regexp: '##DS_PR##' - replace: '{{ grafana_datasource_name }}' - - regexp: 'Xs' - replace: '{{ grafana_graph_granularity }}' - -- name: Regex set data source name for node exporter - replace: - path: "{{ mktemp.stdout }}/node-exporter-full-dashboard.json" - regexp: '{{ item.regexp }}' - replace: '{{ item.replace }}' - backup: yes - with_items: - - regexp: '##DS_PR##' - replace: '{{ grafana_datasource_name }}' - - regexp: 'Xs' - replace: '{{ grafana_graph_granularity }}' - when: grafana_node_exporter | default(false) | bool == true - -- set_fact: - cluster_monitoring_dashboard: "{{ mktemp.stdout }}/openshift-cluster-monitoring.json" - node_exporter_dashboard: "{{ mktemp.stdout }}/node-exporter-full-dashboard.json" - -- name: Slurp dashboard file - slurp: - src: "{{ cluster_monitoring_dashboard }}" - register: slurpfile - -- set_fact: - dashboard_data: '{{ slurpfile["content"] | b64decode | from_json | combine({ "dashboard": { "overwrite": true } }, recursive=True) | to_json }}' - -- name: Add openshift dashboard - uri: - url: "{{ grafana_route }}/api/dashboards/db" - user: "{{ grafana_sa_token.stdout }}" - validate_certs: false - method: POST - body: '{{ dashboard_data }}' - body_format: json - status_code: - - 200 - - 412 - headers: - Content-Type: "Content-Type: application/json" - register: add_ds - -- name: Slurp dashboard file - slurp: - src: "{{ node_exporter_dashboard }}" - register: slurpfile - -- set_fact: - dashboard_data: '{{ slurpfile["content"] | b64decode | from_json | combine({ "dashboard": { "overwrite": true } }, recursive=True) | to_json }}' - -- name: Add node exporter dashboard - uri: - url: "{{ grafana_route }}/api/dashboards/db" - user: "{{ grafana_sa_token.stdout }}" - validate_certs: false - method: POST - body: '{{ dashboard_data }}' - body_format: json - status_code: - - 200 - - 412 - headers: - Content-Type: "Content-Type: application/json" - register: add_ds - when: grafana_node_exporter | default(false) | bool == true diff --git a/roles/openshift_grafana/tasks/main.yaml b/roles/openshift_grafana/tasks/main.yaml deleted file mode 100644 index 9c200ed86cf..00000000000 --- a/roles/openshift_grafana/tasks/main.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -- name: Create temp directory for doing work in - command: mktemp -d /tmp/openshift-grafana-ansible-XXXXXX - register: mktemp - changed_when: False - check_mode: no - -- include_tasks: facts.yaml -- include_tasks: install_grafana.yaml - when: grafana_state == 'present' - -- include_tasks: uninstall_grafana.yaml - when: grafana_state == 'absent' - -- name: Delete temp directory - file: - name: "{{ mktemp.stdout }}" - state: absent - changed_when: False - check_mode: no diff --git a/roles/openshift_grafana/tasks/uninstall_grafana.yaml b/roles/openshift_grafana/tasks/uninstall_grafana.yaml deleted file mode 100644 index 6b97bbf5b5b..00000000000 --- a/roles/openshift_grafana/tasks/uninstall_grafana.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- - -# remove namespace - This will delete all the objects inside the namespace -- name: Remove grafana project - oc_project: - state: absent - name: "{{ openshift_grafana_namespace }}" diff --git a/roles/openshift_grafana/templates/grafana-config.yml.j2 b/roles/openshift_grafana/templates/grafana-config.yml.j2 deleted file mode 100644 index 5581bcdc639..00000000000 --- a/roles/openshift_grafana/templates/grafana-config.yml.j2 +++ /dev/null @@ -1,387 +0,0 @@ -##################### Grafana Configuration Defaults ##################### -# -# Do not modify this file in grafana installs -# -# possible values : production, development -app_mode = production -# instance name, defaults to HOSTNAME environment variable value or hostname if HOSTNAME var is empty -instance_name = ${HOSTNAME} -#################################### Paths ############################### -[paths] -# Path to where grafana can store temp files, sessions, and the sqlite3 db (if that is used) -# -data = data -# -# Directory where grafana can store logs -# -logs = data/log -# -# Directory where grafana will automatically scan and look for plugins -# -plugins = data/plugins -#################################### Server ############################## -[server] -# Protocol (http, https, socket) -protocol = http -# The ip address to bind to, empty will bind to all interfaces -http_addr = -# The http port to use -http_port = 3000 -# The public facing domain name used to access grafana from a browser -domain = localhost -# Redirect to correct domain if host header does not match domain -# Prevents DNS rebinding attacks -enforce_domain = false -# The full public facing url -root_url = %(protocol)s://%(domain)s:%(http_port)s/ -# Log web requests -router_logging = false -# the path relative working path -static_root_path = public -# enable gzip -enable_gzip = false -# https certs & key file -cert_file = /etc/tls/private/tls.crt -cert_key = /etc/tls/private/tls.key -# Unix socket path -socket = /tmp/grafana.sock -#################################### Database ############################ -[database] -# You can configure the database connection by specifying type, host, name, user and password -# as separate properties or as on string using the url property. -# Either "mysql", "postgres" or "sqlite3", it's your choice -type = sqlite3 -host = 127.0.0.1:3306 -name = grafana -user = root -# If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;""" -password = -# Use either URL or the previous fields to configure the database -# Example: mysql://user:secret@host:port/database -url = -# Max idle conn setting default is 2 -max_idle_conn = 2 -# Max conn setting default is 0 (mean not set) -max_open_conn = -# For "postgres", use either "disable", "require" or "verify-full" -# For "mysql", use either "true", "false", or "skip-verify". -ssl_mode = disable -ca_cert_path = -client_key_path = -client_cert_path = -server_cert_name = -# For "sqlite3" only, path relative to data_path setting -path = grafana.db -#################################### Session ############################# -[session] -# Either "memory", "file", "redis", "mysql", "postgres", "memcache", default is "file" -provider = file -# Provider config options -# memory: not have any config yet -# file: session dir path, is relative to grafana data_path -# redis: config like redis server e.g. `addr=127.0.0.1:6379,pool_size=100,db=grafana` -# postgres: user=a password=b host=localhost port=5432 dbname=c sslmode=disable -# mysql: go-sql-driver/mysql dsn config string, examples: -# `user:password@tcp(127.0.0.1:3306)/database_name` -# `user:password@unix(/var/run/mysqld/mysqld.sock)/database_name` -# memcache: 127.0.0.1:11211 -provider_config = sessions -# Session cookie name -cookie_name = grafana_sess -# If you use session in https only, default is false -cookie_secure = false -# Session life time, default is 86400 -session_life_time = 86400 -gc_interval_time = 86400 -#################################### Data proxy ########################### -[dataproxy] -# This enables data proxy logging, default is false -logging = false -#################################### Analytics ########################### -[analytics] -# Server reporting, sends usage counters to stats.grafana.org every 24 hours. -# No ip addresses are being tracked, only simple counters to track -# running instances, dashboard and error counts. It is very helpful to us. -# Change this option to false to disable reporting. -reporting_enabled = true -# Set to false to disable all checks to https://grafana.com -# for new versions (grafana itself and plugins), check is used -# in some UI views to notify that grafana or plugin update exists -# This option does not cause any auto updates, nor send any information -# only a GET request to https://grafana.com to get latest versions -check_for_updates = true -# Google Analytics universal tracking code, only enabled if you specify an id here -google_analytics_ua_id = -# Google Tag Manager ID, only enabled if you specify an id here -google_tag_manager_id = -#################################### Security ############################ -[security] -# default admin user, created on startup -admin_user = admin -# default admin password, can be changed before first start of grafana, or in profile settings -admin_password = admin -# used for signing -secret_key = SW2YcwTIb9zpOOhoPsMm -# Auto-login remember days -login_remember_days = 7 -cookie_username = grafana_user -cookie_remember_name = grafana_remember -# disable gravatar profile images -disable_gravatar = false -# data source proxy whitelist (ip_or_domain:port separated by spaces) -data_source_proxy_whitelist = -[snapshots] -# snapshot sharing options -external_enabled = true -external_snapshot_url = https://snapshots-origin.raintank.io -external_snapshot_name = Publish to snapshot.raintank.io -# remove expired snapshot -snapshot_remove_expired = true -# remove snapshots after 90 days -snapshot_TTL_days = 90 -#################################### Users #################################### -[users] -# disable user signup / registration -allow_sign_up = true -# Allow non admin users to create organizations -allow_org_create = true -# Set to true to automatically assign new users to the default organization (id 1) -auto_assign_org = true -# Default role new users will be automatically assigned (if auto_assign_org above is set to true) -auto_assign_org_role = Admin -# Require email validation before sign up completes -verify_email_enabled = false -# Background text for the user field on the login page -login_hint = email or username -# Default UI theme ("dark" or "light") -default_theme = dark -# External user management -external_manage_link_url = -external_manage_link_name = -external_manage_info = -[auth] -# Set to true to disable (hide) the login form, useful if you use OAuth -disable_login_form = true -# Set to true to disable the signout link in the side menu. useful if you use auth.proxy -disable_signout_menu = true -#################################### Anonymous Auth ###################### -[auth.anonymous] -# enable anonymous access -enabled = true -# specify organization name that should be used for unauthenticated users -org_name = Main Org. -# specify role for unauthenticated users -org_role = Admin -#################################### Github Auth ######################### -[auth.github] -enabled = false -allow_sign_up = true -client_id = some_id -client_secret = some_secret -scopes = user:email -auth_url = https://github.com/login/oauth/authorize -token_url = https://github.com/login/oauth/access_token -api_url = https://api.github.com/user -team_ids = -allowed_organizations = -#################################### Google Auth ######################### -[auth.google] -enabled = false -allow_sign_up = true -client_id = some_client_id -client_secret = some_client_secret -scopes = https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email -auth_url = https://accounts.google.com/o/oauth2/auth -token_url = https://accounts.google.com/o/oauth2/token -api_url = https://www.googleapis.com/oauth2/v1/userinfo -allowed_domains = -hosted_domain = -#################################### Grafana.com Auth #################### -# legacy key names (so they work in env variables) -[auth.grafananet] -enabled = false -allow_sign_up = true -client_id = some_id -client_secret = some_secret -scopes = user:email -allowed_organizations = -[auth.grafana_com] -enabled = false -allow_sign_up = true -client_id = some_id -client_secret = some_secret -scopes = user:email -allowed_organizations = -#################################### Generic OAuth ####################### -[auth.generic_oauth] -name = OAuth -enabled = false -allow_sign_up = true -client_id = some_id -client_secret = some_secret -scopes = user:email -auth_url = -token_url = -api_url = -team_ids = -allowed_organizations = -#################################### Basic Auth ########################## -[auth.basic] -enabled = false -#################################### Auth Proxy ########################## -[auth.proxy] -enabled = true -header_name = X-WEBAUTH-USER -header_property = username -auto_sign_up = true -ldap_sync_ttl = 60 -whitelist = -#################################### Auth LDAP ########################### -[auth.ldap] -enabled = false -config_file = /etc/grafana/ldap.toml -allow_sign_up = true -#################################### SMTP / Emailing ##################### -[smtp] -enabled = false -host = localhost:25 -user = -# If the password contains # or ; you have to wrap it with trippel quotes. Ex """#password;""" -password = -cert_file = -key_file = -skip_verify = false -from_address = admin@grafana.localhost -from_name = Grafana -ehlo_identity = -[emails] -welcome_email_on_sign_up = false -templates_pattern = emails/*.html -#################################### Logging ########################## -[log] -# Either "console", "file", "syslog". Default is console and file -# Use space to separate multiple modes, e.g. "console file" -mode = console file -# Either "debug", "info", "warn", "error", "critical", default is "info" -level = error -# optional settings to set different levels for specific loggers. Ex filters = sqlstore:debug -filters = -# For "console" mode only -[log.console] -level = -# log line format, valid options are text, console and json -format = console -# For "file" mode only -[log.file] -level = -# log line format, valid options are text, console and json -format = text -# This enables automated log rotate(switch of following options), default is true -log_rotate = true -# Max line number of single file, default is 1000000 -max_lines = 1000000 -# Max size shift of single file, default is 28 means 1 << 28, 256MB -max_size_shift = 28 -# Segment log daily, default is true -daily_rotate = true -# Expired days of log file(delete after max days), default is 7 -max_days = 7 -[log.syslog] -level = -# log line format, valid options are text, console and json -format = text -# Syslog network type and address. This can be udp, tcp, or unix. If left blank, the default unix endpoints will be used. -network = -address = -# Syslog facility. user, daemon and local0 through local7 are valid. -facility = -# Syslog tag. By default, the process' argv[0] is used. -tag = -#################################### AMQP Event Publisher ################ -[event_publisher] -enabled = false -rabbitmq_url = amqp://localhost/ -exchange = grafana_events -#################################### Dashboard JSON files ################ -[dashboards.json] -enabled = false -path = /var/lib/grafana/dashboards -#################################### Usage Quotas ######################## -[quota] -enabled = false -#### set quotas to -1 to make unlimited. #### -# limit number of users per Org. -org_user = 10 -# limit number of dashboards per Org. -org_dashboard = 100 -# limit number of data_sources per Org. -org_data_source = 10 -# limit number of api_keys per Org. -org_api_key = 10 -# limit number of orgs a user can create. -user_org = 10 -# Global limit of users. -global_user = -1 -# global limit of orgs. -global_org = -1 -# global limit of dashboards -global_dashboard = -1 -# global limit of api_keys -global_api_key = -1 -# global limit on number of logged in users. -global_session = -1 -#################################### Alerting ############################ -[alerting] -# Disable alerting engine & UI features -enabled = true -# Makes it possible to turn off alert rule execution but alerting UI is visible -execute_alerts = true -#################################### Internal Grafana Metrics ############ -# Metrics available at HTTP API Url /api/metrics -[metrics] -enabled = true -interval_seconds = 10 -# Send internal Grafana metrics to graphite -[metrics.graphite] -# Enable by setting the address setting (ex localhost:2003) -address = -prefix = prod.grafana.%(instance_name)s. -[grafana_net] -url = https://grafana.com -[grafana_com] -url = https://grafana.com -#################################### Distributed tracing ############ -[tracing.jaeger] -# jaeger destination (ex localhost:6831) -address = -# tag that will always be included in when creating new spans. ex (tag1:value1,tag2:value2) -always_included_tag = -# Type specifies the type of the sampler: const, probabilistic, rateLimiting, or remote -sampler_type = const -# jaeger samplerconfig param -# for "const" sampler, 0 or 1 for always false/true respectively -# for "probabilistic" sampler, a probability between 0 and 1 -# for "rateLimiting" sampler, the number of spans per second -# for "remote" sampler, param is the same as for "probabilistic" -# and indicates the initial sampling rate before the actual one -# is received from the mothership -sampler_param = 1 -#################################### External Image Storage ############## -[external_image_storage] -# You can choose between (s3, webdav, gcs) -provider = -[external_image_storage.s3] -bucket_url = -bucket = -region = -path = -access_key = -secret_key = -[external_image_storage.webdav] -url = -username = -password = -public_url = -[external_image_storage.gcs] -key_file = -bucket = \ No newline at end of file diff --git a/roles/openshift_grafana/templates/grafana.yml.j2 b/roles/openshift_grafana/templates/grafana.yml.j2 deleted file mode 100644 index f8d29c4a17d..00000000000 --- a/roles/openshift_grafana/templates/grafana.yml.j2 +++ /dev/null @@ -1,116 +0,0 @@ ---- -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - labels: - app: grafana - name: grafana - namespace: {{ grafana_namespace }} -spec: - replicas: 1 - selector: - matchLabels: - app: grafana - template: - metadata: - labels: - app: grafana - name: grafana - spec: - serviceAccountName: {{ grafana_serviceaccount_name }} -{% if grafana_node_selector is iterable and grafana_node_selector | length > 0 %} - nodeSelector: -{% for key, value in grafana_node_selector.items() %} - {{ key }}: "{{ value }}" -{% endfor %} -{% endif %} - containers: - - name: oauth-proxy - image: "{{ openshift_grafana_proxy_image }}" - imagePullPolicy: IfNotPresent - resources: - requests: -{% if grafana_oauth_proxy_memory_requests is defined and grafana_oauth_proxy_memory_requests is not none %} - memory: "{{ grafana_oauth_proxy_memory_requests }}" -{% endif %} -{% if grafana_oauth_proxy_cpu_requests is defined and grafana_oauth_proxy_cpu_requests is not none %} - cpu: "{{ grafana_oauth_proxy_cpu_requests }}" -{% endif %} - limits: -{% if grafana_oauth_proxy_memory_limit is defined and grafana_oauth_proxy_memory_limit is not none %} - memory: "{{ grafana_oauth_proxy_memory_limit }}" -{% endif %} -{% if grafana_oauth_proxy_cpu_limit is defined and grafana_oauth_proxy_cpu_limit is not none %} - cpu: "{{ grafana_oauth_proxy_cpu_limit }}" -{% endif %} - ports: - - containerPort: {{ grafana_service_port }} - name: web - args: - - -https-address=:{{ grafana_service_targetport }} - - -http-address= - - -email-domain=* - - -client-id=system:serviceaccount:{{ grafana_namespace }}:{{ grafana_serviceaccount_name }} - - -upstream=http://localhost:{{ grafana_container_port }} - - -provider=openshift -# - '-openshift-delegate-urls={"/api/datasources": {"resource": "namespace", "verb": "get", "resourceName": "{{ grafana_namespace }}", "namespace": "{{ grafana_namespace }}"}}' - - '-openshift-sar={"namespace": "{{ grafana_namespace }}", "verb": "list", "resource": "services"}' - - -tls-cert=/etc/tls/private/tls.crt - - -tls-key=/etc/tls/private/tls.key - - -client-secret-file=/var/run/secrets/kubernetes.io/serviceaccount/token - - -cookie-secret-file=/etc/proxy/secrets/session_secret - - -skip-auth-regex=^/metrics,/api/datasources,/api/dashboards - volumeMounts: - - mountPath: /etc/tls/private - name: grafana-tls-secret - - mountPath: /etc/proxy/secrets - name: grafana-proxy-secrets - - - name: grafana - image: "{{ openshift_grafana_image }}" - imagePullPolicy: IfNotPresent - resources: - requests: -{% if openshift_grafana_memory_requests is defined and openshift_grafana_memory_requests is not none %} - memory: "{{ openshift_grafana_memory_requests }}" -{% endif %} -{% if openshift_grafana_cpu_requests is defined and openshift_grafana_cpu_requests is not none %} - cpu: "{{ openshift_grafana_cpu_requests }}" -{% endif %} - limits: -{% if openshift_grafana_memory_limit is defined and openshift_grafana_memory_limit is not none %} - memory: "{{ openshift_grafana_memory_limit }}" -{% endif %} -{% if openshift_grafana_cpu_limit is defined and openshift_grafana_cpu_limit is not none %} - cpu: "{{ openshift_grafana_cpu_limit }}" -{% endif %} - ports: - - name: grafana-http - containerPort: {{ grafana_container_port }} - volumeMounts: - - mountPath: "/root/go/src/github.com/grafana/grafana/data" - name: grafana-data - - mountPath: "/usr/share/grafana/conf" - name: grafana-config - - mountPath: /etc/tls/private - name: grafana-tls-secret - - mountPath: /etc/proxy/secrets - name: grafana-proxy-secrets - - volumes: - - name: grafana-config - configMap: - name: grafana-config - - name: grafana-proxy-secrets - secret: - secretName: grafana-proxy - - name: grafana-tls-secret - secret: - secretName: grafana-tls - - name: grafana-data -{% if grafana_storage_type == 'pvc' %} - persistentVolumeClaim: - claimName: {{ grafana_pvc_name }} -{% else %} - emptydir: {} -{% endif %} diff --git a/roles/openshift_health_checker/defaults/main.yml b/roles/openshift_health_checker/defaults/main.yml index 713614b4a79..5235d72f011 100644 --- a/roles/openshift_health_checker/defaults/main.yml +++ b/roles/openshift_health_checker/defaults/main.yml @@ -9,9 +9,8 @@ l_node_image_list: - "{{ l_osm_registry_url | regex_replace('${component}' | regex_escape, 'deployer') }}" - "{{ l_osm_registry_url | regex_replace('${component}' | regex_escape, 'pod') }}" -l_atomic_node_required_images: "{{ (openshift_is_atomic | bool) | ternary([osn_image], []) }}" l_etcd_required_images: "{{ (l_host_is_master and l_host_is_etcd) | ternary([etcd_image], []) }}" l_master_required_images: "{{ l_host_is_master | ternary([osm_image], []) }}" l_cockpit_images: "{{ (openshift_hosted_manage_registry_console | bool) | ternary([openshift_cockpit_deployer_image], []) }}" l_required_node_images: "{{ l_host_is_node | ternary(l_node_image_list, [])}}" -openshift_health_check_required_images: "{{ [] + l_required_node_images + l_cockpit_images + l_master_required_images + l_etcd_required_images + l_atomic_node_required_images }}" +openshift_health_check_required_images: "{{ [] + l_required_node_images + l_cockpit_images + l_master_required_images + l_etcd_required_images }}" diff --git a/roles/openshift_health_checker/openshift_checks/disk_availability.py b/roles/openshift_health_checker/openshift_checks/disk_availability.py index b73e7e34be4..c6f740b9c88 100644 --- a/roles/openshift_health_checker/openshift_checks/disk_availability.py +++ b/roles/openshift_health_checker/openshift_checks/disk_availability.py @@ -20,13 +20,6 @@ class DiskAvailability(OpenShiftCheck): 'oo_nodes_to_config': 15 * 10**9, 'oo_etcd_to_config': 20 * 10**9, }, - # Used to copy client binaries into, - # see roles/lib_utils/library/openshift_container_binary_sync.py. - '/usr/local/bin': { - 'oo_masters_to_config': 1 * 10**9, - 'oo_nodes_to_config': 1 * 10**9, - 'oo_etcd_to_config': 1 * 10**9, - }, # Used as temporary storage in several cases. tempfile.gettempdir(): { 'oo_masters_to_config': 1 * 10**9, diff --git a/roles/openshift_health_checker/openshift_checks/etcd_traffic.py b/roles/openshift_health_checker/openshift_checks/etcd_traffic.py index b56d2092b99..0e9fdff49a2 100644 --- a/roles/openshift_health_checker/openshift_checks/etcd_traffic.py +++ b/roles/openshift_health_checker/openshift_checks/etcd_traffic.py @@ -20,13 +20,10 @@ def is_active(self): return super(EtcdTraffic, self).is_active() and valid_group_names and valid_version def run(self): - openshift_is_containerized = self.get_var("openshift_is_containerized") - unit = "etcd_container" if openshift_is_containerized else "etcd" - log_matchers = [{ "start_regexp": r"Starting Etcd Server", "regexp": r"etcd: sync duration of [^,]+, expected less than 1s", - "unit": unit + "unit": "etcd" }] match = self.execute_module("search_journalctl", {"log_matchers": log_matchers}) diff --git a/roles/openshift_health_checker/openshift_checks/mixins.py b/roles/openshift_health_checker/openshift_checks/mixins.py index 477211a5a2d..d487afebf25 100644 --- a/roles/openshift_health_checker/openshift_checks/mixins.py +++ b/roles/openshift_health_checker/openshift_checks/mixins.py @@ -3,17 +3,6 @@ """ -class NotContainerizedMixin(object): - """Mixin for checks that are only active when not in containerized mode.""" - # permanent # pylint: disable=too-few-public-methods - # Reason: The mixin is not intended to stand on its own as a class. - - def is_active(self): - """Only run on non-containerized hosts.""" - openshift_is_atomic = self.get_var("openshift_is_atomic") - return super(NotContainerizedMixin, self).is_active() and not openshift_is_atomic - - class DockerHostMixin(object): """Mixin for checks that are only active on hosts that require Docker.""" @@ -27,13 +16,9 @@ def is_active(self): def ensure_dependencies(self): """ - Ensure that docker-related packages exist, but not on atomic hosts - (which would not be able to install but should already have them). + Ensure that docker-related packages exist. Returns: msg, failed """ - if self.get_var("openshift_is_atomic"): - return "", False - # NOTE: we would use the "package" module but it's actually an action plugin # and it's not clear how to invoke one of those. This is about the same anyway: result = self.execute_module_with_retries( diff --git a/roles/openshift_health_checker/openshift_checks/package_availability.py b/roles/openshift_health_checker/openshift_checks/package_availability.py index dd02bd47e6c..5a002c2a225 100644 --- a/roles/openshift_health_checker/openshift_checks/package_availability.py +++ b/roles/openshift_health_checker/openshift_checks/package_availability.py @@ -1,10 +1,9 @@ """Check that required RPM packages are available.""" from openshift_checks import OpenShiftCheck -from openshift_checks.mixins import NotContainerizedMixin -class PackageAvailability(NotContainerizedMixin, OpenShiftCheck): +class PackageAvailability(OpenShiftCheck): """Check that required RPM packages are available.""" name = "package_availability" @@ -38,10 +37,6 @@ def master_packages(rpm_prefix): "{rpm_prefix}-clients".format(rpm_prefix=rpm_prefix), "{rpm_prefix}-hyperkube".format(rpm_prefix=rpm_prefix), "bash-completion", - "cockpit-bridge", - "cockpit-docker", - "cockpit-system", - "cockpit-ws", "httpd-tools", ] diff --git a/roles/openshift_health_checker/openshift_checks/package_update.py b/roles/openshift_health_checker/openshift_checks/package_update.py index 8464e8a5e00..f04ce5ed26a 100644 --- a/roles/openshift_health_checker/openshift_checks/package_update.py +++ b/roles/openshift_health_checker/openshift_checks/package_update.py @@ -1,9 +1,8 @@ """Check that a yum update would not run into conflicts with available packages.""" from openshift_checks import OpenShiftCheck -from openshift_checks.mixins import NotContainerizedMixin -class PackageUpdate(NotContainerizedMixin, OpenShiftCheck): +class PackageUpdate(OpenShiftCheck): """Check that a yum update would not run into conflicts with available packages.""" name = "package_update" diff --git a/roles/openshift_health_checker/openshift_checks/package_version.py b/roles/openshift_health_checker/openshift_checks/package_version.py index cc2c34ab2b4..32c9d5f62de 100644 --- a/roles/openshift_health_checker/openshift_checks/package_version.py +++ b/roles/openshift_health_checker/openshift_checks/package_version.py @@ -1,10 +1,9 @@ """Check that available RPM packages match the required versions.""" from openshift_checks import OpenShiftCheck -from openshift_checks.mixins import NotContainerizedMixin -class PackageVersion(NotContainerizedMixin, OpenShiftCheck): +class PackageVersion(OpenShiftCheck): """Check that available RPM packages match the required versions.""" name = "package_version" diff --git a/roles/openshift_health_checker/openshift_checks/sdn.py b/roles/openshift_health_checker/openshift_checks/sdn.py index 1dab29c0522..347b60f6db7 100644 --- a/roles/openshift_health_checker/openshift_checks/sdn.py +++ b/roles/openshift_health_checker/openshift_checks/sdn.py @@ -61,8 +61,11 @@ def run(self): oc_executable = self.get_var('openshift_client_binary', default='/bin/oc') oc_executable = self.template_var(oc_executable) - self.save_command_output('oc-version', [oc_executable, - 'version']) + # The oc executable is not installed on containerized nodes, so + # use "2>&1" to capture any error output (such as "command not + # found"), and use "|| :" to ignore the exit code. + self.save_command_output('oc-version', + oc_executable + ' version 2>&1 || :') self.register_file('os-version', None, '/etc/system-release-cpe') except OpenShiftCheckException as exc: diff --git a/roles/openshift_health_checker/test/docker_storage_test.py b/roles/openshift_health_checker/test/docker_storage_test.py index 55336aa307b..e7d82410b3b 100644 --- a/roles/openshift_health_checker/test/docker_storage_test.py +++ b/roles/openshift_health_checker/test/docker_storage_test.py @@ -4,23 +4,18 @@ from openshift_checks.docker_storage import DockerStorage -@pytest.mark.parametrize('openshift_is_atomic, group_names, is_active', [ - (False, ["oo_masters_to_config", "oo_etcd_to_config"], False), - (False, ["oo_masters_to_config", "oo_nodes_to_config"], True), - (True, ["oo_etcd_to_config"], False), +@pytest.mark.parametrize('group_names, is_active', [ + (["oo_masters_to_config", "oo_etcd_to_config"], False), + (["oo_masters_to_config", "oo_nodes_to_config"], True), + (["oo_etcd_to_config"], False), ]) -def test_is_active(openshift_is_atomic, group_names, is_active): +def test_is_active(group_names, is_active): task_vars = dict( - openshift_is_atomic=openshift_is_atomic, group_names=group_names, ) assert DockerStorage(None, task_vars).is_active() == is_active -def non_atomic_task_vars(): - return {"openshift_is_atomic": False} - - @pytest.mark.parametrize('docker_info, failed, expect_msg', [ ( dict(failed=True, msg="Error connecting: Error while fetching server API version"), @@ -100,7 +95,7 @@ def execute_module(module_name, *_): raise ValueError("not expecting module " + module_name) return docker_info - check = DockerStorage(execute_module, non_atomic_task_vars()) + check = DockerStorage(execute_module, {}) check.check_dm_usage = lambda status: dict() # stub out for this test check.check_overlay_usage = lambda info: dict() # stub out for this test result = check.run() @@ -292,7 +287,7 @@ def test_convert_to_bytes_error(string): ), ]) def test_overlay_usage(ansible_mounts, threshold, expect_fail, expect_msg): - task_vars = non_atomic_task_vars() + task_vars = {} task_vars["ansible_mounts"] = ansible_mounts if threshold is not None: task_vars["max_overlay_usage_percent"] = threshold diff --git a/roles/openshift_health_checker/test/etcd_traffic_test.py b/roles/openshift_health_checker/test/etcd_traffic_test.py index 583c4c8dd86..9347c266bdd 100644 --- a/roles/openshift_health_checker/test/etcd_traffic_test.py +++ b/roles/openshift_health_checker/test/etcd_traffic_test.py @@ -36,7 +36,6 @@ def execute_module(module_name, *_): task_vars = dict( group_names=group_names, - openshift_is_containerized=False, openshift_service_type="origin" ) @@ -46,24 +45,3 @@ def execute_module(module_name, *_): assert word in result.get("msg", "") assert result.get("failed", False) == failed - - -@pytest.mark.parametrize('openshift_is_containerized,expected_unit_value', [ - (False, "etcd"), - (True, "etcd_container"), -]) -def test_systemd_unit_matches_deployment_type(openshift_is_containerized, expected_unit_value): - task_vars = dict( - openshift_is_containerized=openshift_is_containerized - ) - - def execute_module(module_name, args, *_): - assert module_name == "search_journalctl" - matchers = args["log_matchers"] - - for matcher in matchers: - assert matcher["unit"] == expected_unit_value - - return {"failed": False} - - EtcdTraffic(execute_module, task_vars).run() diff --git a/roles/openshift_health_checker/test/mixins_test.py b/roles/openshift_health_checker/test/mixins_test.py index 27614fdae81..e69de29bb2d 100644 --- a/roles/openshift_health_checker/test/mixins_test.py +++ b/roles/openshift_health_checker/test/mixins_test.py @@ -1,23 +0,0 @@ -import pytest - -from openshift_checks import OpenShiftCheck, OpenShiftCheckException -from openshift_checks.mixins import NotContainerizedMixin - - -class NotContainerizedCheck(NotContainerizedMixin, OpenShiftCheck): - name = "not_containerized" - run = NotImplemented - - -@pytest.mark.parametrize('task_vars,expected', [ - (dict(openshift_is_atomic=False), True), - (dict(openshift_is_atomic=True), False), -]) -def test_is_active(task_vars, expected): - assert NotContainerizedCheck(None, task_vars).is_active() == expected - - -def test_is_active_missing_task_vars(): - with pytest.raises(OpenShiftCheckException) as excinfo: - NotContainerizedCheck().is_active() - assert 'openshift_is_atomic' in str(excinfo.value) diff --git a/roles/openshift_health_checker/test/package_availability_test.py b/roles/openshift_health_checker/test/package_availability_test.py index a7995ddb40d..206e21318fe 100644 --- a/roles/openshift_health_checker/test/package_availability_test.py +++ b/roles/openshift_health_checker/test/package_availability_test.py @@ -3,16 +3,13 @@ from openshift_checks.package_availability import PackageAvailability -@pytest.mark.parametrize('pkg_mgr,openshift_is_atomic,is_active', [ - ('yum', False, True), - ('yum', True, False), - ('dnf', True, False), - ('dnf', False, False), +@pytest.mark.parametrize('pkg_mgr,is_active', [ + ('yum', True), + ('dnf', False), ]) -def test_is_active(pkg_mgr, openshift_is_atomic, is_active): +def test_is_active(pkg_mgr, is_active): task_vars = dict( ansible_pkg_mgr=pkg_mgr, - openshift_is_atomic=openshift_is_atomic, ) assert PackageAvailability(None, task_vars).is_active() == is_active diff --git a/roles/openshift_health_checker/test/package_version_test.py b/roles/openshift_health_checker/test/package_version_test.py index 4213b6b1399..70f1438b81a 100644 --- a/roles/openshift_health_checker/test/package_version_test.py +++ b/roles/openshift_health_checker/test/package_version_test.py @@ -45,21 +45,18 @@ def execute_module(module_name=None, module_args=None, tmp=None, task_vars=None, assert result == return_value -@pytest.mark.parametrize('group_names,openshift_is_atomic,is_active', [ - (['oo_masters_to_config'], False, True), - # ensure check is skipped on containerized installs - (['oo_masters_to_config'], True, False), - (['oo_nodes_to_config'], False, True), - (['oo_masters_to_config', 'oo_nodes_to_config'], False, True), - (['oo_masters_to_config', 'oo_etcd_to_config'], False, True), - ([], False, False), - (['oo_etcd_to_config'], False, False), - (['lb'], False, False), - (['nfs'], False, False), +@pytest.mark.parametrize('group_names,is_active', [ + (['oo_masters_to_config'], True), + (['oo_nodes_to_config'], True), + (['oo_masters_to_config', 'oo_nodes_to_config'], True), + (['oo_masters_to_config', 'oo_etcd_to_config'], True), + ([], False), + (['oo_etcd_to_config'], False), + (['lb'], False), + (['nfs'], False), ]) -def test_package_version_skip_when_not_master_nor_node(group_names, openshift_is_atomic, is_active): +def test_package_version_skip_when_not_master_nor_node(group_names, is_active): task_vars = dict( group_names=group_names, - openshift_is_atomic=openshift_is_atomic, ) assert PackageVersion(None, task_vars).is_active() == is_active diff --git a/roles/openshift_health_checker/test/sdn_tests.py b/roles/openshift_health_checker/test/sdn_tests.py index 9995f37b04c..3c12f1166aa 100644 --- a/roles/openshift_health_checker/test/sdn_tests.py +++ b/roles/openshift_health_checker/test/sdn_tests.py @@ -227,6 +227,5 @@ def test_no_nodes(): def test_sdn_skip_when_not_master_nor_node(group_names, expected): task_vars = dict( group_names=group_names, - openshift_is_atomic=True, ) assert SDNCheck(None, task_vars).is_active() == expected diff --git a/roles/openshift_hosted/tasks/migrate_default_registry_var.yml b/roles/openshift_hosted/tasks/migrate_default_registry_var.yml deleted file mode 100644 index 6768c863d04..00000000000 --- a/roles/openshift_hosted/tasks/migrate_default_registry_var.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -# This work is to migrate the OPENSHIFT_DEFAULT_REGISTRY variable -# inside of the docker-registry's dc to REGISTRY_OPENSHIFT_SERVER_ADDR -- name: migrate docker registry env var - oc_edit: - kind: dc - name: "{{ openshift_hosted_registry_name }}" - namespace: "{{ openshift_hosted_registry_namespace }}" - edits: - - action: update - key: spec.template.spec.containers[0].env - value: - name: REGISTRY_OPENSHIFT_SERVER_ADDR - value: docker-registry.default.svc:5000 - curr_value: - name: OPENSHIFT_DEFAULT_REGISTRY - value: docker-registry.default.svc:5000 - register: editout - -- debug: - var: editout - verbosity: 1 diff --git a/roles/openshift_hosted/tasks/storage/glusterfs.yml b/roles/openshift_hosted/tasks/storage/glusterfs.yml index 9d48f6f1bb1..7c095f03604 100644 --- a/roles/openshift_hosted/tasks/storage/glusterfs.yml +++ b/roles/openshift_hosted/tasks/storage/glusterfs.yml @@ -35,7 +35,7 @@ mount: state: mounted fstype: glusterfs - src: "{% if 'glusterfs_registry' in groups and groups['glusterfs_registry'] | length > 0 %}{% set node = groups.glusterfs_registry[0] %}{% elif 'glusterfs' in groups and groups['glusterfs'] | length > 0 %}{% set node = groups.glusterfs[0] %}{% endif %}{% if openshift_hosted_registry_storage_glusterfs_ips is defined and openshift_hosted_registry_storage_glusterfs_ips|length > 0 %}{{ openshift_hosted_registry_storage_glusterfs_ips[0] }}{% elif 'glusterfs_hostname' in hostvars[node] %}{{ hostvars[node].glusterfs_hostname }}{% elif 'openshift' in hostvars[node] %}{{ hostvars[node].openshift.node.nodename }}{% else %}{{ node }}{% endif %}:/{{ openshift_hosted_registry_storage_glusterfs_path }}" + src: "{% if 'glusterfs_registry' in groups and groups['glusterfs_registry'] | length > 0 %}{% set node = groups.glusterfs_registry[0] %}{% elif 'glusterfs' in groups and groups['glusterfs'] | length > 0 %}{% set node = groups.glusterfs[0] %}{% endif %}{% if openshift_hosted_registry_storage_glusterfs_ips is defined and openshift_hosted_registry_storage_glusterfs_ips|length > 0 %}{{ openshift_hosted_registry_storage_glusterfs_ips[0] }}{% elif 'glusterfs_hostname' in hostvars[node] %}{{ hostvars[node].glusterfs_hostname }}{% elif 'openshift' in hostvars[node] %}{{ hostvars[node].l_kubelet_node_name }}{% else %}{{ node }}{% endif %}:/{{ openshift_hosted_registry_storage_glusterfs_path }}" name: "{{ mktemp.stdout }}" - name: Set registry volume permissions diff --git a/roles/openshift_hosted/templates/registry_config.j2 b/roles/openshift_hosted/templates/registry_config.j2 index db209d31a9a..50ee5da959a 100644 --- a/roles/openshift_hosted/templates/registry_config.j2 +++ b/roles/openshift_hosted/templates/registry_config.j2 @@ -1,6 +1,6 @@ version: 0.1 log: - level: {{ openshift_hosted_registry_log_level }} + level: {{ openshift_hosted_registry_log_level }} http: addr: :5000 storage: @@ -56,6 +56,9 @@ storage: {% if openshift_hosted_registry_storage_swift_domainid is defined %} domainid: {{ openshift_hosted_registry_storage_swift_domainid }} {% endif -%} +{% if openshift_hosted_registry_storage_swift_insecureskipverify | default(false) | bool %} + insecureskipverify: {{ openshift_hosted_registry_storage_swift_insecureskipverify }} +{% endif -%} {% elif openshift_hosted_registry_storage_provider | default('') == 'gcs' %} gcs: bucket: {{ openshift_hosted_registry_storage_gcs_bucket }} diff --git a/roles/openshift_loadbalancer/tasks/main.yml b/roles/openshift_loadbalancer/tasks/main.yml index c1804c15111..34be1f216ab 100644 --- a/roles/openshift_loadbalancer/tasks/main.yml +++ b/roles/openshift_loadbalancer/tasks/main.yml @@ -1,9 +1,4 @@ --- -- name: Fail if atomic - fail: - msg: "Load balancers on atomic host are no longer supported" - when: openshift_is_atomic - - name: setup firewall import_tasks: firewall.yml diff --git a/roles/openshift_loadbalancer/templates/haproxy.cfg.j2 b/roles/openshift_loadbalancer/templates/haproxy.cfg.j2 index 823f012af72..0507a45e761 100644 --- a/roles/openshift_loadbalancer/templates/haproxy.cfg.j2 +++ b/roles/openshift_loadbalancer/templates/haproxy.cfg.j2 @@ -3,9 +3,6 @@ global maxconn {{ openshift_loadbalancer_global_maxconn | default(20000) }} log /dev/log local0 info -{% if openshift_is_containerized | bool %} - stats socket /var/lib/haproxy/run/haproxy.sock mode 600 level admin -{% else %} chroot /var/lib/haproxy pidfile /var/run/haproxy.pid user haproxy @@ -14,7 +11,6 @@ global # turn on stats unix socket stats socket /var/lib/haproxy/stats -{% endif %} #--------------------------------------------------------------------- # common defaults that all the 'listen' and 'backend' sections will diff --git a/roles/openshift_logging/README.md b/roles/openshift_logging/README.md index 74d9173f482..54aafb9199c 100644 --- a/roles/openshift_logging/README.md +++ b/roles/openshift_logging/README.md @@ -23,7 +23,7 @@ When `openshift_logging_install_logging` is set to `False` the `openshift_loggin - `openshift_logging_use_ops`: If 'True', set up a second ES and Kibana cluster for infrastructure logs. Defaults to 'False'. - `openshift_logging_master_url`: The URL for the Kubernetes master, this does not need to be public facing but should be accessible from within the cluster. Defaults to 'https://kubernetes.default.svc.{{openshift.common.dns_domain}}'. - `openshift_logging_master_public_url`: The public facing URL for the Kubernetes master, this is used for Authentication redirection. Defaults to 'https://{{openshift.common.public_hostname}}:{{openshift_master_api_port}}'. -- `openshift_logging_namespace`: The namespace that Aggregated Logging will be installed in. Defaults to 'logging'. +- `openshift_logging_namespace`: The namespace that Aggregated Logging will be installed in. Defaults to 'openshift-logging'. - `openshift_logging_curator_default_days`: The default minimum age (in days) Curator uses for deleting log records. Defaults to '30'. - `openshift_logging_curator_run_hour`: The hour of the day that Curator will run at. Defaults to '0'. - `openshift_logging_curator_run_minute`: The minute of the hour that Curator will run at. Defaults to '0'. @@ -53,9 +53,9 @@ When `openshift_logging_install_logging` is set to `False` the `openshift_loggin - `openshift_logging_fluentd_use_journal`: *DEPRECATED - DO NOT USE* Fluentd will automatically detect whether or not Docker is using the journald log driver. - `openshift_logging_fluentd_journal_read_from_head`: If empty, Fluentd will use its internal default, which is false. - `openshift_logging_fluentd_hosts`: List of nodes that should be labeled for Fluentd to be deployed to. Defaults to ['--all']. -- `openshift_logging_fluentd_buffer_queue_limit`: Buffer queue limit for Fluentd. Defaults to 1024. -- `openshift_logging_fluentd_buffer_size_limit`: Buffer chunk limit for Fluentd. Defaults to 1m. -- `openshift_logging_fluentd_file_buffer_limit`: Fluentd will set the value to the file buffer limit. Defaults to '1Gi' per destination. +- `openshift_logging_fluentd_buffer_queue_limit`: Buffer queue limit for Fluentd. Defaults to 32. +- `openshift_logging_fluentd_buffer_size_limit`: Buffer chunk limit for Fluentd. Defaults to 8m. +- `openshift_logging_fluentd_file_buffer_limit`: Fluentd will set the value to the file buffer limit. Defaults to '256Mi' per destination. - `openshift_logging_fluentd_audit_container_engine`: When `openshift_logging_fluentd_audit_container_engine` is set to `True`, the audit log of the container engine will be collected and stored in ES. - `openshift_logging_fluentd_audit_file`: Location of audit log file. The default is `/var/log/audit/audit.log` diff --git a/roles/openshift_logging/tasks/main.yaml b/roles/openshift_logging/tasks/main.yaml index f9cdf6f5cad..97afe60103a 100644 --- a/roles/openshift_logging/tasks/main.yaml +++ b/roles/openshift_logging/tasks/main.yaml @@ -109,4 +109,3 @@ state: absent tags: logging_cleanup changed_when: False - become: false diff --git a/roles/openshift_logging_fluentd/templates/fluentd.j2 b/roles/openshift_logging_fluentd/templates/fluentd.j2 index 0c95a8dd335..f86df716977 100644 --- a/roles/openshift_logging_fluentd/templates/fluentd.j2 +++ b/roles/openshift_logging_fluentd/templates/fluentd.j2 @@ -149,7 +149,7 @@ spec: - name: "MUX_CLIENT_MODE" value: "{{ openshift_logging_mux_client_mode }}" {% endif %} -{% if openshift_logging_install_eventrouter is defined and openshift_logging_install_eventrouter %} +{% if openshift_logging_install_eventrouter is defined and (openshift_logging_install_eventrouter | bool) %} - name: "TRANSFORM_EVENTS" value: "true" {% endif %} diff --git a/roles/openshift_logging_mux/templates/mux.j2 b/roles/openshift_logging_mux/templates/mux.j2 index 2337c33d5c7..c3c81a23316 100644 --- a/roles/openshift_logging_mux/templates/mux.j2 +++ b/roles/openshift_logging_mux/templates/mux.j2 @@ -128,6 +128,10 @@ spec: resource: limits.memory - name: "FILE_BUFFER_LIMIT" value: "{{ openshift_logging_mux_file_buffer_limit | default('2Gi') }}" +{% if openshift_logging_install_eventrouter is defined and (openshift_logging_install_eventrouter | bool) %} + - name: "TRANSFORM_EVENTS" + value: "true" +{% endif %} {% if openshift_logging_mux_remote_syslog is defined and openshift_logging_mux_remote_syslog %} - name: USE_REMOTE_SYSLOG diff --git a/roles/openshift_manage_node/tasks/config.yml b/roles/openshift_manage_node/tasks/config.yml index 735b9f6d0ed..b481fe4001c 100644 --- a/roles/openshift_manage_node/tasks/config.yml +++ b/roles/openshift_manage_node/tasks/config.yml @@ -1,7 +1,7 @@ --- - name: Set node schedulability oc_adm_manage_node: - node: "{{ openshift.node.nodename | lower }}" + node: "{{ l_kubelet_node_name | lower }}" schedulable: "{{ 'true' if openshift_schedulable | default(true) | bool else 'false' }}" retries: 10 delay: 5 @@ -9,3 +9,21 @@ until: node_schedulable is succeeded when: "'nodename' in openshift.node" delegate_to: "{{ openshift_master_host }}" + +- name: Wait for sync DS to set annotations on all nodes + oc_obj: + state: list + kind: node + selector: "" + register: node_status + until: + - node_status.results is defined + - node_status.results.results is defined + - node_status.results.results | length > 0 + - node_status.results.results[0]['items'] + | map(attribute='metadata.annotations') | map('list') | flatten + | select('match', 'node.openshift.io/md5sum') | list | length == + node_status.results.results[0]['items'] | length + retries: 180 + delay: 10 + delegate_to: "{{ openshift_master_host }}" diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index a5133ee89c3..55bf0be18f0 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -1,30 +1,7 @@ --- -# Necessary because when you're on a node that's also a master the master will be -# restarted after the node restarts docker and it will take up to 60 seconds for -# systemd to start the master again -- name: Wait for master API to become available before proceeding - # Using curl here since the uri module requires python-httplib2 and - # wait_for port doesn't provide health information. - command: > - curl --silent --tlsv1.2 --max-time 2 - --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt - {{ openshift_node_master_api_url }}/healthz/ready - args: - # Disables the following warning: - # Consider using get_url or uri module rather than running curl - warn: no - register: api_available_output - until: api_available_output.stdout == 'ok' - retries: 120 - delay: 1 - changed_when: false - when: openshift_is_atomic | bool - delegate_to: "{{ openshift_master_host }}" - run_once: true - - name: Wait for Node Registration oc_obj: - name: "{{ openshift.node.nodename }}" + name: "{{ l_kubelet_node_name | lower }}" kind: node state: list register: get_node diff --git a/roles/openshift_management/defaults/main.yml b/roles/openshift_management/defaults/main.yml index e8663c7755c..9b87c66647c 100644 --- a/roles/openshift_management/defaults/main.yml +++ b/roles/openshift_management/defaults/main.yml @@ -70,7 +70,7 @@ openshift_management_storage_nfs_external_hostname: false # # LOCAL NFS NOTE: # -# You may may also change this value if you want to change the default +# You may also change this value if you want to change the default # path used for local NFS exports. openshift_management_storage_nfs_base_dir: /exports # diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml index 5726e4329e6..230644734cb 100644 --- a/roles/openshift_master_certificates/tasks/main.yml +++ b/roles/openshift_master_certificates/tasks/main.yml @@ -137,7 +137,7 @@ when: master_certs_missing | bool - name: Chmod local temp directory for syncing certs - local_action: command chmod 777 "{{ g_master_certs_mktemp.stdout }}" + local_action: file path="{{ g_master_certs_mktemp.stdout }}" mode=0777 changed_when: False when: master_certs_missing | bool diff --git a/roles/openshift_master_facts/tasks/main.yml b/roles/openshift_master_facts/tasks/main.yml index 8bdba4b1495..9f2008b450e 100644 --- a/roles/openshift_master_facts/tasks/main.yml +++ b/roles/openshift_master_facts/tasks/main.yml @@ -43,6 +43,7 @@ session_name: "{{ openshift_master_session_name | default(None) }}" ldap_ca: "{{ openshift_master_ldap_ca | default(lookup('file', openshift_master_ldap_ca_file) if openshift_master_ldap_ca_file is defined else None) }}" openid_ca: "{{ openshift_master_openid_ca | default(lookup('file', openshift_master_openid_ca_file) if openshift_master_openid_ca_file is defined else None) }}" + github_ca: "{{ openshift_master_github_ca | default(lookup('file', openshift_master_github_ca_file) if openshift_master_github_ca_file is defined else None) }}" registry_url: "{{ oreg_url | default(None) }}" registry_selector: "{{ openshift_registry_selector | default(None) }}" api_server_args: "{{ osm_api_server_args | default(None) }}" diff --git a/roles/openshift_metering/defaults/main.yml b/roles/openshift_metering/defaults/main.yml index cbbfbbe0596..2dfd745c42c 100644 --- a/roles/openshift_metering/defaults/main.yml +++ b/roles/openshift_metering/defaults/main.yml @@ -2,6 +2,8 @@ openshift_metering_install: true openshift_metering_operator_image: '' +openshift_metering_enable_monitoring: true + openshift_metering_config: null # Configures AWS Access credentials on all pods which use it for communicating diff --git a/roles/openshift_metering/files/monitoring/rbac/role.yaml b/roles/openshift_metering/files/monitoring/rbac/role.yaml new file mode 100644 index 00000000000..423a1754a25 --- /dev/null +++ b/roles/openshift_metering/files/monitoring/rbac/role.yaml @@ -0,0 +1,17 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: prometheus-k8s + namespace: openshift-metering +rules: +- apiGroups: + - "" + resources: + - nodes + - services + - endpoints + - pods + verbs: + - get + - list + - watch diff --git a/roles/openshift_metering/files/monitoring/rbac/rolebinding.yaml b/roles/openshift_metering/files/monitoring/rbac/rolebinding.yaml new file mode 100644 index 00000000000..cfbed25b1d0 --- /dev/null +++ b/roles/openshift_metering/files/monitoring/rbac/rolebinding.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: prometheus-k8s + namespace: openshift-metering +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: prometheus-k8s +subjects: +- kind: ServiceAccount + name: prometheus-k8s + namespace: openshift-monitoring diff --git a/roles/openshift_metering/files/monitoring/service-monitors/presto-service-monitor.yaml b/roles/openshift_metering/files/monitoring/service-monitors/presto-service-monitor.yaml new file mode 100644 index 00000000000..1a2b67870b8 --- /dev/null +++ b/roles/openshift_metering/files/monitoring/service-monitors/presto-service-monitor.yaml @@ -0,0 +1,20 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: metering-presto + namespace: openshift-monitoring + labels: + k8s-app: metering-presto +spec: + jobLabel: k8s-app + endpoints: + - port: metrics + interval: 30s + scheme: "http" + selector: + matchLabels: + app: presto + metrics: "true" + namespaceSelector: + matchNames: + - openshift-metering diff --git a/roles/openshift_metering/files/monitoring/service-monitors/reporting-operator-service-monitor.yaml b/roles/openshift_metering/files/monitoring/service-monitors/reporting-operator-service-monitor.yaml new file mode 100644 index 00000000000..ee7bc35f529 --- /dev/null +++ b/roles/openshift_metering/files/monitoring/service-monitors/reporting-operator-service-monitor.yaml @@ -0,0 +1,24 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: metering-reporting-operator + namespace: openshift-monitoring + labels: + k8s-app: metering-reporting-operator +spec: + jobLabel: k8s-app + endpoints: + - port: metrics + scheme: "https" + interval: 30s + tlsConfig: + caFile: /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt + serverName: reporting-operator-metrics.openshift-metering.svc + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + selector: + matchLabels: + app: reporting-operator + metrics: "true" + namespaceSelector: + matchNames: + - openshift-metering diff --git a/roles/openshift_metering/tasks/monitoring-install.yml b/roles/openshift_metering/tasks/monitoring-install.yml new file mode 100644 index 00000000000..634ce62f7c8 --- /dev/null +++ b/roles/openshift_metering/tasks/monitoring-install.yml @@ -0,0 +1,28 @@ +--- +- name: Install Role and RoleBinding to allow cluster-monitoring to scrape Metering + oc_obj: + state: present + kind: "{{ obj.kind }}" + name: "{{ obj.metadata.name }}" + namespace: "{{ __openshift_metering_namespace }}" + content: + path: "/tmp/{{ obj.kind }}-{{ obj.metadata.name }}.yaml" + data: "{{ obj }}" + vars: + obj: "{{ lookup('file', item) | from_yaml }}" + with_fileglob: + - "files/monitoring/rbac/*.yaml" + +- name: Install Metering ServiceMonitors into openshift-monitoring namespace + oc_obj: + state: present + kind: "{{ obj.kind }}" + name: "{{ obj.metadata.name }}" + namespace: "openshift-monitoring" + content: + path: "/tmp/{{ obj.kind }}-{{ obj.metadata.name }}.yaml" + data: "{{ obj }}" + vars: + obj: "{{ lookup('file', item) | from_yaml }}" + with_fileglob: + - "files/monitoring/service-monitors/*.yaml" diff --git a/roles/openshift_metering/tasks/monitoring-uninstall.yml b/roles/openshift_metering/tasks/monitoring-uninstall.yml new file mode 100644 index 00000000000..3f4234d6ded --- /dev/null +++ b/roles/openshift_metering/tasks/monitoring-uninstall.yml @@ -0,0 +1,11 @@ +--- +- name: Uninstall Metering ServiceMonitors from openshift-monitoring namespace + oc_obj: + state: absent + kind: "{{ obj.kind }}" + name: "{{ obj.metadata.name }}" + namespace: "openshift-monitoring" + vars: + obj: "{{ lookup('file', item) | from_yaml }}" + with_fileglob: + - "files/monitoring/service-monitors/*.yaml" diff --git a/roles/openshift_metering/tasks/operator-install.yml b/roles/openshift_metering/tasks/operator-install.yml index 02916b5858f..0b071e19fe2 100644 --- a/roles/openshift_metering/tasks/operator-install.yml +++ b/roles/openshift_metering/tasks/operator-install.yml @@ -193,3 +193,7 @@ name: "{{ mktemp.stdout }}" state: absent changed_when: False + +- name: Install monitoring resources + import_tasks: monitoring-install.yml + when: openshift_metering_enable_monitoring | bool diff --git a/roles/openshift_metering/tasks/operator-uninstall.yml b/roles/openshift_metering/tasks/operator-uninstall.yml index 199622143a7..b231473cec3 100644 --- a/roles/openshift_metering/tasks/operator-uninstall.yml +++ b/roles/openshift_metering/tasks/operator-uninstall.yml @@ -14,3 +14,6 @@ oc_clusterrole: state: absent name: "openshift-metering-namespace-viewer-{{ __openshift_metering_namespace }}" + +- name: Uninstall monitoring resources + import_tasks: monitoring-uninstall.yml diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml index edbbb777dc4..e73febd62b8 100644 --- a/roles/openshift_node/defaults/main.yml +++ b/roles/openshift_node/defaults/main.yml @@ -63,13 +63,8 @@ default_r_openshift_node_image_prep_packages: - glusterfs-fuse - device-mapper-multipath - nfs-utils -- cockpit-ws -- cockpit-system -- cockpit-bridge -- cockpit-docker - iscsi-initiator-utils - ceph-common -- atomic r_openshift_node_image_prep_packages: "{{ default_r_openshift_node_image_prep_packages | union(openshift_node_image_prep_packages | default([])) }}" r_openshift_node_os_firewall_deny: [] @@ -101,7 +96,6 @@ r_openshift_node_os_firewall_allow: "{{ default_r_openshift_node_os_firewall_all # oreg_url is defined by user input oreg_auth_credentials_path: "{{ openshift_node_data_dir }}/.docker" -l_bind_docker_reg_auth: False openshift_docker_service_name: "docker" diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml index dbae68ea009..9fc0c9d866f 100644 --- a/roles/openshift_node/handlers/main.yml +++ b/roles/openshift_node/handlers/main.yml @@ -1,4 +1,9 @@ --- +- name: reload systemd units + command: systemctl daemon-reload + when: + - (not skip_node_svc_handlers | default(False) | bool) + - name: restart NetworkManager systemd: name: NetworkManager @@ -13,8 +18,3 @@ state: restarted when: - (not skip_node_svc_handlers | default(False) | bool) - -- name: reload systemd units - command: systemctl daemon-reload - when: - - (not skip_node_svc_handlers | default(False) | bool) diff --git a/roles/openshift_node/tasks/bootstrap.yml b/roles/openshift_node/tasks/bootstrap.yml index d6da7da7ed0..812f06bbe4b 100644 --- a/roles/openshift_node/tasks/bootstrap.yml +++ b/roles/openshift_node/tasks/bootstrap.yml @@ -1,7 +1,6 @@ --- - name: include package installs import_tasks: install_rpms.yml - when: not (openshift_is_atomic | default(False) | bool) - name: create the directory for node file: diff --git a/roles/openshift_node/tasks/config.yml b/roles/openshift_node/tasks/config.yml index 8596d59f022..9cccfaeedb3 100644 --- a/roles/openshift_node/tasks/config.yml +++ b/roles/openshift_node/tasks/config.yml @@ -16,25 +16,6 @@ state: directory mode: 0755 -- name: Create flexvolume directory when running on atomic - file: - state: directory - path: "/etc/origin/kubelet-plugins/volume/exec" - mode: '0750' - when: openshift_is_atomic | bool - - name: include aws provider credentials import_tasks: aws.yml when: not (openshift_node_use_instance_profiles | default(False)) - -- name: Check status of node image pre-pull - async_status: - jid: "{{ image_prepull.ansible_job_id }}" - register: job_result - until: job_result.finished - when: - - node_image.stdout_lines == [] - - not openshift_is_atomic | bool - retries: 20 - delay: 30 - failed_when: false diff --git a/roles/openshift_node/tasks/dnsmasq_install.yml b/roles/openshift_node/tasks/dnsmasq_install.yml index fca1389b0b5..baf44d45899 100644 --- a/roles/openshift_node/tasks/dnsmasq_install.yml +++ b/roles/openshift_node/tasks/dnsmasq_install.yml @@ -16,7 +16,6 @@ state: present register: result until: result is succeeded - when: not openshift_is_atomic | bool - name: ensure origin/node directory exists file: diff --git a/roles/openshift_node/tasks/glusterfs.yml b/roles/openshift_node/tasks/glusterfs.yml index 9d52140f38b..8db1daedbdf 100644 --- a/roles/openshift_node/tasks/glusterfs.yml +++ b/roles/openshift_node/tasks/glusterfs.yml @@ -3,7 +3,6 @@ package: name: glusterfs-fuse state: present - when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/openshift_node/tasks/install.yml b/roles/openshift_node/tasks/install.yml index fef6e13b2e8..fc07fa74dd9 100644 --- a/roles/openshift_node/tasks/install.yml +++ b/roles/openshift_node/tasks/install.yml @@ -10,5 +10,3 @@ - "{{ openshift_service_type }}-node{{ (openshift_pkg_version | default('')) | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}" - "{{ openshift_service_type }}-clients{{ (openshift_pkg_version | default('')) | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}" - conntrack-tools - when: - - not openshift_is_atomic | bool diff --git a/roles/openshift_node/tasks/install_rpms.yml b/roles/openshift_node/tasks/install_rpms.yml index 77fb92e8bed..bbfcf288d09 100644 --- a/roles/openshift_node/tasks/install_rpms.yml +++ b/roles/openshift_node/tasks/install_rpms.yml @@ -5,4 +5,3 @@ state: present register: result until: result is succeeded - when: not (openshift_is_atomic | default(False) | bool) diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index e86600c9198..54ad4afddf9 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -6,9 +6,6 @@ - openshift_deployment_type == 'openshift-enterprise' - not openshift_use_crio | bool -- name: Start node image prepull - import_tasks: prepull.yml - - import_tasks: dnsmasq_install.yml - import_tasks: dnsmasq.yml @@ -32,6 +29,9 @@ enabled: yes state: restarted +- name: Start node image prepull + import_tasks: prepull.yml + - name: include node installer import_tasks: install.yml @@ -59,6 +59,8 @@ - import_tasks: registry_auth.yml +- import_tasks: prepull_check.yml + - name: include standard node config import_tasks: config.yml diff --git a/roles/openshift_node/tasks/node_system_container.yml b/roles/openshift_node/tasks/node_system_container.yml deleted file mode 100644 index 502d7086992..00000000000 --- a/roles/openshift_node/tasks/node_system_container.yml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# system containers create their own service unit files based on templates -# that are part of the container image. -# oc_atomic_container will create a systemd service unit file in -# /etc/systemd/system/origin-node.service (origin) or -# /etc/systemd/system/atomic-openshift-node.service (enterprise) - -# TODO: remove when system container is fixed to not include it -- name: Ensure old system path is set - file: - state: directory - path: "{{ item }}" - mode: '0750' - with_items: - - "/etc/origin/openvswitch" - - "/var/lib/kubelet" - - "/opt/cni/bin" - -- name: Check status of node image pre-pull - async_status: - jid: "{{ image_prepull.ansible_job_id }}" - register: job_result - until: job_result.finished - when: - - node_image is defined - - node_image.stdout_lines == [] - retries: 20 - delay: 30 - failed_when: false - -- name: Copy node container image to ostree storage - command: > - atomic pull --storage=ostree docker:{{ osn_image }} - register: pull_result - retries: 3 - delay: 5 - until: pull_result.rc == 0 - changed_when: "'Pulling layer' in pull_result.stdout" - -- import_tasks: node_system_container_install.yml - -# TODO: network manager on RHEL is failing to execute 99-origin-dns.sh with signal 13, an immediate -# restart seems to allow the job to configure. Only occurs with system containers. -- name: Restart network manager to ensure networking configuration is in place - systemd: - name: NetworkManager - enabled: yes - state: restarted diff --git a/roles/openshift_node/tasks/node_system_container_install.yml b/roles/openshift_node/tasks/node_system_container_install.yml deleted file mode 100644 index 3b582ab0842..00000000000 --- a/roles/openshift_node/tasks/node_system_container_install.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -- name: Install or Update node system container - oc_atomic_container: - name: "{{ openshift_service_type }}-node" - image: "{{ system_osn_image }}" - values: - - "DNS_DOMAIN={{ openshift.common.dns_domain }}" - - "DOCKER_SERVICE={{ openshift_docker_service_name }}.service" - - 'ADDTL_MOUNTS={{ l_node_syscon_add_mounts2 }}' - state: latest - vars: - # We need to evaluate some variables here to ensure - # l_bind_docker_reg_auth is evaluated after registry_auth.yml has been - # processed. - - # Determine if we want to include auth credentials mount. - l_node_syscon_auth_mounts_l: "{{ l_bind_docker_reg_auth | ternary(openshift_node_syscon_auth_mounts_l,[]) }}" - - # Join any user-provided mounts and auth_mounts into a combined list. - l_node_syscon_add_mounts_l: "{{ openshift_node_syscon_add_mounts_l | union(l_node_syscon_auth_mounts_l) }}" - - # We must prepend a ',' here to ensure the value is inserted properly into an - # existing json list in the container's config.json - # lib_utils_oo_l_of_d_to_csv is a custom filter plugin in roles/lib_utils/oo_filters.py - l_node_syscon_add_mounts: ",{{ l_node_syscon_add_mounts_l | lib_utils_oo_l_of_d_to_csv }}" - # if we have just a ',' then both mount lists were empty, we don't want to add - # anything to config.json - l_node_syscon_add_mounts2: "{{ (l_node_syscon_add_mounts != ',') | bool | ternary(l_node_syscon_add_mounts,'') }}" diff --git a/roles/openshift_node/tasks/prepull.yml b/roles/openshift_node/tasks/prepull.yml index 57f2dcb36b5..8979265c641 100644 --- a/roles/openshift_node/tasks/prepull.yml +++ b/roles/openshift_node/tasks/prepull.yml @@ -5,12 +5,24 @@ # This task runs async to save time while the node is being configured - name: Pre-pull node image - docker_image: - name: "{{ osn_image }}" - environment: - NO_PROXY: "{{ openshift.common.no_proxy | default('') }}" + command: "{{ openshift_container_cli }} pull {{ osn_image }}" when: node_image.stdout_lines == [] # 10 minutes to pull the image async: 600 poll: 0 register: image_prepull + +- name: Check that pod image is present + command: "{{ openshift_container_cli }} images -q {{ osn_pod_image }}" + register: pod_image + +# This task runs async to save time while other downloads proceed +- name: pre-pull pod image + command: "{{ openshift_container_cli }} pull {{ osn_pod_image }}" + environment: + NO_PROXY: "{{ openshift.common.no_proxy | default('') }}" + when: pod_image.stdout_lines == [] + # 10 minutes to pull the image + async: 600 + poll: 0 + register: pod_image_prepull diff --git a/roles/openshift_node/tasks/prepull_check.yml b/roles/openshift_node/tasks/prepull_check.yml new file mode 100644 index 00000000000..49eefeeed53 --- /dev/null +++ b/roles/openshift_node/tasks/prepull_check.yml @@ -0,0 +1,21 @@ +--- +- name: Check status of node image pre-pull + async_status: + jid: "{{ image_prepull.ansible_job_id }}" + register: job_result + until: job_result.finished + when: + - node_image.stdout_lines == [] + retries: 20 + delay: 30 + failed_when: false + +- name: Check status of node pod image pre-pull + async_status: + jid: "{{ pod_image_prepull.ansible_job_id }}" + register: job_result + until: job_result.finished + when: pod_image.stdout_lines == [] + retries: 20 + delay: 30 + failed_when: false diff --git a/roles/openshift_node/tasks/registry_auth.yml b/roles/openshift_node/tasks/registry_auth.yml index 92dd869dbd6..ea4d64b3e0e 100644 --- a/roles/openshift_node/tasks/registry_auth.yml +++ b/roles/openshift_node/tasks/registry_auth.yml @@ -22,7 +22,7 @@ # Test that we can actually connect with provided info test_login: "{{ oreg_test_login | default(True) }}" proxy_vars: "{{ l_docker_creds_proxy_vars }}" - image_name: "{{ l_docker_creds_image_name }}" + test_image: "{{ l_docker_creds_test_image }}" when: - oreg_auth_user is defined register: node_oreg_auth_credentials_create @@ -30,13 +30,22 @@ delay: 5 until: node_oreg_auth_credentials_create is succeeded -# Container images may need the registry credentials -- name: Setup ro mount of /root/.docker for containerized hosts - set_fact: - l_bind_docker_reg_auth: True +- name: Create credentials for any additional registries + docker_creds: + path: "{{ oreg_auth_credentials_path }}" + registry: "{{ item.host }}" + username: "{{ item.user | default('openshift') }}" + password: "{{ item.password }}" + # Test that we can actually connect with provided info + test_login: "{{ item.test_login | default(omit) }}" + proxy_vars: "{{ l_docker_creds_proxy_vars }}" + test_image: "{{ item.test_image | default('openshift3/ose-pod') }}" + tls_verify: "{{ item.tls_verify | default(omit) }}" when: - - openshift_is_atomic | bool - - oreg_auth_user is defined - - > - (node_oreg_auth_credentials_stat.stat.exists - or node_oreg_auth_credentials_create.changed) | bool + - openshift_additional_registry_credentials != [] + register: node_additional_registry_creds + retries: 3 + delay: 5 + until: node_additional_registry_creds is succeeded + with_items: + "{{ openshift_additional_registry_credentials }}" diff --git a/roles/openshift_node/tasks/storage_plugins/ceph.yml b/roles/openshift_node/tasks/storage_plugins/ceph.yml index 2becf966912..d71ffca6518 100644 --- a/roles/openshift_node/tasks/storage_plugins/ceph.yml +++ b/roles/openshift_node/tasks/storage_plugins/ceph.yml @@ -3,6 +3,5 @@ package: name: ceph-common state: present - when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/openshift_node/tasks/storage_plugins/iscsi.yml b/roles/openshift_node/tasks/storage_plugins/iscsi.yml index ef9f46752e8..d31fb458fcb 100644 --- a/roles/openshift_node/tasks/storage_plugins/iscsi.yml +++ b/roles/openshift_node/tasks/storage_plugins/iscsi.yml @@ -3,7 +3,6 @@ package: name: "{{ pkg_list | join(',') }}" state: present - when: not openshift_is_atomic | bool register: result until: result is succeeded vars: @@ -16,7 +15,6 @@ name: "{{ item }}" state: started enabled: True - when: not openshift_is_atomic | bool with_items: - multipathd - rpcbind @@ -27,9 +25,7 @@ dest: "/etc/multipath.conf" src: multipath.conf.j2 backup: true - when: not openshift_is_atomic | bool #enable multipath - name: Enable and start multipath command: "mpathconf --enable --with_multipathd y" - when: not openshift_is_atomic | bool diff --git a/roles/openshift_node/tasks/storage_plugins/nfs.yml b/roles/openshift_node/tasks/storage_plugins/nfs.yml index d711bb0c710..71ccad28f69 100644 --- a/roles/openshift_node/tasks/storage_plugins/nfs.yml +++ b/roles/openshift_node/tasks/storage_plugins/nfs.yml @@ -3,7 +3,6 @@ package: name: nfs-utils state: present - when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/openshift_node/tasks/systemd_units.yml b/roles/openshift_node/tasks/systemd_units.yml index 620bf927515..963f36c6c1f 100644 --- a/roles/openshift_node/tasks/systemd_units.yml +++ b/roles/openshift_node/tasks/systemd_units.yml @@ -9,14 +9,8 @@ template: dest: "/etc/systemd/system/{{ openshift_service_type }}-node.service" src: "node.service.j2" - when: not openshift_is_atomic | bool notify: - reload systemd units -- name: Install node system container - import_tasks: node_system_container.yml - when: openshift_is_atomic | bool - - - import_tasks: config/configure-node-settings.yml - import_tasks: configure-proxy-settings.yml diff --git a/roles/openshift_node/tasks/upgrade.yml b/roles/openshift_node/tasks/upgrade.yml index 0513fd00e55..6a07e265ff6 100644 --- a/roles/openshift_node/tasks/upgrade.yml +++ b/roles/openshift_node/tasks/upgrade.yml @@ -1,10 +1,8 @@ --- # input variables: # - l_docker_upgrade -# - openshift_is_atomic # - node_config_hook # - openshift_pkg_version -# - openshift_release # tasks file for openshift_node_upgrade @@ -52,7 +50,6 @@ - name: install pre-pulled rpms. import_tasks: upgrade/rpm_upgrade_install.yml - when: not openshift_is_atomic | bool # TODO(michaelgugino): Remove in 3.12 - import_tasks: selinux_container_cgroup.yml @@ -65,6 +62,18 @@ - import_tasks: dnsmasq_install.yml - import_tasks: dnsmasq.yml +- name: ensure dnsmasq is always restarted + debug: + msg: "Restarting dnsmasq" + # changed_when: True required for debug tasks to trigger handlers. + changed_when: True + notify: + - reload systemd units + - restart dnsmasq + +# Need to flush handlers here so dnsmasq is restarted and daemon-reload +- meta: flush_handlers + # Restart all services - import_tasks: upgrade/restart.yml @@ -73,12 +82,10 @@ oc_bin: "{{ hostvars[groups.oo_first_master.0]['first_master_client_binary'] }}" oc_conf: "{{ openshift.common.config_base }}/master/admin.kubeconfig" node_list: - - "{{ openshift.node.nodename | lower }}" + - "{{ l_kubelet_node_name | lower }}" delegate_to: "{{ groups.oo_first_master.0 }}" register: node_upgrade_oc_csr_approve retries: 30 until: node_upgrade_oc_csr_approve is succeeded - import_tasks: journald.yml - -- meta: flush_handlers diff --git a/roles/openshift_node/tasks/upgrade/config_changes.yml b/roles/openshift_node/tasks/upgrade/config_changes.yml index 1d559f348fe..e3a8885edbf 100644 --- a/roles/openshift_node/tasks/upgrade/config_changes.yml +++ b/roles/openshift_node/tasks/upgrade/config_changes.yml @@ -38,11 +38,3 @@ line: pause_image = "{{ openshift_crio_pause_image }}" regexp: '^pause_image =' when: crio_conf.stat.exists == True - -# NOTE: This is needed to make sure we are using the correct set -# of systemd unit files. The RPMs lay down defaults but -# the install/upgrade may override them in /etc/systemd/system/. -# NOTE: We don't use the systemd module as some versions of the module -# require a service to be part of the call. -- name: Reload systemd units - command: systemctl daemon-reload diff --git a/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml b/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml index b40907b749e..9777a8e7c43 100644 --- a/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml +++ b/roles/openshift_node/tasks/upgrade/rpm_upgrade.yml @@ -3,7 +3,6 @@ # - openshift_service_type # - component # - openshift_pkg_version -# - openshift_is_atomic # When we update package "a-${version}" and a requires b >= ${version} if we # don't specify the version of b yum will choose the latest version of b diff --git a/roles/openshift_node/tasks/upgrade/rpm_upgrade_install.yml b/roles/openshift_node/tasks/upgrade/rpm_upgrade_install.yml index 12d8ef06097..1dca51de1c3 100644 --- a/roles/openshift_node/tasks/upgrade/rpm_upgrade_install.yml +++ b/roles/openshift_node/tasks/upgrade/rpm_upgrade_install.yml @@ -3,7 +3,6 @@ # - openshift_service_type # - component # - openshift_pkg_version -# - openshift_is_atomic # When we update package "a-${version}" and a requires b >= ${version} if we # don't specify the version of b yum will choose the latest version of b diff --git a/roles/openshift_node/tasks/upgrade/stop_services.yml b/roles/openshift_node/tasks/upgrade/stop_services.yml index 6b26f2cb9b3..ed7efe0d795 100644 --- a/roles/openshift_node/tasks/upgrade/stop_services.yml +++ b/roles/openshift_node/tasks/upgrade/stop_services.yml @@ -7,16 +7,17 @@ - "{{ openshift_service_type }}-node" failed_when: false -- service: +- name: stop docker to kill static pods + service: name: docker state: stopped register: l_openshift_node_upgrade_docker_stop_result until: not (l_openshift_node_upgrade_docker_stop_result is failed) retries: 3 delay: 30 - when: - - l_docker_upgrade is defined - - l_docker_upgrade | bool + when: > + inventory_hostname in groups['oo_masters_to_config'] + or (l_docker_upgrade is defined and l_docker_upgrade | bool) - name: Stop crio service: diff --git a/roles/openshift_node/tasks/upgrade_pre.yml b/roles/openshift_node/tasks/upgrade_pre.yml index 1b5711d9e1f..a7e1edfe254 100644 --- a/roles/openshift_node/tasks/upgrade_pre.yml +++ b/roles/openshift_node/tasks/upgrade_pre.yml @@ -7,11 +7,13 @@ - import_tasks: registry_auth.yml +# Prepull the node and pod image, it's used by lots of components +- import_tasks: prepull.yml + - name: update package meta data to speed install later. command: "{{ ansible_pkg_mgr }} makecache" register: result until: result is succeeded - when: not openshift_is_atomic | bool # Prepull the rpms for docker upgrade, but don't install - name: download docker upgrade rpm @@ -34,4 +36,5 @@ - "cri-tools" - import_tasks: upgrade/rpm_upgrade.yml - when: not openshift_is_atomic | bool + +- import_tasks: prepull_check.yml diff --git a/roles/openshift_node_group/files/sync.yaml b/roles/openshift_node_group/files/sync.yaml index 13a5338bd02..4874e34f506 100644 --- a/roles/openshift_node_group/files/sync.yaml +++ b/roles/openshift_node_group/files/sync.yaml @@ -102,18 +102,27 @@ spec: ) & break done - + mkdir -p /etc/origin/node/tmp # periodically refresh both node-config.yaml and relabel the node while true; do - if ! oc extract "configmaps/${name}" -n openshift-node --to=/etc/origin/node --confirm --request-timeout=10s --config /etc/origin/node/node.kubeconfig "--token=$( cat /var/run/secrets/kubernetes.io/serviceaccount/token )" > /dev/null; then + if ! oc extract "configmaps/${name}" -n openshift-node --to=/etc/origin/node/tmp --confirm --request-timeout=10s --config /etc/origin/node/node.kubeconfig "--token=$( cat /var/run/secrets/kubernetes.io/serviceaccount/token )" > /dev/null; then echo "error: Unable to retrieve latest config for node" 2>&1 sleep 15 & wait $! continue fi + + KUBELET_HOSTNAME_OVERRIDE=$(cat /etc/sysconfig/KUBELET_HOSTNAME_OVERRIDE) || : + if ! [[ -z "$KUBELET_HOSTNAME_OVERRIDE" ]]; then + #Patching node-config for hostname override + echo "nodeName: $KUBELET_HOSTNAME_OVERRIDE" >> /etc/origin/node/tmp/node-config.yaml + fi + # detect whether the node-config.yaml has changed, and if so trigger a restart of the kubelet. - md5sum /etc/origin/node/node-config.yaml > /tmp/.new + md5sum /etc/origin/node/tmp/node-config.yaml > /tmp/.new if [[ "$( cat /tmp/.old )" != "$( cat /tmp/.new )" ]]; then + mv /etc/origin/node/tmp/node-config.yaml /etc/origin/node/node-config.yaml + SYSTEMD_IGNORE_CHROOT=1 systemctl restart tuned || : echo "info: Configuration changed, restarting kubelet" 2>&1 # TODO: kubelet doesn't relabel nodes, best effort for now # https://github.com/kubernetes/kubernetes/issues/59314 @@ -141,6 +150,9 @@ spec: continue fi fi + # annotate node with md5sum of the config + oc annotate --config=/etc/origin/node/node.kubeconfig "node/${NODE_NAME}" \ + node.openshift.io/md5sum="$( cat /tmp/.new | cut -d' ' -f1 )" --overwrite cp -f /tmp/.new /tmp/.old sleep 180 & wait $! @@ -161,6 +173,13 @@ spec: - mountPath: /etc/sysconfig name: host-sysconfig-node readOnly: true + - mountPath: /var/run/dbus + name: var-run-dbus + readOnly: true + - mountPath: /run/systemd/system + name: run-systemd-system + readOnly: true + volumes: # In bootstrap mode, the host config contains information not easily available @@ -171,3 +190,12 @@ spec: - name: host-sysconfig-node hostPath: path: /etc/sysconfig + - hostPath: + path: /var/run/dbus + name: var-run-dbus + - hostPath: + path: /run/systemd/system + name: run-systemd-system + # Sync daemonset should tolerate all taints to make sure it runs on all nodes + tolerations: + - operator: "Exists" diff --git a/roles/openshift_node_group/tasks/migrate_imageconfig.yml b/roles/openshift_node_group/tasks/migrate_imageconfig.yml new file mode 100644 index 00000000000..a61cec6c2bb --- /dev/null +++ b/roles/openshift_node_group/tasks/migrate_imageconfig.yml @@ -0,0 +1,15 @@ +--- +# This file is used to migrate imageConfig.format when changing component +# registries. + +- name: patch existing node config maps + include_tasks: create_config.yml + vars: + l_openshift_node_group_name: "{{ node_group.name }}" + l_openshift_node_group_edits: + - key: "imageConfig.format" + value: "{{ l_os_non_standard_reg_url }}" + l_openshift_node_group_labels: "{{ node_group.labels }}" + with_items: "{{ openshift_node_groups }}" + loop_control: + loop_var: node_group diff --git a/roles/openshift_node_group/tasks/sync.yml b/roles/openshift_node_group/tasks/sync.yml index 42905573850..ac766551b94 100644 --- a/roles/openshift_node_group/tasks/sync.yml +++ b/roles/openshift_node_group/tasks/sync.yml @@ -70,5 +70,37 @@ - __status_of_sync_ds.results.results[0].status.desiredNumberScheduled is defined - __status_of_sync_ds.results.results[0].status.numberAvailable == __status_of_sync_ds.results.results[0].status.desiredNumberScheduled retries: 60 - delay: 30 - failed_when: false + delay: 10 + +- name: Wait for sync DS to set annotations on master nodes + oc_obj: + state: list + kind: node + selector: "" + register: node_status + until: + - node_status.results is defined + - node_status.results.results is defined + - node_status.results.results | length > 0 + - node_status.results.results[0]['items'] + | map(attribute='metadata.annotations') | map('list') | flatten + | select('match', 'node.openshift.io/md5sum') | list | length == + node_status.results.results[0]['items'] | length + retries: 180 + delay: 10 + +# Sync DS may have restarted masters +- name: Verify api server is available + command: > + curl --silent --tlsv1.2 + --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt + {{ openshift.master.api_url }}/healthz/ready + args: + # Disables the following warning: + # Consider using get_url or uri module rather than running curl + warn: no + register: api_available_output + until: api_available_output.stdout == 'ok' + retries: 120 + delay: 1 + changed_when: false diff --git a/roles/openshift_node_group/templates/node-config.yaml.j2 b/roles/openshift_node_group/templates/node-config.yaml.j2 index d4579860493..67e534c1043 100644 --- a/roles/openshift_node_group/templates/node-config.yaml.j2 +++ b/roles/openshift_node_group/templates/node-config.yaml.j2 @@ -20,10 +20,6 @@ imageConfig: latest: false iptablesSyncPeriod: "{{ openshift_node_iptables_sync_period }}" kubeletArguments: -{% if openshift_is_atomic | bool %} - volume-plugin-dir: - - "/etc/origin/kubelet-plugins/volume/exec" -{% endif %} {% if openshift_use_crio | bool %} container-runtime: - remote @@ -73,6 +69,9 @@ servingInfo: bindAddress: 0.0.0.0:10250 bindNetwork: tcp4 clientCA: client-ca.crt +proxyArguments: + cluster-cidr: + - {{ openshift_cluster_network_cidr }} volumeConfig: localQuota: perFSGroup: null diff --git a/roles/openshift_node_problem_detector/defaults/main.yaml b/roles/openshift_node_problem_detector/defaults/main.yaml index 6766d2c30e1..f5e534ceef3 100644 --- a/roles/openshift_node_problem_detector/defaults/main.yaml +++ b/roles/openshift_node_problem_detector/defaults/main.yaml @@ -5,17 +5,8 @@ openshift_node_problem_detector_tmp_location: /tmp openshift_node_problem_detector_delete_tempfiles: True # node-problem-detector image setup -openshift_node_problem_detector_image_dict: - origin: - prefix: "docker.io/openshift/" - version: "{{ openshift_image_tag }}" - openshift-enterprise: - prefix: "registry.redhat.io/openshift3/ose-" - version: "{{ openshift_image_tag }}" - -openshift_node_problem_detector_image_prefix: "{{ openshift_node_problem_detector_image_dict[openshift_deployment_type]['prefix'] }}" -openshift_node_problem_detector_image_version: "{{ openshift_node_problem_detector_image_dict[openshift_deployment_type]['version'] }}" +openshift_node_problem_detector_image: "{{ l_osm_registry_url | regex_replace('${component}' | regex_escape, 'node-problem-detector') }}" # node_problem_detector daemonset setup openshift_node_problem_detector_daemonset_name: node-problem-detector diff --git a/roles/openshift_node_problem_detector/templates/node-problem-detector-daemonset.yaml.j2 b/roles/openshift_node_problem_detector/templates/node-problem-detector-daemonset.yaml.j2 index aa66e80288c..ea0e6240022 100644 --- a/roles/openshift_node_problem_detector/templates/node-problem-detector-daemonset.yaml.j2 +++ b/roles/openshift_node_problem_detector/templates/node-problem-detector-daemonset.yaml.j2 @@ -21,7 +21,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - image: {{ openshift_node_problem_detector_image_prefix }}node-problem-detector:{{ openshift_node_problem_detector_image_version }} + image: {{ openshift_node_problem_detector_image }} imagePullPolicy: {{ openshift_node_problem_detector_image_pull_policy }} name: {{ openshift_node_problem_detector_daemonset_name }} resources: {} diff --git a/roles/openshift_openstack/defaults/main.yml b/roles/openshift_openstack/defaults/main.yml index a3dfd73d40f..311a5ec4a7f 100644 --- a/roles/openshift_openstack/defaults/main.yml +++ b/roles/openshift_openstack/defaults/main.yml @@ -1,7 +1,20 @@ --- +openshift_use_all_in_one_cluster_deployment: False +openshift_use_cinder_persistent_volume: False +openshift_use_cinder_registry: False +openshift_use_kuryr: False +openshift_use_openstack_ssl: False +openshift_use_swift_registry: False + +openshift_openstack_use_neutron_internal_dns: False +openshift_openstack_use_no_floating_ip: False +openshift_openstack_use_nsupdate: True +openshift_openstack_use_provider_network: False + openshift_openstack_stack_state: 'present' openshift_openstack_ssh_ingress_cidr: 0.0.0.0/0 +openshift_openstack_master_ingress_cidr: 0.0.0.0/0 openshift_openstack_node_ingress_cidr: 0.0.0.0/0 openshift_openstack_lb_ingress_cidr: 0.0.0.0/0 openshift_openstack_num_etcd: 0 @@ -15,7 +28,9 @@ openshift_openstack_nodes_to_remove: [] openshift_openstack_use_lbaas_load_balancer: false openshift_openstack_lbaasv2_provider: Octavia openshift_openstack_use_vm_load_balancer: false +openshift_openstack_api_lb_listeners_timeout: 500000 +openshift_docker_service_name: "docker" # container-storage-setup openshift_openstack_container_storage_setup: @@ -38,6 +53,11 @@ openshift_openstack_nsupdate_zone: "{{ openshift_openstack_full_dns_domain }}" # heat vars +openshift_openstack_master_floating_ip: true +openshift_openstack_infra_floating_ip: true +openshift_openstack_compute_floating_ip: true +openshift_openstack_etcd_floating_ip: true +openshift_openstack_load_balancer_floating_ip: true openshift_openstack_heat_template_version: pike openshift_openstack_clusterid: openshift openshift_openstack_stack_name: "openshift-cluster" @@ -71,6 +91,8 @@ openshift_openstack_lb_image: "{{ openshift_openstack_default_image_name }}" openshift_openstack_etcd_image: "{{ openshift_openstack_default_image_name }}" openshift_openstack_provider_network_name: null openshift_openstack_external_network_name: null +openshift_openstack_router_name: null +openshift_openstack_node_subnet_name: null openshift_openstack_private_network: >- {% if openshift_openstack_provider_network_name | default(None) -%} {{ openshift_openstack_provider_network_name }} @@ -138,14 +160,6 @@ openshift_openstack_master_secgroup_rules: protocol: udp port_range_min: 24224 port_range_max: 24224 - - direction: ingress - protocol: tcp - port_range_min: 2224 - port_range_max: 2224 - - direction: ingress - protocol: udp - port_range_min: 5404 - port_range_max: 5405 - direction: ingress protocol: tcp port_range_min: 9090 @@ -154,6 +168,11 @@ openshift_openstack_etcd_secgroup_rules: - direction: ingress protocol: tcp port_range_min: 2379 + port_range_max: 2379 + remote_ip_prefix: "{{ openshift_openstack_master_ingress_cidr }}" + - direction: ingress + protocol: tcp + port_range_min: 2380 port_range_max: 2380 remote_mode: remote_group_id openshift_openstack_node_secgroup_rules: @@ -171,36 +190,17 @@ openshift_openstack_node_secgroup_rules: port_range_min: 10250 port_range_max: 10250 remote_mode: remote_group_id - - direction: ingress - protocol: udp - port_range_min: 10250 - port_range_max: 10250 - remote_mode: remote_group_id - - direction: ingress - protocol: tcp - port_range_min: 10255 - port_range_max: 10255 - remote_mode: remote_group_id - - direction: ingress - protocol: udp - port_range_min: 10255 - port_range_max: 10255 - remote_mode: remote_group_id - direction: ingress protocol: udp port_range_min: 4789 port_range_max: 4789 remote_mode: remote_group_id + # NOTE: 10010/tcp required by cri-o stream protocol (oc exec/oc rsh) - direction: ingress protocol: tcp - port_range_min: 30000 - port_range_max: 32767 - remote_ip_prefix: "{{ openshift_openstack_node_ingress_cidr }}" - - direction: ingress - protocol: tcp - port_range_min: 30000 - port_range_max: 32767 - remote_ip_prefix: "{{ openshift_openstack_subnet_cidr }}" + port_range_min: 10010 + port_range_max: 10010 + remote_mode: remote_group_id openshift_openstack_infra_secgroup_rules: - direction: ingress protocol: tcp @@ -210,10 +210,6 @@ openshift_openstack_infra_secgroup_rules: protocol: tcp port_range_min: 443 port_range_max: 443 - - direction: ingress - protocol: tcp - port_range_min: 1936 - port_range_max: 1936 openshift_openstack_cns_secgroup_rules: # rpcbind - direction: ingress diff --git a/roles/openshift_openstack/library/os_lbaas_listener_timeout.py b/roles/openshift_openstack/library/os_lbaas_listener_timeout.py new file mode 100644 index 00000000000..e592bcb32b1 --- /dev/null +++ b/roles/openshift_openstack/library/os_lbaas_listener_timeout.py @@ -0,0 +1,100 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright 2018 Red Hat, Inc. and/or its affiliates +# and other contributors as indicated by the @author tags. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# pylint: disable=unused-wildcard-import,wildcard-import,unused-import,redefined-builtin + +''' os_lbaas_deletion ''' +import keystoneauth1 + +from ansible.module_utils.basic import AnsibleModule + +try: + import shade + HAS_SHADE = True +except ImportError: + HAS_SHADE = False + +DOCUMENTATION = ''' +--- +module: os_lbaas_listener_timeout +short_description: Modify Octavia listener connection timeouts +description: + - Set the client and member data timeouts to the specified value (ms) +author: + - "Luis Tomas Bolivar " +''' + +RETURN = ''' +''' + + +def main(): + ''' Main module function ''' + module = AnsibleModule( + argument_spec=dict( + timeout=dict(default=50000, type='int'), + listener_name=dict(required=True, type='str'), + ), + supports_check_mode=True, + ) + + if not HAS_SHADE: + module.fail_json(msg='shade is required for this module') + + try: + cloud = shade.openstack_cloud() + # pylint: disable=broad-except + except Exception: + module.fail_json(msg='Failed to connect to the cloud') + + try: + adapter = keystoneauth1.adapter.Adapter( + session=cloud.keystone_session, + service_type=cloud.cloud_config.get_service_type('load-balancer'), + interface=cloud.cloud_config.get_interface('load-balancer'), + endpoint_override=cloud.cloud_config.get_endpoint('load-balancer'), + version=cloud.cloud_config.get_api_version('load-balancer')) + # pylint: disable=broad-except + except Exception: + module.fail_json(msg='Failed to get an adapter to talk to the Octavia ' + 'API') + try: + listeners = adapter.get( + 'v2.0/lbaas/listeners?name=' + module.params['listener_name']) + # pylint: disable=broad-except + except Exception: + module.fail_json(msg='Failed to retrive listeners') + + listener_id = listeners.json()['listeners'][0]['id'] + timeout_data = {'json': {"listener": { + "timeout_client_data": module.params['timeout'], + "timeout_member_data": module.params['timeout']}}} + try: + adapter.put( + '/v2.0/lbaas/listeners/' + listener_id, **timeout_data) + # pylint: disable=broad-except + except Exception: + module.fail_json(msg='Failed to increate listener timeout') + + module.exit_json( + changed=True) + + +if __name__ == '__main__': + main() diff --git a/roles/openshift_openstack/tasks/check-prerequisites.yml b/roles/openshift_openstack/tasks/check-prerequisites.yml index a54b3a5b75c..198accbbc31 100644 --- a/roles/openshift_openstack/tasks/check-prerequisites.yml +++ b/roles/openshift_openstack/tasks/check-prerequisites.yml @@ -17,6 +17,39 @@ that: 'shade_result.rc == 0' msg: "Python module shade is not installed" +- include_tasks: prerequisites/provider-network-check.yml + when: openshift_openstack_use_provider_network + +- include_tasks: prerequisites/neutron-internal-dns-check.yml + when: openshift_openstack_use_neutron_internal_dns + +- include_tasks: prerequisites/nsupdate-check.yml + when: openshift_openstack_use_nsupdate + +- include_tasks: prerequisites/no-floating-ip-check.yml + when: openshift_openstack_use_no_floating_ip + +- include_tasks: prerequisites/cloud-provider-check.yml + when: openshift_use_cinder_persistent_volume or openshift_use_cinder_registry or openshift_use_kuryr + +- include_tasks: prerequisites/openstack-ssl-check.yml + when: openshift_use_openstack_ssl + +- include_tasks: prerequisites/kuryr-check.yml + when: openshift_use_kuryr + +- include_tasks: prerequisites/all-in-one-cluster-deployment-check.yml + when: openshift_use_all_in_one_cluster_deployment + +- include_tasks: prerequisites/cinder-persistent-volume-check.yml + when: openshift_use_cinder_persistent_volume + +- include_tasks: prerequisites/cinder-registry-check.yml + when: openshift_use_cinder_registry + +- include_tasks: prerequisites/swift-registry-check.yml + when: openshift_use_swift_registry + # Gather Neutron extension facts - name: Check for Neutron trunk support os_network_extensions: @@ -91,7 +124,7 @@ msg: "Keypair {{ openshift_openstack_keypair_name }} is not available" # Check flavors and images -- include_tasks: image-and-flavor-check.yml +- include_tasks: prerequisites/image-and-flavor-check.yml with_items: - { image: "{{ openshift_openstack_default_image_name }}", flavor: "{{ openshift_openstack_default_flavor }}" } - { image: "{{ openshift_openstack_master_image }}", flavor: "{{ openshift_openstack_master_flavor }}" } diff --git a/roles/openshift_openstack/tasks/container-storage-setup.yml b/roles/openshift_openstack/tasks/container-storage-setup.yml index 412e9f1e8d8..36442a4488a 100644 --- a/roles/openshift_openstack/tasks/container-storage-setup.yml +++ b/roles/openshift_openstack/tasks/container-storage-setup.yml @@ -35,3 +35,14 @@ # TODO(shadower): Find out which CentOS version supports overlayfs2 when: - ansible_distribution == "CentOS" + +- name: restart docker after storage configuration + become: yes + systemd: + name: "{{ openshift_docker_service_name }}" + state: restarted + register: l_docker_restart_docker_in_storage_setup_result + until: not (l_docker_restart_docker_in_storage_setup_result is failed) + retries: 3 + delay: 30 + when: not openshift_use_crio_only|default(None) diff --git a/roles/openshift_openstack/tasks/node-configuration.yml b/roles/openshift_openstack/tasks/node-configuration.yml index 7ece70f215c..766248411b0 100644 --- a/roles/openshift_openstack/tasks/node-configuration.yml +++ b/roles/openshift_openstack/tasks/node-configuration.yml @@ -1,6 +1,6 @@ --- # NOTE(shadower): we need to do this because some of the install tasks seem to -# ignore openshift_hostname and rely on the actual system's hostname +# ignore openshift_kubelet_name_override and rely on the actual system's hostname - name: Update hostname to match the OpenStack name hostname: name: "{{ inventory_hostname }}" diff --git a/roles/openshift_openstack/tasks/populate-dns.yml b/roles/openshift_openstack/tasks/populate-dns.yml index 5e103cb73ff..320b2a85af1 100644 --- a/roles/openshift_openstack/tasks/populate-dns.yml +++ b/roles/openshift_openstack/tasks/populate-dns.yml @@ -6,7 +6,7 @@ key_algorithm: "{{ openshift_openstack_external_nsupdate_keys['private']['key_algorithm'] | lower }}" server: "{{ openshift_openstack_external_nsupdate_keys['private']['server'] }}" zone: "{{ openshift_openstack_nsupdate_zone }}" - record: "{{ hostvars[item]['ansible_hostname'] + openshift_openstack_private_hostname_suffix + '.' + openshift_openstack_full_dns_domain | replace('.' + openshift_openstack_nsupdate_zone, '') }}" + record: "{{ (hostvars[item]['ansible_hostname'] + openshift_openstack_private_hostname_suffix + '.' + openshift_openstack_full_dns_domain) | replace('.' + openshift_openstack_nsupdate_zone, '') }}" value: "{{ hostvars[item]['private_v4'] }}" type: "A" state: "{{ l_dns_record_state | default('present') }}" @@ -29,7 +29,7 @@ key_algorithm: "{{ openshift_openstack_external_nsupdate_keys['public']['key_algorithm'] | lower }}" server: "{{ openshift_openstack_external_nsupdate_keys['public']['server'] }}" zone: "{{ openshift_openstack_nsupdate_zone }}" - record: "{{ hostvars[item]['ansible_hostname'] + openshift_openstack_public_hostname_suffix + '.' + openshift_openstack_full_dns_domain | replace('.' + openshift_openstack_nsupdate_zone, '') }}" + record: "{{ (hostvars[item]['ansible_hostname'] + openshift_openstack_public_hostname_suffix + '.' + openshift_openstack_full_dns_domain) | replace('.' + openshift_openstack_nsupdate_zone, '') }}" value: "{{ hostvars[item]['public_v4'] }}" type: "A" state: "{{ l_dns_record_state | default('present') }}" @@ -51,7 +51,7 @@ key_algorithm: "{{ openshift_openstack_external_nsupdate_keys['public']['key_algorithm'] | lower }}" server: "{{ openshift_openstack_external_nsupdate_keys['public']['server'] }}" zone: "{{ openshift_openstack_nsupdate_zone }}" - record: "{{ '*.' + hostvars[groups.masters[0]].openshift_master_default_subdomain | replace('.' + openshift_openstack_nsupdate_zone, '') }}" + record: "{{ ('*.' + hostvars[groups.masters[0]].openshift_master_default_subdomain) | replace('.' + openshift_openstack_nsupdate_zone, '') }}" value: "{{ openshift_openstack_public_router_ip }}" type: "A" state: "{{ l_dns_record_state | default('present') }}" diff --git a/roles/openshift_openstack/tasks/prerequisites/all-in-one-cluster-deployment-check.yml b/roles/openshift_openstack/tasks/prerequisites/all-in-one-cluster-deployment-check.yml new file mode 100644 index 00000000000..74175c4b1d2 --- /dev/null +++ b/roles/openshift_openstack/tasks/prerequisites/all-in-one-cluster-deployment-check.yml @@ -0,0 +1,34 @@ +--- +# add localhost to OSEv3 so we can access OSEv3 inventory variables +- name: Add localhost to OSEv3 + add_host: + hostname: 'localhost' + groupname: 'OSEv3' + +- name: Check number of master nodes is greater than 0 + assert: + that: openshift_openstack_num_masters > 0 + msg: "openshift_use_all_in_one_cluster_deployment: openshift_openstack_num_masters must be greater than 0" + +- name: Check number of infra nodes is equal to 0 + assert: + that: openshift_openstack_num_infra == 0 + msg: "openshift_use_all_in_one_cluster_deployment: openshift_openstack_num_infra must be 0" + +- name: Check number of app nodes is equal to 0 + assert: + that: openshift_openstack_num_nodes == 0 + msg: "openshift_use_all_in_one_cluster_deployment: openshift_openstack_num_nodes must be 0" + +- name: Check openshift_openstack_master_group_name is set to node-config-all-in-one + assert: + that: openshift_openstack_master_group_name == 'node-config-all-in-one' + msg: "openshift_use_all_in_one_cluster_deployment: openshift_openstack_num_nodes must be set to node-config-all-in-one" + +- name: Check openshift_node_groups contains node-config-all-in-one entry + assert: + that: openshift_node_groups | selectattr('name', 'equalto', 'node-config-all-in-one') | list | count > 0 + msg: "openshift_use_all_in_one_cluster_deployment: openshift_node_groups must contain a node-config-all-in-one entry" + +- name: Clear inventory + meta: refresh_inventory diff --git a/roles/openshift_openstack/tasks/prerequisites/cinder-persistent-volume-check.yml b/roles/openshift_openstack/tasks/prerequisites/cinder-persistent-volume-check.yml new file mode 100644 index 00000000000..5375826dd9b --- /dev/null +++ b/roles/openshift_openstack/tasks/prerequisites/cinder-persistent-volume-check.yml @@ -0,0 +1,14 @@ +--- +# add localhost to OSEv3 so we can access OSEv3 inventory variables +- name: Add localhost to OSEv3 + add_host: + hostname: 'localhost' + groupname: 'OSEv3' + +- name: Check openshift_cloudprovider_openstack_blockstorage_version + assert: + that: openshift_cloudprovider_openstack_blockstorage_version == 'v2' + msg: "openshift_use_cinder_persistent_volume: openshift_cloudprovider_openstack_blockstorage_version must be set to v2" + +- name: Clear inventory + meta: refresh_inventory diff --git a/roles/openshift_openstack/tasks/prerequisites/cinder-registry-check.yml b/roles/openshift_openstack/tasks/prerequisites/cinder-registry-check.yml new file mode 100644 index 00000000000..8cc1c065591 --- /dev/null +++ b/roles/openshift_openstack/tasks/prerequisites/cinder-registry-check.yml @@ -0,0 +1,34 @@ +--- +# add localhost to OSEv3 so we can access OSEv3 inventory variables +- name: Add localhost to OSEv3 + add_host: + hostname: 'localhost' + groupname: 'OSEv3' + +- name: Check openshift_hosted_registry_storage_kind value + assert: + that: openshift_hosted_registry_storage_kind == 'openstack' + msg: "openshift_use_cinder_registry: openshift_hosted_registry_storage_kind must be set to openstack" + +- name: Check openshift_hosted_registry_storage_access_modes is set + assert: + that: openshift_hosted_registry_storage_access_modes is defined + msg: "openshift_use_cinder_registry: openshift_hosted_registry_storage_access_modes must be defined" + +- name: Check openshift_hosted_registry_storage_openstack_filesystem is set + assert: + that: openshift_hosted_registry_storage_openstack_filesystem is defined + msg: "openshift_use_cinder_registry: openshift_hosted_registry_storage_openstack_filesystem must be defined" + +- name: Check openshift_hosted_registry_storage_volume_size is set + assert: + that: openshift_hosted_registry_storage_volume_size is defined + msg: "openshift_use_cinder_registry: openshift_hosted_registry_storage_volume_size must be defined" + +- name: Either openshift_hosted_registry_storage_openstack_volumeID or openshift_hosted_registry_storage_volume_name must be defined + assert: + that: openshift_hosted_registry_storage_openstack_volumeID is defined or openshift_hosted_registry_storage_volume_name is defined + msg: "openshift_use_cinder_registry: Either openshift_hosted_registry_storage_openstack_volumeID or openshift_hosted_registry_storage_volume_name must be defined" + +- name: Clear inventory + meta: refresh_inventory diff --git a/roles/openshift_openstack/tasks/prerequisites/cloud-provider-check.yml b/roles/openshift_openstack/tasks/prerequisites/cloud-provider-check.yml new file mode 100644 index 00000000000..e800dbaa7b9 --- /dev/null +++ b/roles/openshift_openstack/tasks/prerequisites/cloud-provider-check.yml @@ -0,0 +1,39 @@ +--- +# add localhost to OSEv3 so we can access OSEv3 inventory variables +- name: Add localhost to OSEv3 + add_host: + hostname: 'localhost' + groupname: 'OSEv3' + +- name: Check openshift_cloudprovider_kind value + assert: + that: openshift_cloudprovider_kind == 'openstack' + msg: "openshift_use_cloud_provider: openshift_cloudprovider_kind must be set to openstack" + when: openshift_cloudprovider_openstack_conf_file is not defined + +- name: Check openshift_cloudprovider_openstack_auth_url is defined + assert: + that: openshift_cloudprovider_openstack_auth_url is defined + msg: "openshift_use_cloud_provider: openshift_cloudprovider_openstack_auth_url must be defined" + when: openshift_cloudprovider_openstack_conf_file is not defined + +- name: Check openshift_cloudprovider_openstack_username is defined + assert: + that: openshift_cloudprovider_openstack_username is defined + msg: "openshift_use_cloud_provider: openshift_cloudprovider_openstack_username must be defined" + when: openshift_cloudprovider_openstack_conf_file is not defined + +- name: Check openshift_cloudprovider_openstack_password is defined + assert: + that: openshift_cloudprovider_openstack_password is defined + msg: "openshift_use_cloud_provider: openshift_cloudprovider_openstack_password must be defined" + when: openshift_cloudprovider_openstack_conf_file is not defined + +- name: Check that a openshift_cloudprovider_openstack tenant parameter is defined + assert: + that: openshift_cloudprovider_openstack_tenant_id is defined or openshift_cloudprovider_openstack_tenant_name is defined + msg: "openshift_use_cloud_provider: either openshift_cloudprovider_openstack_tenant_id or openshift_cloudprovider_openstack_tenant_name must be defined" + when: openshift_cloudprovider_openstack_conf_file is not defined + +- name: Clear inventory + meta: refresh_inventory diff --git a/roles/openshift_openstack/tasks/image-and-flavor-check.yml b/roles/openshift_openstack/tasks/prerequisites/image-and-flavor-check.yml similarity index 100% rename from roles/openshift_openstack/tasks/image-and-flavor-check.yml rename to roles/openshift_openstack/tasks/prerequisites/image-and-flavor-check.yml diff --git a/roles/openshift_openstack/tasks/prerequisites/kuryr-check.yml b/roles/openshift_openstack/tasks/prerequisites/kuryr-check.yml new file mode 100644 index 00000000000..9e390389d9f --- /dev/null +++ b/roles/openshift_openstack/tasks/prerequisites/kuryr-check.yml @@ -0,0 +1,35 @@ +--- +- name: Check openshift_use_openshift_sdn is false + assert: + that: not openshift_use_openshift_sdn + msg: "openshift_use_kuryr: openshift_use_openshift_sdn must be false" + +- name: Check use_trunk_ports is true + assert: + that: use_trunk_ports + msg: "openshift_use_kuryr: use_trunk_ports must be true" + +- name: Check os_sdn_network_plugin_name is set to cni + assert: + that: os_sdn_network_plugin_name == 'cni' + msg: "openshift_use_kuryr: os_sdn_network_plugin_name must be set to cni" + +- name: Check openshift_node_proxy_mode is set to userspace + assert: + that: openshift_node_proxy_mode == 'userspace' + msg: "openshift_use_kuryr: openshift_node_proxy_mode must be set to userspace" + +- name: Check openshift_master_open_ports is set + assert: + that: openshift_master_open_ports is defined + msg: "openshift_use_kuryr: openshift_master_open_ports must be defined" + +- name: Check openshift_node_open_ports is set + assert: + that: openshift_node_open_ports is defined + msg: "openshift_use_kuryr: openshift_node_open_ports must be defined" + +- name: Check kuryr_openstack_public_net_id is set + assert: + that: kuryr_openstack_public_net_id is defined + msg: "openshift_use_kuryr: kuryr_openstack_public_net_id must be defined" diff --git a/roles/openshift_openstack/tasks/prerequisites/neutron-internal-dns-check.yml b/roles/openshift_openstack/tasks/prerequisites/neutron-internal-dns-check.yml new file mode 100644 index 00000000000..b7793036862 --- /dev/null +++ b/roles/openshift_openstack/tasks/prerequisites/neutron-internal-dns-check.yml @@ -0,0 +1,15 @@ +--- +- name: Check openshift_openstack_fqdn_nodes is false + assert: + that: not openshift_openstack_fqdn_nodes + msg: "openshift_openstack_use_neutron_internal_dns: openshift_openstack_fqdn_nodes must be false" + +- name: Check openshift_openstack_dns_nameservers is empty + assert: + that: openshift_openstack_dns_nameservers | count == 0 + msg: "openshift_openstack_use_neutron_internal_dns: openshift_openstack_dns_nameservers must be empty" + +- name: Check openshift_openstack_external_nsupdate_keys does not contain private entry + assert: + that: openshift_openstack_external_nsupdate_keys.private is not defined + msg: "openshift_openstack_use_neutron_internal_dns: openshift_openstack_external_nsupdate_keys must not contain a private entry" diff --git a/roles/openshift_openstack/tasks/prerequisites/no-floating-ip-check.yml b/roles/openshift_openstack/tasks/prerequisites/no-floating-ip-check.yml new file mode 100644 index 00000000000..1a242b49ba8 --- /dev/null +++ b/roles/openshift_openstack/tasks/prerequisites/no-floating-ip-check.yml @@ -0,0 +1,10 @@ +--- +- name: Check openshift_openstack_router_name is defined + assert: + that: openshift_openstack_router_name is defined and openshift_openstack_router_name + msg: "openshift_openstack_use_no_floating_ip: openshift_openstack_router_name must be defined" + +- name: Check openshift_openstack_node_subnet_name is defined + assert: + that: openshift_openstack_node_subnet_name is defined and openshift_openstack_node_subnet_name + msg: "openshift_openstack_use_no_floating_ip: openshift_openstack_node_subnet_name must be defined" diff --git a/roles/openshift_openstack/tasks/prerequisites/nsupdate-check.yml b/roles/openshift_openstack/tasks/prerequisites/nsupdate-check.yml new file mode 100644 index 00000000000..6cba63bd374 --- /dev/null +++ b/roles/openshift_openstack/tasks/prerequisites/nsupdate-check.yml @@ -0,0 +1,16 @@ +--- +- name: Check openshift_openstack_nsupdate_zone is defined + assert: + that: openshift_openstack_nsupdate_zone is defined and openshift_openstack_nsupdate_zone + msg: "openshift_openstack_use_nsupdate: openshift_openstack_nsupdate_zone must be defined" + +- name: Check that there is a public or private entry in openshift_openstack_external_nsupdate_keys + assert: + that: openshift_openstack_external_nsupdate_keys.private is defined or openshift_openstack_external_nsupdate_keys.public is defined + msg: "openshift_openstack_use_nsupdate: openshift_openstack_external_nsupdate_keys must have at least one of a public or private entry" + +- name: Check that either openshift_openstack_public_hostname_suffix or openshift_openstack_private_hostname_suffix is defined + assert: + that: (openshift_openstack_public_hostname_suffix is defined and openshift_openstack_public_hostname_suffix) or (openshift_openstack_private_hostname_suffix is defined and openshift_openstack_private_hostname_suffix) + msg: "openshift_openstack_use_nsupdate: either openshift_openstack_public_hostname_suffix or openshift_openstack_private_hostname_suffix must be defined" + when: openshift_openstack_external_nsupdate_keys.private is defined and openshift_openstack_external_nsupdate_keys.public is defined diff --git a/roles/openshift_openstack/tasks/prerequisites/openstack-ssl-check.yml b/roles/openshift_openstack/tasks/prerequisites/openstack-ssl-check.yml new file mode 100644 index 00000000000..8e123be95d8 --- /dev/null +++ b/roles/openshift_openstack/tasks/prerequisites/openstack-ssl-check.yml @@ -0,0 +1,30 @@ +--- +# add localhost to OSEv3 so we can access OSEv3 inventory variables +- name: Add localhost to OSEv3 + add_host: + hostname: 'localhost' + groupname: 'OSEv3' + +- name: Check openshift_certificates_redeploy is true + assert: + that: openshift_certificates_redeploy + msg: "openshift_use_openstack_ssl: openshift_certificates_redeploy must be true" + +- name: Check openshift_additional_ca is defined + assert: + that: openshift_additional_ca is defined and openshift_additional_ca + msg: "openshift_use_openstack_ssl: openshift_additional_ca must be defined" + +- name: Check kuryr_openstack_ca is defined + assert: + that: kuryr_openstack_ca is defined and kuryr_openstack_ca + msg: "openshift_use_openstack_ssl: kuryr_openstack_ca must be defined" + when: openshift_use_kuryr + +- name: Check openshift_cloudprovider_openstack_ca_file is defined + assert: + that: openshift_cloudprovider_openstack_ca_file is defined and openshift_cloudprovider_openstack_ca_file + msg: "openshift_use_openstack_ssl: openshift_cloudprovider_openstack_ca_file must be defined" + +- name: Clear inventory + meta: refresh_inventory diff --git a/roles/openshift_openstack/tasks/prerequisites/provider-network-check.yml b/roles/openshift_openstack/tasks/prerequisites/provider-network-check.yml new file mode 100644 index 00000000000..81d02655a35 --- /dev/null +++ b/roles/openshift_openstack/tasks/prerequisites/provider-network-check.yml @@ -0,0 +1,15 @@ +--- +- name: Check openshift_openstack_provider_network_name is defined + assert: + that: openshift_openstack_provider_network_name is defined and openshift_openstack_provider_network_name + msg: "openshift_openstack_use_provider_network: openshift_openstack_provider_network_name must be defined" + +- name: Check openshift_openstack_external_network_name is undefined + assert: + that: openshift_openstack_external_network_name is undefined or not openshift_openstack_external_network_name + msg: "openshift_openstack_use_provider_network: openshift_openstack_external_network_name must not be defined" + +- name: Check openshift_openstack_private_network_name is undefined + assert: + that: openshift_openstack_private_network_name is undefined or not openshift_openstack_private_network_name + msg: "openshift_openstack_use_provider_network: openshift_openstack_private_network_name must not be defined" diff --git a/roles/openshift_openstack/tasks/prerequisites/swift-registry-check.yml b/roles/openshift_openstack/tasks/prerequisites/swift-registry-check.yml new file mode 100644 index 00000000000..f2ca677c337 --- /dev/null +++ b/roles/openshift_openstack/tasks/prerequisites/swift-registry-check.yml @@ -0,0 +1,24 @@ +--- +# add localhost to OSEv3 so we can access OSEv3 inventory variables +- name: Add localhost to OSEv3 + add_host: + hostname: 'localhost' + groupname: 'OSEv3' + +- name: Check openshift_hosted_registry_storage_kind value + assert: + that: openshift_hosted_registry_storage_kind == 'object' + msg: "openshift_use_swift_registry: openshift_hosted_registry_storage_kind must be set to object" + +- name: Check openshift_hosted_registry_storage_provider value + assert: + that: openshift_hosted_registry_storage_provider == 'swift' + msg: "openshift_use_swift_registry: openshift_hosted_registry_storage_provider must be set to swift" + +- name: Check openshift_hosted_registry_storage_swift_container is set + assert: + that: openshift_hosted_registry_storage_swift_container is defined + msg: "openshift_use_swift_registry: openshift_hosted_registry_storage_swift_container must be defined" + +- name: Clear inventory + meta: refresh_inventory diff --git a/roles/openshift_openstack/tasks/provision.yml b/roles/openshift_openstack/tasks/provision.yml index 44cd1b93181..6ab11c3d3da 100644 --- a/roles/openshift_openstack/tasks/provision.yml +++ b/roles/openshift_openstack/tasks/provision.yml @@ -1,4 +1,34 @@ --- +- name: Get subnet facts when using a custom subnet + os_subnets_facts: + name: "{{ openshift_openstack_node_subnet_name }}" + register: subnet_result + when: openshift_openstack_node_subnet_name is defined and openshift_openstack_node_subnet_name +- name: Set custom network id + set_fact: + openshift_openstack_node_network_id: "{{ subnet_result.ansible_facts.openstack_subnets[0].network_id }}" + when: openshift_openstack_node_subnet_name is defined and openshift_openstack_node_subnet_name +- name: Set custom subnet id + set_fact: + openshift_openstack_node_subnet_id: "{{ subnet_result.ansible_facts.openstack_subnets[0].id }}" + when: openshift_openstack_node_subnet_name is defined and openshift_openstack_node_subnet_name +- name: Set custom subnet cidr + set_fact: + openshift_openstack_subnet_cidr: "{{ subnet_result.ansible_facts.openstack_subnets[0].cidr }}" + when: openshift_openstack_node_subnet_name is defined and openshift_openstack_node_subnet_name + +# TODO ltomasbo: there is no Ansible module for getting router facts +- name: Get custom router id + command: > + python -c 'import shade; cloud = shade.openstack_cloud(); + print cloud.get_router("{{ openshift_openstack_router_name }}").id' + register: router_info + when: openshift_openstack_router_name is defined and openshift_openstack_router_name +- name: Set custom router id + set_fact: + openshift_openstack_router_id: "{{ router_info.stdout }}" + when: openshift_openstack_router_name is defined and openshift_openstack_router_name + - name: Generate the templates include_tasks: generate-templates.yml when: @@ -59,7 +89,7 @@ ignore_errors: True register: stack_create until: stack_create is not failed - retries: 20 + retries: 5 delay: 5 os_stack: name: "{{ openshift_openstack_stack_name }}" @@ -97,6 +127,23 @@ when: - openshift_openstack_api_lb_provider|default(None) == "haproxy" +# NOTE(ltomasbo): Increasing OpenShift API Loadbalancer timeouts to 500 secs +# as 50 seconds resulted on failed deployments due to: +# https://bugzilla.redhat.com/show_bug.cgi?id=1618685 +# The timeout can be configured by changing: +# openshift_openstack_api_lb_listeners_timeout +- name: Octavia OpenShift API listeners timeout correction + os_lbaas_listener_timeout: + timeout: "{{ openshift_openstack_api_lb_listeners_timeout | int }}" + listener_name: "{{ item }}" + with_items: + - "openshift-ansible-{{ openshift_openstack_full_dns_domain }}-api-lb-listener" + - "openshift-ansible-{{ openshift_openstack_full_dns_domain }}-api-lb-internal-listener" + when: + - openshift_openstack_lbaasv2_provider == "Octavia" + - (openshift_openstack_use_lbaas_load_balancer) or (openshift_use_kuryr | default(false) | bool and not openshift_openstack_provider_network_name) + ignore_errors: true + - name: CleanUp include_tasks: cleanup.yml when: diff --git a/roles/openshift_openstack/templates/heat_stack.yaml.j2 b/roles/openshift_openstack/templates/heat_stack.yaml.j2 index c93ddf36b5d..10fdaec96f6 100644 --- a/roles/openshift_openstack/templates/heat_stack.yaml.j2 +++ b/roles/openshift_openstack/templates/heat_stack.yaml.j2 @@ -15,9 +15,11 @@ outputs: description: IPs of the etcds value: { get_attr: [ etcd, private_ip ] } +{% if openshift_openstack_etcd_floating_ip | default(True) | bool %} etcd_floating_ips: description: Floating IPs of the etcds value: { get_attr: [ etcd, floating_ip ] } +{% endif %} master_names: description: Name of the masters @@ -27,9 +29,11 @@ outputs: description: IPs of the masters value: { get_attr: [ masters, private_ip ] } +{% if openshift_openstack_master_floating_ip | default(True) | bool %} master_floating_ips: description: Floating IPs of the masters value: { get_attr: [ masters, floating_ip ] } +{% endif %} node_names: description: Name of the nodes @@ -39,9 +43,11 @@ outputs: description: IPs of the nodes value: { get_attr: [ compute_nodes, private_ip ] } +{% if openshift_openstack_compute_floating_ip | default(True) | bool %} node_floating_ips: description: Floating IPs of the nodes value: { get_attr: [ compute_nodes, floating_ip ] } +{% endif %} infra_names: description: Name of the nodes @@ -51,16 +57,19 @@ outputs: description: IPs of the nodes value: { get_attr: [ infra_nodes, private_ip ] } +{% if openshift_openstack_infra_floating_ip | default(True) | bool %} infra_floating_ips: description: Floating IPs of the nodes value: { get_attr: [ infra_nodes, floating_ip ] } +{% endif %} {% endif %} public_api_ip: description: IP address for the API/UI endpoint -{% if openshift_openstack_use_lbaas_load_balancer %} - # TODO(shadower): Handle setups without floating IPs +{% if openshift_openstack_use_lbaas_load_balancer and openshift_openstack_load_balancer_floating_ip %} value: { get_attr: [api_lb_floating_ip, floating_ip_address] } +{% elif openshift_openstack_use_lbaas_load_balancer and not openshift_openstack_load_balancer_floating_ip %} + value: { get_attr: [api_lb, vip_address] } {% elif openshift_openstack_use_vm_load_balancer %} value: { get_attr: [loadbalancer, resource.0, floating_ip] } {% else %} @@ -69,8 +78,10 @@ outputs: public_router_ip: description: IP address of the apps/router endpoint -{% if openshift_openstack_use_lbaas_load_balancer %} +{% if openshift_openstack_use_lbaas_load_balancer and openshift_openstack_load_balancer_floating_ip %} value: { get_attr: [router_lb_floating_ip, floating_ip_address] } +{% elif openshift_openstack_use_lbaas_load_balancer and not openshift_openstack_load_balancer_floating_ip %} + value: { get_attr: [router_lb, vip_address] } {% else %} # NOTE(shadower): The VM-based loadbalancer only supports master nodes value: { get_attr: [infra_nodes, resource.0, floating_ip] } @@ -91,7 +102,11 @@ outputs: {% if openshift_use_kuryr|default(false)|bool %} vm_subnet: description: ID of the subnet the Pods will be on +{% if not openshift_openstack_node_subnet_name %} value: { get_resource: subnet } +{% else %} + value: {{ openshift_openstack_node_subnet_id }} +{% endif %} pod_subnet: description: ID of the subnet the Pods will be on @@ -103,7 +118,12 @@ outputs: pod_router: description: ID of the router where the pod subnet will be connected +{% if not openshift_openstack_router_name %} value: { get_resource: router } +{% else %} + value: {{ openshift_openstack_router_id }} +{% endif %} + {% if openshift_kuryr_subnet_driver|default('default') == 'namespace' %} pod_subnet_pool: @@ -156,6 +176,8 @@ resources: {% if openshift_use_kuryr|default(false)|bool %} vip_address: {{ openshift_openstack_kuryr_service_subnet_cidr | ipaddr('1') | ipaddr('address') }} vip_subnet: { get_resource: service_subnet } +{% elif openshift_openstack_node_subnet_name %} + vip_subnet: {{ openshift_openstack_node_subnet_name }} {% else %} vip_subnet: { get_resource: subnet } {% endif %} @@ -322,6 +344,7 @@ resources: {% endif %} +{% if not openshift_openstack_node_subnet_name %} net: type: OS::Neutron::Net properties: @@ -330,7 +353,9 @@ resources: template: openshift-ansible-cluster_id-net params: cluster_id: {{ openshift_openstack_full_dns_domain }} +{% endif %} +{% if not openshift_openstack_node_subnet_name %} subnet: type: OS::Neutron::Subnet properties: @@ -348,6 +373,7 @@ resources: {% for nameserver in openshift_openstack_dns_nameservers %} - {{ nameserver }} {% endfor %} +{% endif %} {% if openshift_use_flannel|default(False)|bool %} data_net: @@ -365,6 +391,7 @@ resources: gateway_ip: null {% endif %} +{% if not openshift_openstack_router_name and not openshift_openstack_node_subnet_name %} router: type: OS::Neutron::Router properties: @@ -381,12 +408,17 @@ resources: properties: router_id: { get_resource: router } subnet_id: { get_resource: subnet } +{% endif %} {% if openshift_use_kuryr|default(false)|bool %} pod_subnet_interface: type: OS::Neutron::RouterInterface properties: +{% if not openshift_openstack_router_name %} router_id: { get_resource: router } +{% else %} + router_id: {{ openshift_openstack_router_id }} +{% endif %} subnet_id: { get_resource: pod_subnet } service_router_port: @@ -405,7 +437,11 @@ resources: service_subnet_interface: type: OS::Neutron::RouterInterface properties: +{% if not openshift_openstack_router_name %} router_id: { get_resource: router } +{% else %} + router_id: {{ openshift_openstack_router_id }} +{% endif %} port: { get_resource: service_router_port } {% endif %} @@ -544,7 +580,7 @@ resources: params: cluster_id: {{ openshift_openstack_full_dns_domain }} rules: {{ openshift_openstack_infra_secgroup_rules|to_json }} - + {% if openshift_openstack_num_cns > 0 %} cns-secgrp: type: OS::Neutron::SecurityGroup properties: @@ -559,6 +595,7 @@ resources: params: cluster_id: {{ openshift_openstack_full_dns_domain }} rules: {{ openshift_openstack_cns_secgroup_rules|to_json }} + {% endif %} {% endif %} lb-secgrp: @@ -606,9 +643,17 @@ resources: {% if openshift_openstack_provider_network_name %} net: {{ openshift_openstack_provider_network_name }} net_name: {{ openshift_openstack_provider_network_name }} +{% else %} +{% if openshift_openstack_node_network_id|default(false) %} + net: {{ openshift_openstack_node_network_id }} {% else %} net: { get_resource: net } +{% endif %} +{% if openshift_openstack_node_subnet_name %} + subnet: {{ openshift_openstack_node_subnet_name }} +{% else %} subnet: { get_resource: subnet } +{% endif %} {% if openshift_use_kuryr|default(false)|bool %} pod_net: { get_resource: pod_net } pod_subnet: { get_resource: pod_subnet } @@ -631,11 +676,11 @@ resources: - no_floating - '' - {{ openshift_openstack_external_network_name }} -{% if openshift_openstack_provider_network_name %} +{% if openshift_openstack_provider_network_name or not openshift_openstack_etcd_floating_ip | default(False) | bool %} attach_float_net: false {% endif %} volume_size: {{ openshift_openstack_etcd_volume_size }} -{% if not openshift_openstack_provider_network_name %} +{% if not openshift_openstack_provider_network_name and not openshift_openstack_node_subnet_name %} depends_on: - interface {% endif %} @@ -683,9 +728,15 @@ resources: {% if openshift_openstack_provider_network_name %} net: {{ openshift_openstack_provider_network_name }} net_name: {{ openshift_openstack_provider_network_name }} +{% elif openshift_openstack_node_network_id|default(false) %} + net: {{ openshift_openstack_node_network_id }} {% else %} net: { get_resource: net } +{% if openshift_openstack_node_subnet_name %} + subnet: {{ openshift_openstack_node_subnet_name }} +{% else %} subnet: { get_resource: subnet } +{% endif %} {% if openshift_use_kuryr|default(false)|bool %} pod_net: { get_resource: pod_net } pod_subnet: { get_resource: pod_subnet } @@ -708,11 +759,11 @@ resources: - no_floating - '' - {{ openshift_openstack_external_network_name }} -{% if openshift_openstack_provider_network_name %} +{% if openshift_openstack_provider_network_name or not openshift_openstack_load_balancer_floating_ip | default(True) | bool %} attach_float_net: false {% endif %} volume_size: {{ openshift_openstack_lb_volume_size }} -{% if not openshift_openstack_provider_network_name %} +{% if not openshift_openstack_provider_network_name and not openshift_openstack_node_subnet_name %} depends_on: - interface {% endif %} @@ -750,9 +801,17 @@ resources: {% if openshift_openstack_provider_network_name %} net: {{ openshift_openstack_provider_network_name }} net_name: {{ openshift_openstack_provider_network_name }} +{% else %} +{% if openshift_openstack_node_network_id|default(false) %} + net: {{ openshift_openstack_node_network_id }} {% else %} net: { get_resource: net } +{% endif %} +{% if openshift_openstack_node_subnet_name %} + subnet: {{ openshift_openstack_node_subnet_name }} +{% else %} subnet: { get_resource: subnet } +{% endif %} {% if openshift_use_kuryr|default(false)|bool %} pod_net: { get_resource: pod_net } pod_subnet: { get_resource: pod_subnet } @@ -791,7 +850,7 @@ resources: - no_floating - '' - {{ openshift_openstack_external_network_name }} -{% if openshift_openstack_provider_network_name %} +{% if openshift_openstack_provider_network_name or not openshift_openstack_master_floating_ip | default(False) | bool %} attach_float_net: false {% endif %} volume_size: {{ openshift_openstack_master_volume_size }} @@ -799,7 +858,7 @@ resources: scheduler_hints: group: { get_resource: master_server_group } {% endif %} -{% if not openshift_openstack_provider_network_name %} +{% if not openshift_openstack_provider_network_name and not openshift_openstack_node_subnet_name %} depends_on: - interface {% endif %} @@ -836,9 +895,17 @@ resources: {% if openshift_openstack_provider_network_name %} net: {{ openshift_openstack_provider_network_name }} net_name: {{ openshift_openstack_provider_network_name }} +{% else %} +{% if openshift_openstack_node_network_id|default(false) %} + net: {{ openshift_openstack_node_network_id }} {% else %} net: { get_resource: net } +{% endif %} +{% if openshift_openstack_node_subnet_name %} + subnet: {{ openshift_openstack_node_subnet_name }} +{% else %} subnet: { get_resource: subnet } +{% endif %} {% if openshift_use_kuryr|default(false)|bool %} pod_net: { get_resource: pod_net } pod_subnet: { get_resource: pod_subnet } @@ -866,11 +933,11 @@ resources: - no_floating - '' - {{ openshift_openstack_external_network_name }} -{% if openshift_openstack_provider_network_name %} +{% if openshift_openstack_provider_network_name or not openshift_openstack_compute_floating_ip | default(False) | bool %} attach_float_net: false {% endif %} volume_size: {{ openshift_openstack_node_volume_size }} -{% if not openshift_openstack_provider_network_name %} +{% if not openshift_openstack_provider_network_name and not openshift_openstack_node_subnet_name %} depends_on: - interface {% endif %} @@ -909,9 +976,17 @@ resources: {% if openshift_openstack_provider_network_name %} net: {{ openshift_openstack_provider_network_name }} net_name: {{ openshift_openstack_provider_network_name }} +{% else %} +{% if openshift_openstack_node_network_id|default(false) %} + net: {{ openshift_openstack_node_network_id }} {% else %} net: { get_resource: net } +{% endif %} +{% if openshift_openstack_node_subnet_name %} + subnet: {{ openshift_openstack_node_subnet_name }} +{% else %} subnet: { get_resource: subnet } +{% endif %} {% if openshift_use_kuryr|default(false)|bool %} pod_net: { get_resource: pod_net } pod_subnet: { get_resource: pod_subnet } @@ -945,7 +1020,7 @@ resources: - no_floating - '' - {{ openshift_openstack_external_network_name }} -{% if openshift_openstack_provider_network_name %} +{% if openshift_openstack_provider_network_name or not openshift_openstack_infra_floating_ip | default(True) | bool %} attach_float_net: false {% endif %} volume_size: {{ openshift_openstack_infra_volume_size }} @@ -953,7 +1028,7 @@ resources: scheduler_hints: group: { get_resource: infra_server_group } {% endif %} -{% if not openshift_openstack_provider_network_name %} +{% if not openshift_openstack_provider_network_name and not openshift_openstack_node_subnet_name %} depends_on: - interface {% endif %} @@ -987,9 +1062,17 @@ resources: {% if openshift_openstack_provider_network_name %} net: {{ openshift_openstack_provider_network_name }} net_name: {{ openshift_openstack_provider_network_name }} +{% else %} +{% if openshift_openstack_node_network_id|default(false) %} + net: {{ openshift_openstack_node_network_id }} {% else %} net: { get_resource: net } +{% endif %} +{% if openshift_openstack_node_subnet_name %} + subnet: {{ openshift_openstack_node_subnet_name }} +{% else %} subnet: { get_resource: subnet } +{% endif %} {% if openshift_use_kuryr|default(false)|bool %} pod_net: { get_resource: pod_net } pod_subnet: { get_resource: pod_subnet } @@ -1011,7 +1094,9 @@ resources: - { get_resource: flat-secgrp } {% else %} - { get_resource: node-secgrp } +{% if openshift_openstack_num_cns > 0 %} - { get_resource: cns-secgrp } +{% endif %} {% if openshift_use_kuryr|default(false)|bool %} pod_secgrp: - { get_resource: pod_access_sg } @@ -1021,13 +1106,14 @@ resources: floating_network: {{ openshift_openstack_external_network_name }} {% endif %} volume_size: {{ openshift_openstack_cns_volume_size }} -{% if not openshift_openstack_provider_network_name %} +{% if not openshift_openstack_provider_network_name and not openshift_openstack_node_subnet_name %} depends_on: - interface {% endif %} {% if openshift_openstack_use_lbaas_load_balancer %} +{% if openshift_openstack_load_balancer_floating_ip | default(True) | bool %} api_lb_floating_ip: condition: { not: no_floating } depends_on: @@ -1038,13 +1124,18 @@ resources: properties: floating_network: {{ openshift_openstack_external_network_name }} port_id: { get_attr: [api_lb, vip_port_id] } - +{% endif %} router_lb: type: OS::{{ openshift_openstack_lbaasv2_provider }}::LoadBalancer properties: +{% if openshift_openstack_node_subnet_name %} + vip_subnet: {{ openshift_openstack_node_subnet_name }} +{% else %} vip_subnet: { get_resource: subnet } +{% endif %} +{% if openshift_openstack_load_balancer_floating_ip | default(True) | bool %} router_lb_floating_ip: condition: { not: no_floating } depends_on: @@ -1057,6 +1148,7 @@ resources: properties: floating_network: {{ openshift_openstack_external_network_name }} port_id: { get_attr: [router_lb, vip_port_id] } +{% endif %} router_lb_listener_http: type: OS::{{ openshift_openstack_lbaasv2_provider }}::Listener diff --git a/roles/openshift_openstack/templates/heat_stack_server.yaml.j2 b/roles/openshift_openstack/templates/heat_stack_server.yaml.j2 index 7935c9160d9..174cca3943c 100644 --- a/roles/openshift_openstack/templates/heat_stack_server.yaml.j2 +++ b/roles/openshift_openstack/templates/heat_stack_server.yaml.j2 @@ -245,7 +245,7 @@ resources: sub-host-type: { get_param: subtype } openshift_node_group_name: { get_param: openshift_node_group_name } {% if openshift_openstack_dns_nameservers %} - openshift_hostname: { get_param: name } + openshift_kubelet_name_override: { get_param: name } {% endif %} scheduler_hints: { get_param: scheduler_hints } diff --git a/roles/openshift_ovirt/README.md b/roles/openshift_ovirt/README.md index 8e767443b54..a46b5daf4fd 100644 --- a/roles/openshift_ovirt/README.md +++ b/roles/openshift_ovirt/README.md @@ -1,16 +1,26 @@ -OpenShift oVirt -============= +# OpenShift oVirt OpenShift Provisioned on Red Hat Virtualization and oVirt -Role Tasks ----------- +The puprpose of the role is to create the VMs, by a recepie, using vars, and generate an inventory. \ +The generated inventory can be merged into and openshift inventory(see examples dir[1]) and to ease the deployment a lot. -* `build_vm_list.yml`: Creates a list of virtual machine definitions and +- [OpenShift oVirt](#openshift-ovirt) + * [Role Tasks](#role-tasks) + * [Role Variables](#role-variables) + * [Examples](#examples) + + [Manifest](#manifest) + + [Playbook](#playbook) + * [License](#license) + +## Role Tasks + +- `main.yaml`: The entrypoint to the role. It invokes the following tasks below. +- `build_vm_list.yml`: Creates a list of virtual machine definitions and affinity groups based on a simple manifest (below) +- `create_vms.yaml`: consumes the output of the former task and create vms for the nodes of the cluster. It generates an inventory of nodes. -Role Variables --------------- +## Role Variables For documentation on virtual machine profile options, see the [oVirt Ansible VM-Infra Documentation](https://github.com/oVirt/ovirt-ansible-vm-infra) @@ -19,6 +29,29 @@ For documentation on virtual machine profile options, see the [oVirt Ansible VM- | openshift_ovirt_vm_profile | See below. | Dictionary of dictionaries providing common VM parameters for virtual machine creation. | | openshift_ovirt_vm_manifest | See below. | List of dictionaries specifying node base name, count, and which of the above profiles to apply. The default creates three master nodes, three infrastructure nodes, one application node, and a load balancer. | +The `openshift_ovirt_vm_manifest` variable can contain following attributes + +| Name | Type | Default value | | +|-----------|------|---------------|-----------------------------------------------------------------------------------------------------------------| +| nic_mode | Dict | UNDEF | If you define this variable means that the interface on the VM will have static address instead of dynamic one. | + +Below `nic_mode` we can find this other parameters + +| Name | Type | Default value | | +|-----------------|--------|---------------|------------------------------------------| +| nic_ip_address | String | UNDEF | Static ipaddress for vm interface. | +| nic_netmask | String | UNDEF | Static Netmask for vm interface . | +| nic_gateway | String | UNDEF | Static Gateway address for vm interface. | +| nic_on_boot | Bool | True | The interface will be up on boot. | +| nic_name | String | 'eth0' | The Interface name for the vm. | +| dns_servers | String | UNDEF | The DNS set on the VM. | + + +## Examples + +### Manifest +- **openshift_ovirt_vm_profile** + ``` openshift_ovirt_vm_profile: master: @@ -59,24 +92,109 @@ openshift_ovirt_vm_profile: state: running ``` + +- **openshift_ovirt_vm_manifest** ``` openshift_ovirt_vm_manifest: +####################################### +# Multiple Node Static Ip addresses +####################################### - name: 'master' count: 3 profile: 'master' + nic_mode: + # This must fit the same name as this kind of vms. (e.g) if the name is test, this must be test0 + master0: + nic_ip_address: '192.168.123.160' + nic_netmask: '255.255.255.0' + nic_gateway: '192.168.123.1' + nic_on_boot: True + nic_name: 'eth0' + dns_servers: "192.168.1.100" + master1: + nic_ip_address: '192.168.123.161' + nic_netmask: '255.255.255.0' + nic_gateway: '192.168.123.1' + nic_on_boot: True + nic_name: 'nic0' + dns_servers: "192.168.1.100" + master2: + nic_ip_address: '192.168.123.162' + nic_netmask: '255.255.255.0' + nic_gateway: '192.168.123.1' + nic_on_boot: True + dns_servers: "192.168.1.100" - name: 'infra' - count: 3 + count: 2 profile: 'node' + nic_mode: + infra0: + nic_ip_address: '192.168.123.163' + nic_netmask: '255.255.255.0' + nic_gateway: '192.168.123.1' + nic_on_boot: True + dns_servers: "192.168.1.100" + infra1: + nic_ip_address: '192.168.123.164' + nic_netmask: '255.255.255.0' + nic_gateway: '192.168.123.1' + nic_on_boot: True + dns_servers: "192.168.1.100" + +################################################ +# Multiple/Single Node Dynamic Ip addresses +################################################ - name: 'compute' - count: 1 + count: 2 profile: 'node' + +###################################### +# Single Node Static Ip addresses +###################################### - name: 'lb' count: 1 - profile: 'node' + profile: 'node_vm' + nic_mode: + lb: + nic_ip_address: '192.168.123.170' + nic_netmask: '255.255.255.0' + nic_gateway: '192.168.123.1' + dns_servers: "192.168.1.100" +``` + +### Playbook + +``` +--- +- name: Deploy oVirt template and virtual machines + hosts: localhost + connection: local + gather_facts: false + + pre_tasks: + - name: Log in to oVirt + ovirt_auth: + url: "{{ engine_url }}" + username: "{{ engine_user }}" + password: "{{ engine_password }}" + ca_file: "{{ engine_cafile | default(omit) }}" + insecure: "{{ engine_insecure | default(true) }}" + tags: + - always + + roles: + - openshift_ovirt + + post_tasks: + - name: Logout from oVirt + ovirt_auth: + state: absent + ovirt_auth: "{{ ovirt_auth }}" + tags: + - always ``` -Example Playbook ----------------- +**Side Note:** Regarding the behaviour, of the iterations, If we have a `count: 1` in our vm definition, the name that you put in the proper field will be preserved, but if we have more than 1 a counter will be raised and the vm name will be `name + iteration` (EG) _node0_, _node1_, _node2_ in case of `count: 3` License ------- diff --git a/roles/openshift_ovirt/defaults/main.yml b/roles/openshift_ovirt/defaults/main.yml index 05b245dd3d8..5270473f7fd 100644 --- a/roles/openshift_ovirt/defaults/main.yml +++ b/roles/openshift_ovirt/defaults/main.yml @@ -6,6 +6,10 @@ wait_for_ip: true openshift_ovirt_cluster: Default template_name: openshift_node +# User must provide those vars: +openshift_ovirt_dns_zone: +openshift_ovirt_ssh_key: + # oVirt VM Profiles openshift_ovirt_vm_profile: master: diff --git a/roles/openshift_ovirt/tasks/build_vm_list.yml b/roles/openshift_ovirt/tasks/build_vm_list.yml index 0b372c3fcdf..c90092b5a28 100644 --- a/roles/openshift_ovirt/tasks/build_vm_list.yml +++ b/roles/openshift_ovirt/tasks/build_vm_list.yml @@ -1,10 +1,14 @@ --- # Creates a dictionary for use with oVirt.vm-infra role # https://github.com/oVirt/ovirt-ansible-vm-infra +# Side note: +# If we have a count: 1 in our vm definition, the name that you put in the proper field will be preserved +# if we have more than 1 a counter will be raised and the vm name will be name + iteration (EG) node0, node1, node2 +# in case of count: 3 - fail: msg: "The openshift_ovirt_dns_zone variable is required." when: - - openshift_ovirt_dns_zone is not defined + - openshift_ovirt_dns_zone is none - name: Create virtual machine list fact set_fact: vms: >- @@ -12,11 +16,58 @@ {% for iter in range(item.count) -%} {% if iter > 0 -%},{% endif -%} { + {% if item.count == 1 -%} + 'name': '{{ item.name }}.{{ openshift_ovirt_dns_zone }}', + {% elif item.count > 1 -%} 'name': '{{ item.name }}{{ iter }}.{{ openshift_ovirt_dns_zone }}', + {% endif -%} 'tag': 'openshift_{{ item.profile }}', + 'description': '{{ item.description | default("") }}', 'cloud_init': { + {% if item.count == 1 -%} + 'host_name': '{{ item.name }}.{{ openshift_ovirt_dns_zone }}', + {% if item.nic_mode is defined -%} + 'nic_boot_protocol': 'static', + 'nic_ip_address': '{{ item["nic_mode"][item["name"]]["nic_ip_address"] }}', + 'nic_netmask': '{{ item["nic_mode"][item["name"]]["nic_netmask"] }}', + 'nic_gateway': '{{ item["nic_mode"][item["name"]]["nic_gateway"] }}', + 'nic_on_boot': {{ item["nic_mode"][item["name"]]["nic_on_boot"] | default(true) | bool }}, + 'nic_name': '{{ item["nic_mode"][item["name"]]["nic_name"] | default("eth0") }}', + {% if item["nic_mode"][item["name"]]["dns_servers"] is defined -%} + 'dns_servers': '{{ item["nic_mode"][item["name"]]["dns_servers"] }}', + 'dns_search': '{{ item["nic_mode"][item["name"]]["dns_search"] }}', + {% endif -%} + {% endif -%} + {% if item.dns_servers is defined -%} + 'dns_servers': '{{ item["dns_servers"] }}', + {% endif -%} + {% if item.dns_search is defined -%} + 'dns_search': '{{ item["dns_search"] }}', + {% endif -%} + {% elif item.count > 1 -%} 'host_name': '{{ item.name }}{{ iter }}.{{ openshift_ovirt_dns_zone }}', + {% if item.nic_mode is defined -%} + 'nic_boot_protocol': 'static', + 'nic_ip_address': '{{ item["nic_mode"][item["name"] + iter | string ]["nic_ip_address"] }}', + 'nic_netmask': '{{ item["nic_mode"][item["name"] + iter | string ]["nic_netmask"] }}', + 'nic_gateway': '{{ item["nic_mode"][item["name"] + iter | string ]["nic_gateway"] }}', + 'nic_on_boot': {{ item["nic_mode"][item["name"] + iter | string ]["nic_on_boot"] | default(true) | bool }}, + 'nic_name': '{{ item["nic_mode"][item["name"] + iter | string ]["nic_name"] | default("eth0") }}', + {% if item["nic_mode"][item["name"] + iter | string ]["dns_servers"] is defined -%} + 'dns_servers': '{{ item["nic_mode"][item["name"] + iter | string ]["dns_servers"] }}', + {% endif -%} + {% if item["nic_mode"][item["name"] + iter | string ]["dns_search"] is defined -%} + 'dns_search': '{{ item["nic_mode"][item["name"] + iter | string ]["dns_search"] }}', + {% endif -%} + {% endif -%} + {% if item.dns_servers is defined -%} + 'dns_servers': '{{ item["dns_servers"] }}', + {% endif -%} + {% if item.dns_search is defined -%} + 'dns_search': '{{ item["dns_search"] }}', + {% endif -%} + {% endif -%} 'authorized_ssh_keys': '{{ openshift_ovirt_ssh_key }}' }, 'profile': {{ openshift_ovirt_vm_profile[ item.profile ] }} , diff --git a/roles/openshift_ovirt/tasks/create_vms.yaml b/roles/openshift_ovirt/tasks/create_vms.yaml new file mode 100644 index 00000000000..a5f0ef55121 --- /dev/null +++ b/roles/openshift_ovirt/tasks/create_vms.yaml @@ -0,0 +1,24 @@ +--- +- debug: + var: vms +- fail: + msg: "The vms fact is not set. Run build_vm_list task from this role" + when: + - vms is none + +- name: check if the template already exists + ovirt_templates_facts: + pattern: "name={{ template_name }} and storage.name={{ openshift_ovirt_data_store }}" + auth: "{{ ovirt_auth }}" + +# Upload the template if it doesn't exist already +- import_role: + name: oVirt.image-template + when: + not ovirt_templates + +- import_role: + name: oVirt.vm-infra +- name: print all created vms that are in the inventory + debug: + var: hostvars diff --git a/roles/openshift_ovirt/tasks/main.yaml b/roles/openshift_ovirt/tasks/main.yaml new file mode 100644 index 00000000000..b0402b0a995 --- /dev/null +++ b/roles/openshift_ovirt/tasks/main.yaml @@ -0,0 +1,4 @@ +--- +- include_tasks: build_vm_list.yaml + +- include_tasks: create_vms.yaml diff --git a/roles/openshift_persistent_volumes/tasks/main.yml b/roles/openshift_persistent_volumes/tasks/main.yml index b5984262349..e1c9b182a37 100644 --- a/roles/openshift_persistent_volumes/tasks/main.yml +++ b/roles/openshift_persistent_volumes/tasks/main.yml @@ -9,23 +9,6 @@ cp /etc/origin/master/admin.kubeconfig {{ mktemp.stdout }}/admin.kubeconfig changed_when: False -- set_fact: - glusterfs_pv: - - name: "{{ openshift_hosted_registry_storage_volume_name }}-glusterfs-volume" - capacity: "{{ openshift_hosted_registry_storage_volume_size }}" - access_modes: "{{ openshift_hosted_registry_storage_access_modes }}" - storage: - glusterfs: - endpoints: "{{ openshift_hosted_registry_storage_glusterfs_endpoints }}" - path: "{{ openshift_hosted_registry_storage_glusterfs_path }}" - readOnly: "{{ openshift_hosted_registry_storage_glusterfs_readOnly }}" - glusterfs_pvc: - - name: "{{ openshift_hosted_registry_storage_volume_name }}-glusterfs-claim" - capacity: "{{ openshift_hosted_registry_storage_volume_size }}" - access_modes: "{{ openshift_hosted_registry_storage_access_modes }}" - storageclass: "" - when: openshift_hosted_registry_storage_glusterfs_swap | default(False) - - name: create standard pv and pvc lists # generate_pv_pvcs_list is a custom action module defined in # roles/lib_utils/action_plugins/generate_pv_pvcs_list.py @@ -34,12 +17,12 @@ - include_tasks: pv.yml vars: - l_extra_persistent_volumes: "{{ openshift_persistent_volume_extras | union(glusterfs_pv) }}" + l_extra_persistent_volumes: "{{ openshift_persistent_volume_extras }}" persistent_volumes: "{{ l_pv_pvcs_list.persistent_volumes | union(l_extra_persistent_volumes) }}" - include_tasks: pvc.yml vars: - l_extra_persistent_volume_claims: "{{ openshift_persistent_volume_claims_extras | union(glusterfs_pvc) }}" + l_extra_persistent_volume_claims: "{{ openshift_persistent_volume_claims_extras }}" persistent_volume_claims: "{{ l_pv_pvcs_list.persistent_volume_claims | union(l_extra_persistent_volume_claims) }}" - name: Delete temp directory diff --git a/roles/openshift_prometheus/OWNERS b/roles/openshift_prometheus/OWNERS deleted file mode 100644 index f2d6cda6206..00000000000 --- a/roles/openshift_prometheus/OWNERS +++ /dev/null @@ -1,10 +0,0 @@ -# approval == this is a good idea /approve -approvers: - - pgier - - simonpasquier - - zgalor -# review == this code is good /lgtm -reviewers: - - pgier - - simonpasquier - - zgalor diff --git a/roles/openshift_prometheus/README.md b/roles/openshift_prometheus/README.md deleted file mode 100644 index 7e9a15a9482..00000000000 --- a/roles/openshift_prometheus/README.md +++ /dev/null @@ -1,109 +0,0 @@ -OpenShift Prometheus -==================== - -OpenShift Prometheus Installation - -Requirements ------------- - - -Role Variables --------------- - -For default values, see [`defaults/main.yaml`](defaults/main.yaml). - -- `openshift_prometheus_state`: present - install/update. absent - uninstall. - -- `openshift_prometheus_node_exporter_install`: true (default) or false - -- `openshift_prometheus_namespace`: project (i.e. namespace) where the components will be - deployed. - -- `openshift_prometheus_node_selector`: Selector for the nodes prometheus will be deployed on. - -- `openshift_prometheus_args`: Modify or add arguments for prometheus application - -- `openshift_prometheus_hostname`: specify the hostname for the route to prometheus `prometheus-{{openshift_prometheus_namespace}}.{{openshift_master_default_subdomain}}` - -- `openshift_prometheus_alerts_hostname`: specify the hostname for the route to prometheus-alerts `prometheus_alerts-{{openshift_prometheus_namespace}}.{{openshift_master_default_subdomain}}` - -e.g -``` -openshift_prometheus_args=['--storage.tsdb.retention=6h', '--query.timeout=2m'] -``` - -## PVC related variables -Each prometheus component (prometheus, alertmanager, alertbuffer) can set pv claim by setting corresponding role variable: -``` -openshift_prometheus__storage_type: (pvc, emptydir) -openshift_prometheus__storage_class: -openshift_prometheus__pvc_(name|size|access_modes|pv_selector): -``` -e.g -``` -openshift_prometheus_storage_type: pvc -openshift_prometheus_storage_class: glusterfs-storage -openshift_prometheus_alertmanager_pvc_name: alertmanager -openshift_prometheus_alertbuffer_pvc_size: 10G -openshift_prometheus_pvc_access_modes: [ReadWriteOnce] -``` - -NOTE: Setting `openshift_prometheus__storage_labels` overrides `openshift_prometheus__pvc_pv_selector` - - -## Additional Alert Rules file variable -An external file with alert rules can be added by setting path to additional rules variable: -``` -openshift_prometheus_additional_rules_file: -``` - -File content should be in prometheus alert rules format. -Following example sets rule to fire an alert when one of the cluster nodes is down: - -``` -groups: -- name: example-rules - interval: 30s # defaults to global interval - rules: - - alert: Node Down - expr: up{job="kubernetes-nodes"} == 0 - annotations: - miqTarget: "ContainerNode" - severity: "HIGH" - message: "{{ '{{' }}{{ '$labels.instance' }}{{ '}}' }} is down" -``` - - -## Additional variables to control resource limits -Each prometheus component (prometheus, alertmanager, alert-buffer, oauth-proxy) can specify a cpu and memory limits and requests by setting -the corresponding role variable: -``` -openshift_prometheus__(memory|cpu)_(limit|requests): -``` -e.g -``` -openshift_prometheus_alertmanager_memory_limit: 1Gi -openshift_prometheus_oath_proxy_cpu_request: 100 -openshift_prometheus_node_exporter_cpu_limit: 200m -``` - -Dependencies ------------- - -openshift_facts - - -Example Playbook ----------------- - -``` -- name: Configure openshift-prometheus - hosts: oo_first_master - roles: - - role: openshift_prometheus -``` - -License -------- - -Apache License, Version 2.0 diff --git a/roles/openshift_prometheus/defaults/main.yaml b/roles/openshift_prometheus/defaults/main.yaml deleted file mode 100644 index ba766c8d83b..00000000000 --- a/roles/openshift_prometheus/defaults/main.yaml +++ /dev/null @@ -1,111 +0,0 @@ ---- -# defaults file for openshift_prometheus -openshift_prometheus_state: present -openshift_prometheus_node_exporter_install: true - -openshift_prometheus_namespace: openshift-metrics - -# Need to standardise these tags -l_openshift_prometheus_version_dict: - origin: - prometheus: 'v2.3.1' - alert_manager: 'v0.15.0' - alert_buffer: 'v0.0.2' - node_exporter: 'v0.16.0' - openshift-enterprise: - prometheus: "{{ openshift_image_tag }}" - alert_manager: "{{ openshift_image_tag }}" - alert_buffer: "{{ openshift_image_tag }}" - node_exporter: "{{ openshift_image_tag }}" - -l_openshift_prometheus_alertmanager_version: "{{ l_openshift_prometheus_version_dict[openshift_deployment_type]['alert_manager'] }}" -l_openshift_prometheus_alertmanager_image: "{{ l_os_non_standard_reg_url | regex_replace('${version}' | regex_escape, l_openshift_prometheus_alertmanager_version) }}" -openshift_prometheus_alertmanager_image: "{{ l_openshift_prometheus_alertmanager_image | regex_replace(l_os_logging_non_standard_reg_search | regex_escape, 'prometheus-alertmanager') }}" - -l_openshift_prometheus_alertbuffer_version: "{{ l_openshift_prometheus_version_dict[openshift_deployment_type]['alert_buffer'] }}" -l_openshift_prometheus_alertbuffer_image: "{{ l_os_non_standard_reg_url | regex_replace('${version}' | regex_escape, l_openshift_prometheus_alertbuffer_version) }}" -openshift_prometheus_alertbuffer_image: "{{ l_openshift_prometheus_alertbuffer_image | regex_replace(l_os_logging_non_standard_reg_search | regex_escape, 'prometheus-alert-buffer') }}" - -l_openshift_prometheus_node_exporter_version: "{{ l_openshift_prometheus_version_dict[openshift_deployment_type]['node_exporter'] }}" -l_openshift_prometheus_node_exporter_image: "{{ l_os_non_standard_reg_url | regex_replace('${version}' | regex_escape, l_openshift_prometheus_node_exporter_version) }}" -openshift_prometheus_node_exporter_image: "{{ l_openshift_prometheus_node_exporter_image | regex_replace(l_os_logging_non_standard_reg_search | regex_escape, 'prometheus-node-exporter') }}" - -l_openshift_prometheus_version: "{{ l_openshift_prometheus_version_dict[openshift_deployment_type]['prometheus'] }}" -l_openshift_prometheus_image: "{{ l_os_non_standard_reg_url | regex_replace('${version}' | regex_escape, l_openshift_prometheus_version) }}" -openshift_prometheus_image: "{{ l_openshift_prometheus_image | regex_replace(l_os_logging_non_standard_reg_search | regex_escape, 'prometheus') }}" - -openshift_prometheus_proxy_image: "{{ l2_os_logging_proxy_image }}" - -# defaults hosts for routes -openshift_prometheus_hostname: prometheus-{{openshift_prometheus_namespace}}.{{openshift_master_default_subdomain}} -openshift_prometheus_alerts_hostname: alerts-{{openshift_prometheus_namespace}}.{{openshift_master_default_subdomain}} -openshift_prometheus_alertmanager_hostname: alertmanager-{{openshift_prometheus_namespace}}.{{openshift_master_default_subdomain}} - -openshift_prometheus_node_selector: "{{ openshift_hosted_infra_selector | default('node-role.kubernetes.io/infra=true') | map_from_pairs }}" - -openshift_prometheus_service_port: 443 -openshift_prometheus_service_targetport: 8443 -openshift_prometheus_service_name: prometheus -openshift_prometheus_reader_serviceaccount_name: prometheus-reader -openshift_prometheus_alerts_service_targetport: 9443 -openshift_prometheus_alerts_service_name: alerts -openshift_prometheus_alertmanager_service_targetport: 10443 -openshift_prometheus_alertmanager_service_name: alertmanager -openshift_prometheus_serviceaccount_annotations: [] -l_openshift_prometheus_serviceaccount_annotations: - - serviceaccounts.openshift.io/oauth-redirectreference.prom='{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"prometheus"}}' - - serviceaccounts.openshift.io/oauth-redirectreference.alerts='{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"alerts"}}' - - serviceaccounts.openshift.io/oauth-redirectreference.alertmanager='{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"alertmanager"}}' - -# additional prometheus rules file -openshift_prometheus_additional_rules_file: null - -#prometheus application arguments -openshift_prometheus_args: ['--storage.tsdb.retention=3d'] - -# storage -# One of ['emptydir', 'pvc'] -openshift_prometheus_storage_type: "emptydir" -openshift_prometheus_pvc_name: prometheus -openshift_prometheus_pvc_size: "{{ openshift_prometheus_storage_volume_size | default('10Gi') }}" -openshift_prometheus_pvc_access_modes: [ReadWriteOnce] -openshift_prometheus_pvc_pv_selector: "{{ openshift_prometheus_storage_labels | default({}) }}" -openshift_prometheus_sc_name: "{{ openshift_prometheus_storage_class | default(None) }}" - -# One of ['emptydir', 'pvc'] -openshift_prometheus_alertmanager_storage_type: "emptydir" -openshift_prometheus_alertmanager_pvc_name: prometheus-alertmanager -openshift_prometheus_alertmanager_pvc_size: "{{ openshift_prometheus_alertmanager_storage_volume_size | default('10Gi') }}" -openshift_prometheus_alertmanager_pvc_access_modes: [ReadWriteOnce] -openshift_prometheus_alertmanager_pvc_pv_selector: "{{ openshift_prometheus_alertmanager_storage_labels | default({}) }}" -openshift_prometheus_alertmanager_sc_name: "{{ openshift_prometheus_alertmanager_storage_class | default(None) }}" - -# One of ['emptydir', 'pvc'] -openshift_prometheus_alertbuffer_storage_type: "emptydir" -openshift_prometheus_alertbuffer_pvc_name: prometheus-alertbuffer -openshift_prometheus_alertbuffer_pvc_size: "{{ openshift_prometheus_alertbuffer_storage_volume_size | default('10Gi') }}" -openshift_prometheus_alertbuffer_pvc_access_modes: [ReadWriteOnce] -openshift_prometheus_alertbuffer_pvc_pv_selector: "{{ openshift_prometheus_alertbuffer_storage_labels | default({}) }}" -openshift_prometheus_alertbuffer_sc_name: "{{ openshift_prometheus_alertbuffer_storage_class | default(None) }}" - -# container resources -openshift_prometheus_cpu_limit: null -openshift_prometheus_memory_limit: null -openshift_prometheus_cpu_requests: null -openshift_prometheus_memory_requests: null -openshift_prometheus_alertmanager_cpu_limit: null -openshift_prometheus_alertmanager_memory_limit: null -openshift_prometheus_alertmanager_cpu_requests: null -openshift_prometheus_alertmanager_memory_requests: null -openshift_prometheus_alertbuffer_cpu_limit: null -openshift_prometheus_alertbuffer_memory_limit: null -openshift_prometheus_alertbuffer_cpu_requests: null -openshift_prometheus_alertbuffer_memory_requests: null -openshift_prometheus_oauth_proxy_cpu_limit: null -openshift_prometheus_oauth_proxy_memory_limit: null -openshift_prometheus_oauth_proxy_cpu_requests: null -openshift_prometheus_oauth_proxy_memory_requests: null -openshift_prometheus_node_exporter_cpu_limit: 200m -openshift_prometheus_node_exporter_memory_limit: 50Mi -openshift_prometheus_node_exporter_cpu_requests: 100m -openshift_prometheus_node_exporter_memory_requests: 30Mi diff --git a/roles/openshift_prometheus/files/node-exporter-template.yaml b/roles/openshift_prometheus/files/node-exporter-template.yaml deleted file mode 100644 index cef02bcbf6a..00000000000 --- a/roles/openshift_prometheus/files/node-exporter-template.yaml +++ /dev/null @@ -1,94 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - name: prometheus-node-exporter - annotations: - openshift.io/display-name: Prometheus Node Exporter - description: Prometheus exporter for node host metrics - iconClass: fa fa-cogs - tags: monitoring,prometheus - openshift.io/support-url: https://access.redhat.com - openshift.io/provider-display-name: Red Hat, Inc. -parameters: -- name: IMAGE - value: openshift/prometheus-node-exporter:v0.16.0 -- name: MEMORY_REQUESTS - value: 30Mi -- name: CPU_REQUESTS - value: 100m -- name: MEMORY_LIMITS - value: 50Mi -- name: CPU_LIMITS - value: 200m -objects: -- apiVersion: v1 - kind: ServiceAccount - metadata: - name: prometheus-node-exporter -- apiVersion: v1 - kind: Service - metadata: - annotations: - prometheus.io/scrape: "true" - labels: - app: prometheus-node-exporter - name: prometheus-node-exporter - spec: - clusterIP: None - ports: - - name: scrape - port: 9102 - protocol: TCP - targetPort: 9102 - selector: - app: prometheus-node-exporter -- apiVersion: extensions/v1beta1 - kind: DaemonSet - metadata: - name: prometheus-node-exporter - labels: - app: prometheus-node-exporter - role: monitoring - spec: - updateStrategy: - type: RollingUpdate - template: - metadata: - labels: - app: prometheus-node-exporter - role: monitoring - name: prometheus-exporter - spec: - serviceAccountName: prometheus-node-exporter - hostNetwork: true - hostPID: true - containers: - - image: ${IMAGE} - name: node-exporter - args: - - --no-collector.wifi - - --web.listen-address=:9102 - ports: - - containerPort: 9102 - name: scrape - resources: - requests: - memory: ${MEMORY_REQUESTS} - cpu: ${CPU_REQUESTS} - limits: - memory: ${MEMORY_LIMITS} - cpu: ${CPU_LIMITS} - volumeMounts: - - name: proc - readOnly: true - mountPath: /host/proc - - name: sys - readOnly: true - mountPath: /host/sys - volumes: - - name: proc - hostPath: - path: /proc - - name: sys - hostPath: - path: /sys diff --git a/roles/openshift_prometheus/meta/main.yaml b/roles/openshift_prometheus/meta/main.yaml deleted file mode 100644 index 529a1c0e702..00000000000 --- a/roles/openshift_prometheus/meta/main.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -galaxy_info: - author: OpenShift Development - description: Deploy OpenShift prometheus integration for the cluster - company: Red Hat, Inc. - license: license (Apache) - min_ansible_version: 2.2 - platforms: - - name: EL - versions: - - 7 - - name: Fedora - versions: - - all - categories: - - openshift -dependencies: -- role: lib_openshift -- role: openshift_facts -- role: lib_utils -- role: openshift_logging_defaults diff --git a/roles/openshift_prometheus/tasks/facts.yaml b/roles/openshift_prometheus/tasks/facts.yaml deleted file mode 100644 index b66edcde62a..00000000000 --- a/roles/openshift_prometheus/tasks/facts.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -# The kubernetes version impacts the prometheus scraping endpoint -# so gathering it before constructing the configmap -- name: get oc version - oc_version: - register: oc_version - -- set_fact: - kubernetes_version: "{{ '%.2f' | format(oc_version.results.kubernetes_short|float) }}" - openshift_prometheus_serviceaccount_annotations: "{{ l_openshift_prometheus_serviceaccount_annotations + openshift_prometheus_serviceaccount_annotations|list }}" diff --git a/roles/openshift_prometheus/tasks/install_node_exporter.yaml b/roles/openshift_prometheus/tasks/install_node_exporter.yaml deleted file mode 100644 index 3b289834142..00000000000 --- a/roles/openshift_prometheus/tasks/install_node_exporter.yaml +++ /dev/null @@ -1,55 +0,0 @@ ---- -# set facts -- include_tasks: facts.yaml - -# namespace -- name: Add prometheus project - oc_project: - state: present - name: "{{ openshift_prometheus_namespace }}" - node_selector: "" - description: Prometheus - -- name: Make temp directory for node exporter template - command: mktemp -d /tmp/prometheus-ansible-XXXXXX - register: mktemp - changed_when: False - -- name: Copy admin client config - command: > - cp {{ openshift.common.config_base }}/master//admin.kubeconfig {{ mktemp.stdout }}/admin.kubeconfig - changed_when: false - -# create clusterrolebinding for prometheus-node-exporter serviceaccount -- name: Set hostaccess SCC for prometheus-node-exporter - oc_adm_policy_user: - state: present - namespace: "{{ openshift_prometheus_namespace }}" - resource_kind: scc - resource_name: hostaccess - user: "system:serviceaccount:{{ openshift_prometheus_namespace }}:prometheus-node-exporter" - -- name: Copy node exporter templates to temp directory - copy: - src: "{{ item }}" - dest: "{{ mktemp.stdout }}/{{ item }}" - with_items: - - "{{ __node_exporter_template_file }}" - -- name: Apply the node exporter template file - shell: > - {{ openshift_client_binary }} process -f "{{ mktemp.stdout }}/{{ __node_exporter_template_file }}" - --param IMAGE="{{ openshift_prometheus_node_exporter_image }}" - --param MEMORY_REQUESTS="{{ openshift_prometheus_node_exporter_memory_requests }}" - --param CPU_REQUESTS="{{ openshift_prometheus_node_exporter_cpu_requests }}" - --param MEMORY_LIMITS="{{ openshift_prometheus_node_exporter_memory_limit }}" - --param CPU_LIMITS="{{ openshift_prometheus_node_exporter_cpu_limit }}" - --config={{ mktemp.stdout }}/admin.kubeconfig - -n "{{ openshift_prometheus_namespace }}" - | {{ openshift_client_binary }} apply --config={{ mktemp.stdout }}/admin.kubeconfig -f - -n "{{ openshift_prometheus_namespace }}" - -- name: Remove temp directory - file: - state: absent - name: "{{ mktemp.stdout }}" - changed_when: False diff --git a/roles/openshift_prometheus/tasks/install_prometheus.yaml b/roles/openshift_prometheus/tasks/install_prometheus.yaml deleted file mode 100644 index f4788ea02c6..00000000000 --- a/roles/openshift_prometheus/tasks/install_prometheus.yaml +++ /dev/null @@ -1,271 +0,0 @@ ---- -# set facts -- include_tasks: facts.yaml - -- name: Ensure that Prometheus has nodes to run on - import_role: - name: openshift_control_plane - tasks_from: ensure_nodes_matching_selector.yml - vars: - openshift_master_ensure_nodes_selector: "{{ openshift_prometheus_node_selector | map_to_pairs }}" - openshift_master_ensure_nodes_service: Prometheus - -# namespace -- name: Add prometheus project - oc_project: - state: present - name: "{{ openshift_prometheus_namespace }}" - node_selector: "" - description: Prometheus - -# secrets -- name: Set alert, alertmanager and prometheus secrets - oc_secret: - state: present - name: "{{ item }}-proxy" - namespace: "{{ openshift_prometheus_namespace }}" - contents: - - path: session_secret - data: "{{ 43 | lib_utils_oo_random_word }}=" - with_items: - - prometheus - - alerts - - alertmanager - -# serviceaccount -- name: create prometheus serviceaccount - oc_serviceaccount: - state: present - name: "{{ openshift_prometheus_service_name }}" - namespace: "{{ openshift_prometheus_namespace }}" - changed_when: no - -# serviceaccount reader -- name: create openshift_prometheus_reader_serviceaccount_name serviceaccount - oc_serviceaccount: - state: present - name: "{{ openshift_prometheus_reader_serviceaccount_name }}" - namespace: "{{ openshift_prometheus_namespace }}" - changed_when: no - -# TODO remove this when annotations are supported by oc_serviceaccount -- name: annotate serviceaccount - command: > - {{ openshift_client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig annotate --overwrite -n {{ openshift_prometheus_namespace }} - serviceaccount {{ openshift_prometheus_service_name }} {{ item }} - with_items: - "{{ openshift_prometheus_serviceaccount_annotations }}" - -# add required permissions to prometheus for scraping router metrics -- name: Create router-metrics cluster role - oc_clusterrole: - state: present - name: router-metrics - rules: - - apiGroups: ["route.openshift.io"] - resources: ["routers/metrics"] - verbs: ["get"] - -# create clusterrolebinding for prometheus serviceaccount -- name: Set clusterrole permissions for prometheus - oc_adm_policy_user: - state: present - namespace: "{{ openshift_prometheus_namespace }}" - resource_kind: cluster-role - resource_name: "{{ item }}" - user: "system:serviceaccount:{{ openshift_prometheus_namespace }}:{{ openshift_prometheus_service_name }}" - with_items: - - cluster-reader - - router-metrics - -# create view role for prometheus-reader serviceaccount -- name: Set view permissions for prometheus reader - oc_adm_policy_user: - state: present - namespace: "{{ openshift_prometheus_namespace }}" - resource_kind: cluster-role - resource_name: view - user: "system:serviceaccount:{{ openshift_prometheus_namespace }}:{{ openshift_prometheus_reader_serviceaccount_name }}" - - -- name: create services for prometheus - oc_service: - name: "{{ openshift_prometheus_service_name }}" - namespace: "{{ openshift_prometheus_namespace }}" - labels: - name: prometheus - annotations: - prometheus.io/scrape: 'true' - prometheus.io/scheme: https - service.alpha.openshift.io/serving-cert-secret-name: prometheus-tls - ports: - - name: prometheus - port: "{{ openshift_prometheus_service_port }}" - targetPort: "{{ openshift_prometheus_service_targetport }}" - protocol: TCP - selector: - app: prometheus - -- name: create services for alert buffer - oc_service: - name: "{{ openshift_prometheus_alerts_service_name }}" - namespace: "{{ openshift_prometheus_namespace }}" - labels: - name: prometheus - annotations: - service.alpha.openshift.io/serving-cert-secret-name: alerts-tls - ports: - - name: prometheus - port: "{{ openshift_prometheus_service_port }}" - targetPort: "{{ openshift_prometheus_alerts_service_targetport }}" - protocol: TCP - selector: - app: prometheus - -- name: create services for alertmanager - oc_service: - name: "{{ openshift_prometheus_alertmanager_service_name }}" - namespace: "{{ openshift_prometheus_namespace }}" - labels: - name: prometheus - annotations: - service.alpha.openshift.io/serving-cert-secret-name: alertmanager-tls - ports: - - name: prometheus - port: "{{ openshift_prometheus_service_port }}" - targetPort: "{{ openshift_prometheus_alertmanager_service_targetport }}" - protocol: TCP - selector: - app: prometheus - -# create prometheus and alerts routes -# TODO: oc_route module should support insecureEdgeTerminationPolicy: Redirect -- name: create prometheus and alerts routes - oc_route: - state: present - name: "{{ item.name }}" - host: "{{ item.host }}" - namespace: "{{ openshift_prometheus_namespace }}" - service_name: "{{ item.name }}" - tls_termination: reencrypt - with_items: - - name: prometheus - host: "{{ openshift_prometheus_hostname }}" - - name: alerts - host: "{{ openshift_prometheus_alerts_hostname }}" - - name: alertmanager - host: "{{ openshift_prometheus_alertmanager_hostname }}" - -# Storage -- name: create prometheus pvc - oc_pvc: - namespace: "{{ openshift_prometheus_namespace }}" - name: "{{ openshift_prometheus_pvc_name }}" - access_modes: "{{ openshift_prometheus_pvc_access_modes }}" - volume_capacity: "{{ openshift_prometheus_pvc_size }}" - selector: "{{ openshift_prometheus_pvc_pv_selector }}" - storage_class_name: "{{ openshift_prometheus_sc_name }}" - when: openshift_prometheus_storage_type == 'pvc' - -- name: create alertmanager pvc - oc_pvc: - namespace: "{{ openshift_prometheus_namespace }}" - name: "{{ openshift_prometheus_alertmanager_pvc_name }}" - access_modes: "{{ openshift_prometheus_alertmanager_pvc_access_modes }}" - volume_capacity: "{{ openshift_prometheus_alertmanager_pvc_size }}" - selector: "{{ openshift_prometheus_alertmanager_pvc_pv_selector }}" - storage_class_name: "{{ openshift_prometheus_alertmanager_sc_name }}" - when: openshift_prometheus_alertmanager_storage_type == 'pvc' - -- name: create alertbuffer pvc - oc_pvc: - namespace: "{{ openshift_prometheus_namespace }}" - name: "{{ openshift_prometheus_alertbuffer_pvc_name }}" - access_modes: "{{ openshift_prometheus_alertbuffer_pvc_access_modes }}" - volume_capacity: "{{ openshift_prometheus_alertbuffer_pvc_size }}" - selector: "{{ openshift_prometheus_alertbuffer_pvc_pv_selector }}" - storage_class_name: "{{ openshift_prometheus_alertbuffer_sc_name }}" - when: openshift_prometheus_alertbuffer_storage_type == 'pvc' - -# prometheus configmap -# Copy the additional rules file if it is defined -- name: Copy additional rules file to host - copy: - src: "{{ openshift_prometheus_additional_rules_file }}" - dest: "{{ tempdir }}/prometheus.additional.rules" - when: - - openshift_prometheus_additional_rules_file is defined - - openshift_prometheus_additional_rules_file is not none - - openshift_prometheus_additional_rules_file | trim | length > 0 - -- stat: - path: "{{ tempdir }}/prometheus.additional.rules" - get_checksum: false - get_attributes: false - get_mime: false - register: additional_rules_stat - -- template: - src: prometheus.yml.j2 - dest: "{{ tempdir }}/prometheus.yml" - changed_when: no - -- template: - src: prometheus.rules.j2 - dest: "{{ tempdir }}/prometheus.rules" - changed_when: no - -# In prometheus configmap create "additional.rules" section if file exists -- name: Set prometheus configmap - oc_configmap: - state: present - name: "prometheus" - namespace: "{{ openshift_prometheus_namespace }}" - from_file: - prometheus.rules: "{{ tempdir }}/prometheus.rules" - prometheus.additional.rules: "{{ tempdir }}/prometheus.additional.rules" - prometheus.yml: "{{ tempdir }}/prometheus.yml" - when: additional_rules_stat.stat.exists == True - -- name: Set prometheus configmap - oc_configmap: - state: present - name: "prometheus" - namespace: "{{ openshift_prometheus_namespace }}" - from_file: - prometheus.rules: "{{ tempdir }}/prometheus.rules" - prometheus.yml: "{{ tempdir }}/prometheus.yml" - when: additional_rules_stat.stat.exists == False - -# alertmanager configmap -- template: - src: alertmanager.yml.j2 - dest: "{{ tempdir }}/alertmanager.yml" - changed_when: no - -- name: Set alertmanager configmap - oc_configmap: - state: present - name: "alertmanager" - namespace: "{{ openshift_prometheus_namespace }}" - from_file: - alertmanager.yml: "{{ tempdir }}/alertmanager.yml" - -# create prometheus stateful set -- name: Set prometheus template - template: - src: prometheus.j2 - dest: "{{ tempdir }}/templates/prometheus.yaml" - vars: - namespace: "{{ openshift_prometheus_namespace }}" -# prom_replicas: "{{ openshift_prometheus_replicas }}" - -- name: Set prometheus stateful set - oc_obj: - state: present - name: "prometheus" - namespace: "{{ openshift_prometheus_namespace }}" - kind: statefulset - files: - - "{{ tempdir }}/templates/prometheus.yaml" - delete_after: true diff --git a/roles/openshift_prometheus/tasks/main.yaml b/roles/openshift_prometheus/tasks/main.yaml deleted file mode 100644 index d5dbef46e4c..00000000000 --- a/roles/openshift_prometheus/tasks/main.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- - -- name: Create temp directory for doing work in on target - command: mktemp -td openshift-prometheus-ansible-XXXXXX - register: mktemp - changed_when: False - -- set_fact: - tempdir: "{{ mktemp.stdout }}" - -- name: Create templates subdirectory - file: - state: directory - path: "{{ tempdir }}/{{ item }}" - mode: 0755 - changed_when: False - with_items: - - templates - -- include_tasks: install_prometheus.yaml - when: openshift_prometheus_state == 'present' - -- include_tasks: uninstall_prometheus.yaml - when: openshift_prometheus_state == 'absent' - -- include_tasks: install_node_exporter.yaml - when: openshift_prometheus_node_exporter_install | default(true) | bool and openshift_prometheus_state == 'present' - -- name: Delete temp directory - file: - name: "{{ tempdir }}" - state: absent - changed_when: False diff --git a/roles/openshift_prometheus/tasks/uninstall_prometheus.yaml b/roles/openshift_prometheus/tasks/uninstall_prometheus.yaml deleted file mode 100644 index baf991bcc9f..00000000000 --- a/roles/openshift_prometheus/tasks/uninstall_prometheus.yaml +++ /dev/null @@ -1,107 +0,0 @@ ---- - -- name: Remove node_exporter daemon set - oc_obj: - state: absent - name: "prometheus-node-exporter" - namespace: "{{ openshift_prometheus_namespace }}" - kind: daemonset - -- name: Remove node_exporter services - oc_service: - state: absent - name: "prometheus-node-exporter" - namespace: "{{ openshift_prometheus_namespace }}" - -- name: Remove prometheus stateful set - oc_obj: - state: absent - name: "prometheus" - namespace: "{{ openshift_prometheus_namespace }}" - kind: statefulset - -- name: Remove prometheus configmaps - oc_configmap: - state: absent - name: "{{ item }}" - namespace: "{{ openshift_prometheus_namespace }}" - with_items: - - "prometheus" - - "alertmanager" - -- name: Remove prometheus PVCs - oc_pvc: - namespace: "{{ openshift_prometheus_namespace }}" - name: "{{ item }}" - state: absent - with_items: - - "{{ openshift_prometheus_pvc_name }}" - - "{{ openshift_prometheus_alertmanager_pvc_name }}" - - "{{ openshift_prometheus_alertbuffer_pvc_name }}" - -- name: Remove prometheus and alerts routes - oc_route: - state: absent - name: "{{ item.name }}" - namespace: "{{ openshift_prometheus_namespace }}" - with_items: - - name: prometheus - - name: alerts - - name: alertmanager - -- name: Remove services for prometheus - oc_service: - state: absent - name: "{{ item }}" - namespace: "{{ openshift_prometheus_namespace }}" - with_items: - - "{{ openshift_prometheus_service_name }}" - - "{{ openshift_prometheus_alertmanager_service_name }}" - - "{{ openshift_prometheus_alerts_service_name }}" - -- name: Remove prometheus secrets - oc_secret: - state: absent - name: "{{ item }}-proxy" - namespace: "{{ openshift_prometheus_namespace }}" - with_items: - - prometheus - - alerts - - alertmanager - -- name: Remove prometheus serviceaccounts - oc_serviceaccount: - state: absent - name: "{{ item }}" - namespace: "{{ openshift_prometheus_namespace }}" - with_items: - - "{{ openshift_prometheus_service_name }}" - - "{{ openshift_prometheus_reader_serviceaccount_name }}" - - prometheus-node-exporter - -# Check for any remaining objects in the namespace -- name: Get all objects in prometheus namespace - oc_obj: - state: list - kind: all - namespace: "{{ openshift_prometheus_namespace }}" - register: __prometheus_namespace_objects - -- name: Set prometheus objects facts - set_fact: - num_prometheus_objects: "{{ __prometheus_namespace_objects['results']['results'][0]['items'] | length }}" - -# If there are no remaining objects then it should be safe to delete -# the clusterrole and the project/namespace -- name: delete router-metrics cluster role - oc_obj: - state: absent - kind: clusterrole - name: router-metrics - when: num_prometheus_objects | int == 0 - -- name: Remove prometheus project - oc_project: - state: absent - name: "{{ openshift_prometheus_namespace }}" - when: num_prometheus_objects | int == 0 diff --git a/roles/openshift_prometheus/templates/alertmanager.yml.j2 b/roles/openshift_prometheus/templates/alertmanager.yml.j2 deleted file mode 100644 index 6c432a3d086..00000000000 --- a/roles/openshift_prometheus/templates/alertmanager.yml.j2 +++ /dev/null @@ -1,20 +0,0 @@ -global: - -# The root route on which each incoming alert enters. -route: - # default route if none match - receiver: alert-buffer-wh - - # The labels by which incoming alerts are grouped together. For example, - # multiple alerts coming in for cluster=A and alertname=LatencyHigh would - # be batched into a single group. - # TODO: - group_by: [] - - # All the above attributes are inherited by all child routes and can - # overwritten on each. - -receivers: -- name: alert-buffer-wh - webhook_configs: - - url: http://localhost:9099/topics/alerts diff --git a/roles/openshift_prometheus/templates/prometheus.j2 b/roles/openshift_prometheus/templates/prometheus.j2 deleted file mode 100644 index 0fb3c53b918..00000000000 --- a/roles/openshift_prometheus/templates/prometheus.j2 +++ /dev/null @@ -1,309 +0,0 @@ -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - name: prometheus - namespace: {{ namespace }} - labels: - app: prometheus -spec: - updateStrategy: - type: RollingUpdate - podManagementPolicy: Parallel - selector: - provider: openshift - matchLabels: - app: prometheus - template: - metadata: - name: prometheus - labels: - app: prometheus - spec: - serviceAccountName: "{{ openshift_prometheus_service_name }}" -{% if openshift_prometheus_node_selector is iterable and openshift_prometheus_node_selector | length > 0 %} - nodeSelector: -{% for key, value in openshift_prometheus_node_selector.items() %} - {{ key }}: "{{ value }}" -{% endfor %} -{% endif %} - containers: - # Deploy Prometheus behind an oauth proxy - - name: prom-proxy - image: "{{ openshift_prometheus_proxy_image }}" - imagePullPolicy: IfNotPresent - resources: - requests: -{% if openshift_prometheus_oauth_proxy_memory_requests is defined and openshift_prometheus_oauth_proxy_memory_requests is not none %} - memory: "{{ openshift_prometheus_oauth_proxy_memory_requests }}" -{% endif %} -{% if openshift_prometheus_oauth_proxy_cpu_requests is defined and openshift_prometheus_oauth_proxy_cpu_requests is not none %} - cpu: "{{ openshift_prometheus_oauth_proxy_cpu_requests }}" -{% endif %} - limits: -{% if openshift_prometheus_oauth_proxy_memory_limit is defined and openshift_prometheus_oauth_proxy_memory_limit is not none %} - memory: "{{ openshift_prometheus_oauth_proxy_memory_limit }}" -{% endif %} -{% if openshift_prometheus_oauth_proxy_cpu_limit is defined and openshift_prometheus_oauth_proxy_cpu_limit is not none %} - cpu: "{{ openshift_prometheus_oauth_proxy_cpu_limit }}" -{% endif %} - ports: - - containerPort: {{ openshift_prometheus_service_targetport }} - name: web - args: - - -provider=openshift - - -https-address=:{{ openshift_prometheus_service_targetport }} - - -http-address= - - -email-domain=* - - -upstream=http://localhost:9090 - - -client-id=system:serviceaccount:{{ namespace }}:{{ openshift_prometheus_service_name }} - - '-openshift-sar={"resource": "namespaces", "verb": "get", "resourceName": "{{ namespace }}", "namespace": "{{ namespace }}"}' - - '-openshift-delegate-urls={"/": {"resource": "namespaces", "verb": "get", "resourceName": "{{ namespace }}", "namespace": "{{ namespace }}"}}' - - -tls-cert=/etc/tls/private/tls.crt - - -tls-key=/etc/tls/private/tls.key - - -client-secret-file=/var/run/secrets/kubernetes.io/serviceaccount/token - - -cookie-secret-file=/etc/proxy/secrets/session_secret - - -openshift-ca=/etc/pki/tls/cert.pem - - -openshift-ca=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt - - -skip-auth-regex=^/metrics - volumeMounts: - - mountPath: /etc/tls/private - name: prometheus-tls-secret - - mountPath: /etc/proxy/secrets - name: prometheus-proxy-secret - - mountPath: /prometheus - name: prometheus-data - - - name: prometheus - args: -{% for arg in openshift_prometheus_args %} - - {{ arg }} -{% endfor %} - - --config.file=/etc/prometheus/prometheus.yml - - --web.listen-address=localhost:9090 - - --web.external-url=https://{{ openshift_prometheus_hostname }} - image: "{{ openshift_prometheus_image }}" - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - /bin/bash - - -c - - |- - set -euo pipefail; - touch /tmp/prometheusconfig.hash; - if [[ $(find /etc/prometheus -type f | sort | xargs md5sum | md5sum) != $(cat /tmp/prometheusconfig.hash) ]]; then - find /etc/prometheus -type f | sort | xargs md5sum | md5sum > /tmp/prometheusconfig.hash; - kill -HUP 1; - fi - initialDelaySeconds: 60 - periodSeconds: 60 - resources: - requests: -{% if openshift_prometheus_memory_requests is defined and openshift_prometheus_memory_requests is not none %} - memory: "{{ openshift_prometheus_memory_requests }}" -{% endif %} -{% if openshift_prometheus_cpu_requests is defined and openshift_prometheus_cpu_requests is not none %} - cpu: "{{ openshift_prometheus_cpu_requests }}" -{% endif %} - limits: -{% if openshift_prometheus_memory_limit is defined and openshift_prometheus_memory_limit is not none %} - memory: "{{ openshift_prometheus_memory_limit }}" -{% endif %} -{% if openshift_prometheus_cpu_limit is defined and openshift_prometheus_cpu_limit is not none %} - cpu: "{{ openshift_prometheus_cpu_limit }}" -{% endif %} - - volumeMounts: - - mountPath: /etc/prometheus - name: prometheus-config - - mountPath: /prometheus - name: prometheus-data - - # Deploy alert-buffer behind oauth alerts-proxy - - name: alerts-proxy - image: "{{ openshift_prometheus_proxy_image }}" - imagePullPolicy: IfNotPresent - resources: - requests: -{% if openshift_prometheus_oauth_proxy_memory_requests is defined and openshift_prometheus_oauth_proxy_memory_requests is not none %} - memory: "{{ openshift_prometheus_oauth_proxy_memory_requests }}" -{% endif %} -{% if openshift_prometheus_oauth_proxy_cpu_requests is defined and openshift_prometheus_oauth_proxy_cpu_requests is not none %} - cpu: "{{ openshift_prometheus_oauth_proxy_cpu_requests }}" -{% endif %} - limits: -{% if openshift_prometheus_oauth_proxy_memory_limit is defined and openshift_prometheus_oauth_proxy_memory_limit is not none %} - memory: "{{ openshift_prometheus_oauth_proxy_memory_limit }}" -{% endif %} -{% if openshift_prometheus_oauth_proxy_cpu_limit is defined and openshift_prometheus_oauth_proxy_cpu_limit is not none %} - cpu: "{{ openshift_prometheus_oauth_proxy_cpu_limit }}" -{% endif %} - ports: - - containerPort: {{ openshift_prometheus_alerts_service_targetport }} - name: web - args: - - -provider=openshift - - -https-address=:{{ openshift_prometheus_alerts_service_targetport }} - - -http-address= - - -email-domain=* - - -upstream=http://localhost:9099 - - -client-id=system:serviceaccount:{{ namespace }}:{{ openshift_prometheus_service_name }} - - '-openshift-sar={"resource": "namespaces", "verb": "get", "resourceName": "{{ namespace }}", "namespace": "{{ namespace }}"}' - - '-openshift-delegate-urls={"/": {"resource": "namespaces", "verb": "get", "resourceName": "{{ namespace }}", "namespace": "{{ namespace }}"}}' - - -tls-cert=/etc/tls/private/tls.crt - - -tls-key=/etc/tls/private/tls.key - - -client-secret-file=/var/run/secrets/kubernetes.io/serviceaccount/token - - -cookie-secret-file=/etc/proxy/secrets/session_secret - - -openshift-ca=/etc/pki/tls/cert.pem - - -openshift-ca=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt - - -skip-auth-regex=^/metrics - volumeMounts: - - mountPath: /etc/tls/private - name: alerts-tls-secret - - mountPath: /etc/proxy/secrets - name: alerts-proxy-secret - - - name: alert-buffer - args: - - --storage-path=/alert-buffer/messages.db - image: "{{ openshift_prometheus_alertbuffer_image }}" - imagePullPolicy: IfNotPresent - resources: - requests: -{% if openshift_prometheus_alertbuffer_memory_requests is defined and openshift_prometheus_alertbuffer_memory_requests is not none %} - memory: "{{ openshift_prometheus_alertbuffer_memory_requests }}" -{% endif %} -{% if openshift_prometheus_alertbuffer_cpu_requests is defined and openshift_prometheus_alertbuffer_cpu_requests is not none %} - cpu: "{{ openshift_prometheus_alertbuffer_cpu_requests }}" -{% endif %} - limits: -{% if openshift_prometheus_alertbuffer_memory_limit is defined and openshift_prometheus_alertbuffer_memory_limit is not none %} - memory: "{{ openshift_prometheus_alertbuffer_memory_limit }}" -{% endif %} -{% if openshift_prometheus_alertbuffer_cpu_limit is defined and openshift_prometheus_alertbuffer_cpu_limit is not none %} - cpu: "{{ openshift_prometheus_alertbuffer_cpu_limit }}" -{% endif %} - volumeMounts: - - mountPath: /alert-buffer - name: alerts-data - - # Deploy alertmanager behind oauth alertmanager-proxy - - name: alertmanager-proxy - image: "{{ openshift_prometheus_proxy_image }}" - imagePullPolicy: IfNotPresent - requests: -{% if openshift_prometheus_oauth_proxy_memory_requests is defined and openshift_prometheus_oauth_proxy_memory_requests is not none %} - memory: "{{ openshift_prometheus_oauth_proxy_memory_requests }}" -{% endif %} -{% if openshift_prometheus_oauth_proxy_cpu_requests is defined and openshift_prometheus_oauth_proxy_cpu_requests is not none %} - cpu: "{{ openshift_prometheus_oauth_proxy_cpu_requests }}" -{% endif %} - limits: -{% if openshift_prometheus_oauth_proxy_memory_limit is defined and openshift_prometheus_oauth_proxy_memory_limit is not none %} - memory: "{{ openshift_prometheus_oauth_proxy_memory_limit }}" -{% endif %} -{% if openshift_prometheus_oauth_proxy_cpu_limit is defined and openshift_prometheus_oauth_proxy_cpu_limit is not none %} - cpu: "{{ openshift_prometheus_oauth_proxy_cpu_limit }}" -{% endif %} - ports: - - containerPort: {{ openshift_prometheus_alertmanager_service_targetport }} - name: web - args: - - -provider=openshift - - -https-address=:{{ openshift_prometheus_alertmanager_service_targetport }} - - -http-address= - - -email-domain=* - - -upstream=http://localhost:9093 - - -client-id=system:serviceaccount:{{ namespace }}:{{ openshift_prometheus_service_name }} - - -openshift-ca=/etc/pki/tls/cert.pem - - -openshift-ca=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt - - '-openshift-sar={"resource": "namespaces", "verb": "get", "resourceName": "{{ namespace }}", "namespace": "{{ namespace }}"}' - - '-openshift-delegate-urls={"/": {"resource": "namespaces", "verb": "get", "resourceName": "{{ namespace }}", "namespace": "{{ namespace }}"}}' - - -tls-cert=/etc/tls/private/tls.crt - - -tls-key=/etc/tls/private/tls.key - - -client-secret-file=/var/run/secrets/kubernetes.io/serviceaccount/token - - -cookie-secret-file=/etc/proxy/secrets/session_secret - - -skip-auth-regex=^/metrics - volumeMounts: - - mountPath: /etc/tls/private - name: alertmanager-tls-secret - - mountPath: /etc/proxy/secrets - name: alertmanager-proxy-secret - - - name: alertmanager - args: - - --config.file=/etc/alertmanager/alertmanager.yml - - --web.external-url=https://{{ openshift_prometheus_alertmanager_hostname }} - image: "{{ openshift_prometheus_alertmanager_image }}" - imagePullPolicy: IfNotPresent - resources: - requests: -{% if openshift_prometheus_alertmanager_memory_requests is defined and openshift_prometheus_alertmanager_memory_requests is not none %} - memory: "{{ openshift_prometheus_alertmanager_memory_requests }}" -{% endif %} -{% if openshift_prometheus_alertmanager_cpu_requests is defined and openshift_prometheus_alertmanager_cpu_requests is not none %} - cpu: "{{ openshift_prometheus_alertmanager_cpu_requests }}" -{% endif %} - limits: -{% if openshift_prometheus_alertmanager_memory_limit is defined and openshift_prometheus_alertmanager_memory_limit is not none %} - memory: "{{ openshift_prometheus_alertmanager_memory_limit }}" -{% endif %} -{% if openshift_prometheus_alertmanager_cpu_limit is defined and openshift_prometheus_alertmanager_cpu_limit is not none %} - cpu: "{{ openshift_prometheus_alertmanager_cpu_limit }}" -{% endif %} - volumeMounts: - - mountPath: /etc/alertmanager - name: alertmanager-config - - mountPath: /alertmanager - name: alertmanager-data - - restartPolicy: Always - volumes: - - - name: prometheus-config - configMap: - defaultMode: 420 - name: prometheus - - name: prometheus-proxy-secret - secret: - secretName: prometheus-proxy - - name: prometheus-tls-secret - secret: - secretName: prometheus-tls - - name: prometheus-data -{% if openshift_prometheus_storage_type == 'pvc' %} - persistentVolumeClaim: - claimName: {{ openshift_prometheus_pvc_name }} -{% else %} - emptydir: {} -{% endif %} - - name: alertmanager-config - configMap: - defaultMode: 420 - name: alertmanager - - name: alertmanager-proxy-secret - secret: - secretName: alertmanager-proxy - - name: alertmanager-tls-secret - secret: - secretName: alertmanager-tls - - name: alerts-tls-secret - secret: - secretName: alerts-tls - - name: alerts-proxy-secret - secret: - secretName: alerts-proxy - - name: alertmanager-data -{% if openshift_prometheus_alertmanager_storage_type == 'pvc' %} - persistentVolumeClaim: - claimName: {{ openshift_prometheus_alertmanager_pvc_name }} -{% else %} - emptydir: {} -{% endif %} - - name: alerts-data -{% if openshift_prometheus_alertbuffer_storage_type == 'pvc' %} - persistentVolumeClaim: - claimName: {{ openshift_prometheus_alertbuffer_pvc_name }} -{% else %} - emptydir: {} -{% endif %} diff --git a/roles/openshift_prometheus/templates/prometheus.rules.j2 b/roles/openshift_prometheus/templates/prometheus.rules.j2 deleted file mode 100644 index e861dc12741..00000000000 --- a/roles/openshift_prometheus/templates/prometheus.rules.j2 +++ /dev/null @@ -1,4 +0,0 @@ -groups: -- name: example-rules - interval: 30s # defaults to global interval - rules: diff --git a/roles/openshift_prometheus/templates/prometheus.yml.j2 b/roles/openshift_prometheus/templates/prometheus.yml.j2 deleted file mode 100644 index dfa52e95e7e..00000000000 --- a/roles/openshift_prometheus/templates/prometheus.yml.j2 +++ /dev/null @@ -1,323 +0,0 @@ -rule_files: - - '*.rules' - -# A scrape configuration for running Prometheus on a Kubernetes cluster. -# This uses separate scrape configs for cluster components (i.e. API server, node) -# and services to allow each to use different authentication configs. -# -# Kubernetes labels will be added as Prometheus labels on metrics via the -# `labelmap` relabeling action. - -# Scrape config for API servers. -# -# Kubernetes exposes API servers as endpoints to the default/kubernetes -# service so this uses `endpoints` role and uses relabelling to only keep -# the endpoints associated with the default/kubernetes service using the -# default named port `https`. This works for single API server deployments as -# well as HA API server deployments. -scrape_configs: -- job_name: 'kubernetes-apiservers' - - kubernetes_sd_configs: - - role: endpoints - namespaces: - names: - - default - - scheme: https - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - - # Keep only the default/kubernetes service endpoints for the https port. This - # will add targets for each API server which Kubernetes adds an endpoint to - # the default/kubernetes service. - relabel_configs: - - source_labels: [__meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name] - action: keep - regex: kubernetes;https - -# Scrape config for controllers. -# -# Each master node exposes a /metrics endpoint on :8444 that contains operational metrics for -# the controllers. -# -- job_name: 'kubernetes-controllers' - - scheme: https - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - - kubernetes_sd_configs: - - role: endpoints - namespaces: - names: - - default - - # Keep only the default/kubernetes service endpoints for the https port, and then - # set the port to 8444. This is the default configuration for the controllers on OpenShift - # masters. - relabel_configs: - - source_labels: [__meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name] - action: keep - regex: kubernetes;https - - source_labels: [__address__] - action: replace - target_label: __address__ - regex: (.+)(?::\d+) - replacement: $1:8444 - -# Scrape config for nodes. -# -# Each node exposes a /metrics endpoint that contains operational metrics for -# the Kubelet and other components. -- job_name: 'kubernetes-nodes' - scheme: https - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - kubernetes_sd_configs: - - role: node - # Drop a very high cardinality metric that is incorrect in 3.7. It will be - # fixed in 3.9. - metric_relabel_configs: - - source_labels: [__name__] - action: drop - regex: 'openshift_sdn_pod_(setup|teardown)_latency(.*)' - relabel_configs: - - action: labelmap - regex: __meta_kubernetes_node_label_(.+) - -# Scrape config for cAdvisor. -# -# Beginning in Kube 1.7, each node exposes a /metrics/cadvisor endpoint that -# reports container metrics for each running pod. Scrape those by default. -- job_name: 'kubernetes-cadvisor' - - scheme: https - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - - metrics_path: /metrics/cadvisor - - kubernetes_sd_configs: - - role: node - - # Exclude a set of high cardinality metrics that can contribute to significant - # memory use in large clusters. These can be selectively enabled as necessary - # for medium or small clusters. - metric_relabel_configs: - - source_labels: [__name__] - action: drop - regex: 'container_(cpu_user_seconds_total|cpu_cfs_periods_total|memory_usage_bytes|memory_swap|memory_cache|last_seen|fs_(read_seconds_total|write_seconds_total|sector_(.*)|io_(.*)|reads_merged_total|writes_merged_total)|tasks_state|memory_failcnt|memory_failures_total|spec_memory_swap_limit_bytes|fs_(.*)_bytes_total|spec_(.*))' - - relabel_configs: - - action: labelmap - regex: __meta_kubernetes_node_label_(.+) - -# Scrape config for service endpoints. -# -# The relabeling allows the actual service scrape endpoint to be configured -# via the following annotations: -# -# * `prometheus.io/scrape`: Only scrape services that have a value of `true` -# * `prometheus.io/scheme`: If the metrics endpoint is secured then you will need -# to set this to `https` & most likely set the `tls_config` of the scrape config. -# * `prometheus.io/path`: If the metrics path is not `/metrics` override this. -# * `prometheus.io/port`: If the metrics are exposed on a different port to the -# service then set this appropriately. -- job_name: 'kubernetes-service-endpoints' - - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - # TODO: this should be per target - insecure_skip_verify: true - - kubernetes_sd_configs: - - role: endpoints - - relabel_configs: - # only scrape infrastructure components - - source_labels: [__meta_kubernetes_namespace] - action: keep - regex: 'default|metrics|kube-.+|openshift|openshift-.+' - # drop logging components managed by other scrape targets - - source_labels: [__meta_kubernetes_namespace] - action: drop - regex: '{{ openshift_logging_namespace | default('openshift-logging') }}' - # drop infrastructure components managed by other scrape targets - - source_labels: [__meta_kubernetes_service_name] - action: drop - regex: 'prometheus-node-exporter' - # only those that have requested scraping - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape] - action: keep - regex: true - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme] - action: replace - target_label: __scheme__ - regex: (https?) - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path] - action: replace - target_label: __metrics_path__ - regex: (.+) - - source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port] - action: replace - target_label: __address__ - regex: (.+)(?::\d+);(\d+) - replacement: $1:$2 - - action: labelmap - regex: __meta_kubernetes_service_label_(.+) - - source_labels: [__meta_kubernetes_namespace] - action: replace - target_label: kubernetes_namespace - - source_labels: [__meta_kubernetes_service_name] - action: replace - target_label: kubernetes_name - -# Scrape logging endpoints. -# -# The relabeling allows the actual service scrape endpoint to be configured -# via the following annotations: -# -# * `prometheus.io/scrape`: Only scrape services that have a value of `true` -# * `prometheus.io/scheme`: If the metrics endpoint is secured then you will need -# to set this to `https` & most likely set the `tls_config` of the scrape config. -# * `prometheus.io/path`: If the metrics path is not `/metrics` override this. -# * `prometheus.io/port`: If the metrics are exposed on a different port to the -# service then set this appropriately. -- job_name: 'kubernetes-logging-service-endpoints' - - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - insecure_skip_verify: true - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - - kubernetes_sd_configs: - - role: endpoints - namespaces: - names: - - '{{ openshift_logging_namespace | default('openshift-logging') }}' - - relabel_configs: - # drop infrastructure components managed by other scrape targets - - source_labels: [__meta_kubernetes_service_name] - action: drop - regex: 'prometheus-node-exporter' - # only those that have requested scraping - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape] - action: keep - regex: true - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme] - action: replace - target_label: __scheme__ - regex: (https?) - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path] - action: replace - target_label: __metrics_path__ - regex: (.+) - - source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port] - action: replace - target_label: __address__ - regex: (.+)(?::\d+);(\d+) - replacement: $1:$2 - - action: labelmap - regex: __meta_kubernetes_service_label_(.+) - - source_labels: [__meta_kubernetes_namespace] - action: replace - target_label: kubernetes_namespace - - source_labels: [__meta_kubernetes_service_name] - action: replace - target_label: kubernetes_name - -# Scrape config for node-exporter, which is expected to be running on port 9102. -- job_name: 'kubernetes-nodes-exporter' - - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - - kubernetes_sd_configs: - - role: node - - metric_relabel_configs: - - source_labels: [__name__] - action: drop - regex: 'node_cpu|node_(disk|scrape_collector)_.+' - # preserve a subset of the network, netstat, vmstat, and filesystem series - - source_labels: [__name__] - action: replace - regex: '(node_(netstat_Ip_.+|vmstat_(nr|thp)_.+|filesystem_(free|size|device_error)|network_(transmit|receive)_(drop|errs)))' - target_label: __name__ - replacement: renamed_$1 - - source_labels: [__name__] - action: drop - regex: 'node_(netstat|vmstat|filesystem|network)_.+' - - source_labels: [__name__] - action: replace - regex: 'renamed_(.+)' - target_label: __name__ - replacement: $1 - # drop any partial expensive series - - source_labels: [__name__, device] - action: drop - regex: 'node_network_.+;veth.+' - - source_labels: [__name__, mountpoint] - action: drop - regex: 'node_filesystem_(free|size|device_error);([^/].*|/.+)' - - relabel_configs: - - source_labels: [__address__] - regex: '(.*):10250' - replacement: '${1}:9102' - target_label: __address__ - - source_labels: [__meta_kubernetes_node_label_kubernetes_io_hostname] - target_label: __instance__ - - action: labelmap - regex: __meta_kubernetes_node_label_(.+) - -# Scrape config for the template service broker -- job_name: 'openshift-template-service-broker' - scheme: https - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt - server_name: apiserver.openshift-template-service-broker.svc - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - - kubernetes_sd_configs: - - role: endpoints - namespaces: - names: - - openshift-template-service-broker - - relabel_configs: - - source_labels: [__meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name] - action: keep - regex: apiserver;https - -# Scrape config for the router -- job_name: 'openshift-router' - scheme: https - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt - server_name: router.default.svc - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - - kubernetes_sd_configs: - - role: endpoints - namespaces: - names: - - default - - relabel_configs: - - source_labels: [__meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name] - action: keep - regex: router;1936-tcp - -alerting: - alertmanagers: - - scheme: http - static_configs: - - targets: - - "localhost:9093" diff --git a/roles/openshift_prometheus/tests/inventory b/roles/openshift_prometheus/tests/inventory deleted file mode 100644 index 878877b0776..00000000000 --- a/roles/openshift_prometheus/tests/inventory +++ /dev/null @@ -1,2 +0,0 @@ -localhost - diff --git a/roles/openshift_prometheus/tests/test.yaml b/roles/openshift_prometheus/tests/test.yaml deleted file mode 100644 index 37baf573ce0..00000000000 --- a/roles/openshift_prometheus/tests/test.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: localhost - remote_user: root - roles: - - openshift_prometheus diff --git a/roles/openshift_prometheus/vars/main.yml b/roles/openshift_prometheus/vars/main.yml deleted file mode 100644 index c60f4ffb1f3..00000000000 --- a/roles/openshift_prometheus/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -__node_exporter_template_file: "node-exporter-template.yaml" diff --git a/roles/openshift_repos/tasks/centos_repos.yml b/roles/openshift_repos/tasks/centos_repos.yml index c19cc987bbb..b7fcad60a9b 100644 --- a/roles/openshift_repos/tasks/centos_repos.yml +++ b/roles/openshift_repos/tasks/centos_repos.yml @@ -19,6 +19,6 @@ src: "{{ item }}" dest: "/etc/yum.repos.d/{{ (item | basename | splitext)[0] }}" with_first_found: - - "CentOS-OpenShift-Origin{{ ((openshift_version | default('')).split('.') | join(''))[0:2] }}.repo.j2" + - "CentOS-OpenShift-Origin{{ ((openshift_version | default('')).split('.')[0:2] | join('')) }}.repo.j2" - "CentOS-OpenShift-Origin.repo.j2" notify: refresh cache diff --git a/roles/openshift_repos/tasks/main.yaml b/roles/openshift_repos/tasks/main.yaml index dc4cdb1e879..089bc4198a5 100644 --- a/roles/openshift_repos/tasks/main.yaml +++ b/roles/openshift_repos/tasks/main.yaml @@ -1,63 +1,61 @@ --- -- when: not (openshift_is_atomic | default(False)) +# TODO: This needs to be removed and placed into a role +- name: Ensure libselinux-python is installed + package: + name: libselinux-python + state: present + register: result + until: result is succeeded + +- name: Remove openshift_additional.repo file + file: + dest: /etc/yum.repos.d/openshift_additional.repo + state: absent + +- name: Create any additional repos that are defined + yum_repository: + description: "{{ item.description | default(item.name | default(item.id)) }}" + name: "{{ item.name | default(item.id) }}" + baseurl: "{{ item.baseurl }}" + gpgkey: "{{ item.gpgkey | default(omit)}}" + gpgcheck: "{{ item.gpgcheck | default(1) }}" + sslverify: "{{ item.sslverify | default(1) }}" + sslclientkey: "{{ item.sslclientkey | default(omit) }}" + sslclientcert: "{{ item.sslclientcert | default(omit) }}" + sslcacert: "{{ item.sslcacert | default(omit) }}" + file: "{{ item.name }}" + enabled: "{{ item.enabled | default('no')}}" + with_items: "{{ openshift_additional_repos }}" + when: openshift_additional_repos | length > 0 + notify: refresh cache + +# Singleton block +- when: r_openshift_repos_has_run is not defined block: - # TODO: This needs to be removed and placed into a role - - name: Ensure libselinux-python is installed - package: - name: libselinux-python - state: present - register: result - until: result is succeeded - - name: Remove openshift_additional.repo file - file: - dest: /etc/yum.repos.d/openshift_additional.repo - state: absent - - - name: Create any additional repos that are defined - yum_repository: - description: "{{ item.description | default(item.name | default(item.id)) }}" - name: "{{ item.name | default(item.id) }}" - baseurl: "{{ item.baseurl }}" - gpgkey: "{{ item.gpgkey | default(omit)}}" - gpgcheck: "{{ item.gpgcheck | default(1) }}" - sslverify: "{{ item.sslverify | default(1) }}" - sslclientkey: "{{ item.sslclientkey | default(omit) }}" - sslclientcert: "{{ item.sslclientcert | default(omit) }}" - sslcacert: "{{ item.sslcacert | default(omit) }}" - file: "{{ item.name }}" - enabled: "{{ item.enabled | default('no')}}" - with_items: "{{ openshift_additional_repos }}" - when: openshift_additional_repos | length > 0 + - include_tasks: rhel_repos.yml + when: + - ansible_distribution == 'RedHat' + - openshift_deployment_type == 'openshift-enterprise' + - (rhsub_user is defined and rhsub_pass is defined) or (rhsub_ak is defined and rhsub_orgid is defined) + + - include_tasks: centos_repos.yml + when: + - ansible_os_family == "RedHat" + - ansible_distribution != "Fedora" + - openshift_deployment_type == 'origin' + - openshift_enable_origin_repo | default(true) | bool + + - name: Ensure clean repo cache in the event repos have been changed manually + debug: + msg: "First run of openshift_repos" + changed_when: true notify: refresh cache - # Singleton block - - when: r_openshift_repos_has_run is not defined - block: - - - include_tasks: rhel_repos.yml - when: - - ansible_distribution == 'RedHat' - - openshift_deployment_type == 'openshift-enterprise' - - (rhsub_user is defined and rhsub_pass is defined) or (rhsub_ak is defined and rhsub_orgid is defined) - - - include_tasks: centos_repos.yml - when: - - ansible_os_family == "RedHat" - - ansible_distribution != "Fedora" - - openshift_deployment_type == 'origin' - - openshift_enable_origin_repo | default(true) | bool - - - name: Ensure clean repo cache in the event repos have been changed manually - debug: - msg: "First run of openshift_repos" - changed_when: true - notify: refresh cache - - - name: Record that openshift_repos already ran - set_fact: - r_openshift_repos_has_run: True + - name: Record that openshift_repos already ran + set_fact: + r_openshift_repos_has_run: True # Force running ALL handlers now, because we expect repo cache to be cleared # if changes have been made. diff --git a/roles/openshift_sanitize_inventory/tasks/unsupported.yml b/roles/openshift_sanitize_inventory/tasks/unsupported.yml index 064cdf66597..865e698d5d0 100644 --- a/roles/openshift_sanitize_inventory/tasks/unsupported.yml +++ b/roles/openshift_sanitize_inventory/tasks/unsupported.yml @@ -48,3 +48,13 @@ msg: |- Configuring a value for openshift_hosted_registry_storage_kind=glusterfs without a any glusterfs option is not allowed. Specify either openshift_hosted_registry_storage_glusterfs_ips variable or glusterfs, glusterfs_registry host groups. + +#if the user is trying to install the deprecated prometheus stack +- name: Check for deprecated prometheus/grafana install + when: + - (openshift_hosted_prometheus_deploy | default(false) | bool) or + (openshift_hosted_grafana_deploy | default(false) | bool) + fail: + msg: |- + The inventory variables 'openshift_hosted_prometheus_deploy' and 'openshift_hosted_grafana_deploy' are no longer used. + See roles/openshift_cluster_monitoring_operator/README.md for information about installing Prometheus and related monitoring components. diff --git a/roles/openshift_sdn/files/sdn-ovs.yaml b/roles/openshift_sdn/files/sdn-ovs.yaml index 1c3d6485f89..d74744c1618 100644 --- a/roles/openshift_sdn/files/sdn-ovs.yaml +++ b/roles/openshift_sdn/files/sdn-ovs.yaml @@ -63,16 +63,17 @@ spec: exit 0 } trap quit SIGTERM - /usr/share/openvswitch/scripts/ovs-ctl start --system-id=random + /usr/share/openvswitch/scripts/ovs-ctl start --no-ovs-vswitchd --system-id=random # Restrict the number of pthreads ovs-vswitchd creates to reduce the # amount of RSS it uses on hosts with many cores # https://bugzilla.redhat.com/show_bug.cgi?id=1571379 # https://bugzilla.redhat.com/show_bug.cgi?id=1572797 if [[ `nproc` -gt 12 ]]; then - ovs-vsctl set Open_vSwitch . other_config:n-revalidator-threads=4 - ovs-vsctl set Open_vSwitch . other_config:n-handler-threads=10 + ovs-vsctl --no-wait set Open_vSwitch . other_config:n-revalidator-threads=4 + ovs-vsctl --no-wait set Open_vSwitch . other_config:n-handler-threads=10 fi + /usr/share/openvswitch/scripts/ovs-ctl start --no-ovsdb-server --system-id=random while true; do sleep 5; done securityContext: runAsUser: 0 diff --git a/roles/openshift_sdn/files/sdn.yaml b/roles/openshift_sdn/files/sdn.yaml index 8eb0e464de3..f7ce70ad0b6 100644 --- a/roles/openshift_sdn/files/sdn.yaml +++ b/roles/openshift_sdn/files/sdn.yaml @@ -38,7 +38,7 @@ spec: # It relies on an up to date node-config.yaml being present. - name: sdn image: " " - command: + command: - /bin/bash - -c - | @@ -102,6 +102,9 @@ spec: oc config --config=/tmp/kubeconfig set-credentials sa "--token=$( cat /var/run/secrets/kubernetes.io/serviceaccount/token )" oc config --config=/tmp/kubeconfig set-context "$( oc config --config=/tmp/kubeconfig current-context )" --user=sa # Launch the network process + if which openshift-sdn; then + exec openshift-sdn --config=/etc/origin/node/node-config.yaml --kubeconfig=/tmp/kubeconfig --loglevel=${DEBUG_LOGLEVEL:-2} + fi exec openshift start network --config=/etc/origin/node/node-config.yaml --kubeconfig=/tmp/kubeconfig --loglevel=${DEBUG_LOGLEVEL:-2} securityContext: @@ -201,3 +204,5 @@ spec: - name: host-var-lib-cni-networks-openshift-sdn hostPath: path: /var/lib/cni/networks/openshift-sdn + tolerations: + - operator: "Exists" diff --git a/roles/openshift_storage_glusterfs/README.md b/roles/openshift_storage_glusterfs/README.md index 7b2c88a0c80..f61e0035545 100644 --- a/roles/openshift_storage_glusterfs/README.md +++ b/roles/openshift_storage_glusterfs/README.md @@ -63,7 +63,7 @@ their configuration as GlusterFS nodes: | Name | Default value | Description | |--------------------|---------------------------|-----------------------------------------| | glusterfs_cluster | 1 | The ID of the cluster this node should belong to. This is useful when a single heketi service is expected to manage multiple distinct clusters. **NOTE:** For natively-hosted clusters, all pods will be in the same OpenShift namespace -| glusterfs_hostname | openshift.node.nodename | A hostname (or IP address) that will be used for internal GlusterFS communication +| glusterfs_hostname | l_kubelet_node_name | A hostname (or IP address) that will be used for internal GlusterFS communication | glusterfs_ip | openshift.common.ip | An IP address that will be used by pods to communicate with the GlusterFS node. **NOTE:** Required for external GlusterFS nodes | glusterfs_zone | 1 | A zone number for the node. Zones are used within the cluster for determining how to distribute the bricks of GlusterFS volumes. heketi will try to spread each volumes' bricks as evenly as possible across all zones @@ -87,7 +87,7 @@ GlusterFS cluster into a new or existing OpenShift cluster: | openshift_storage_glusterfs_block_deploy | True | Deploy glusterblock provisioner service | openshift_storage_glusterfs_block_image | 'gluster/glusterblock-provisioner'| Container image to use for glusterblock-provisioner pod, enterprise default is 'rhgs3/rhgs-gluster-block-prov-rhel7' | openshift_storage_glusterfs_block_host_vol_create | True | Automatically create GlusterFS volumes to host glusterblock volumes. **NOTE:** If this is False, block-hosting volumes will need to be manually created before glusterblock volumes can be provisioned -| openshift_storage_glusterfs_block_host_vol_size | 100 | Size, in GB, of GlusterFS volumes that will be automatically create to host glusterblock volumes if not enough space is available for a glusterblock volume create request. **NOTE:** This value is effectively an upper limit on the size of glusterblock volumes unless you manually create larger GlusterFS block-hosting volumes +| openshift_storage_glusterfs_block_host_vol_size | 100 | Size, in GB, of GlusterFS volumes that will be automatically created to host glusterblock volumes if not enough space is available for a glusterblock volume create request. **NOTE:** This value is effectively an upper limit on the size of glusterblock volumes unless you manually create larger GlusterFS block-hosting volumes | openshift_storage_glusterfs_block_host_vol_max | 15 | Max number of GlusterFS volumes to host glusterblock volumes | openshift_storage_glusterfs_block_storageclass | False | Automatically create a StorageClass for each glusterblock cluster | openshift_storage_glusterfs_block_storageclass_default | False | Sets the glusterblock StorageClass for this group as cluster-wide default diff --git a/roles/openshift_storage_glusterfs/files/glusterfs-template.yml b/roles/openshift_storage_glusterfs/files/glusterfs-template.yml index 68647efc997..01d9ae34b90 100644 --- a/roles/openshift_storage_glusterfs/files/glusterfs-template.yml +++ b/roles/openshift_storage_glusterfs/files/glusterfs-template.yml @@ -38,6 +38,8 @@ objects: image: ${IMAGE_NAME} imagePullPolicy: IfNotPresent env: + - name: GLUSTER_BLOCKD_STATUS_PROBE_ENABLE + value: "${GLUSTER_BLOCKD_STATUS_PROBE_ENABLE}" - name: GB_GLFS_LRU_COUNT value: "${GB_GLFS_LRU_COUNT}" - name: TCMU_LOGDIR @@ -86,7 +88,7 @@ objects: command: - "/bin/bash" - "-c" - - systemctl status glusterd.service + - "if command -v /usr/local/bin/status-probe.sh; then /usr/local/bin/status-probe.sh readiness; else systemctl status glusterd.service; fi" periodSeconds: 25 successThreshold: 1 failureThreshold: 50 @@ -97,7 +99,7 @@ objects: command: - "/bin/bash" - "-c" - - systemctl status glusterd.service + - "if command -v /usr/local/bin/status-probe.sh; then /usr/local/bin/status-probe.sh liveness; else systemctl status glusterd.service; fi" periodSeconds: 25 successThreshold: 1 failureThreshold: 50 @@ -147,6 +149,11 @@ parameters: displayName: Daemonset Node Labels description: Labels which define the daemonset node selector. Must contain at least one label of the format \'glusterfs=-host\' value: '{ "glusterfs": "storage-host" }' +- name: GLUSTER_BLOCKD_STATUS_PROBE_ENABLE + displayName: Enable readiness/liveness probe for gluster-blockd + description: Setting the value to "1" enables the readiness/liveness probe for gluster-blockd. + value: "1" + required: false - name: IMAGE_NAME displayName: GlusterFS container image name required: True diff --git a/roles/openshift_storage_glusterfs/tasks/gluster_s3_deploy.yml b/roles/openshift_storage_glusterfs/tasks/gluster_s3_deploy.yml index ca47061b74b..ca185051e7e 100644 --- a/roles/openshift_storage_glusterfs/tasks/gluster_s3_deploy.yml +++ b/roles/openshift_storage_glusterfs/tasks/gluster_s3_deploy.yml @@ -47,7 +47,7 @@ - name: Copy gluster-s3 PVCs template file copy: src: "gluster-s3-pvcs-template.yml" - dest: "{{ mktemp.stdout }}/{{ item }}" + dest: "{{ mktemp.stdout }}/gluster-s3-pvcs-template.yml" - name: Create gluster-s3 PVCs template oc_obj: @@ -88,7 +88,7 @@ - name: Copy gluster-s3 template file copy: src: "gluster-s3-template.yml" - dest: "{{ mktemp.stdout }}/{{ item }}" + dest: "{{ mktemp.stdout }}/gluster-s3-template.yml" - name: Create gluster-s3 template oc_obj: diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml index 655c3652be1..af831cd67cf 100644 --- a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml +++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml @@ -4,7 +4,6 @@ name: heketi-client state: present when: - - not openshift_is_atomic | bool - not glusterfs_heketi_is_native | bool register: result until: result is succeeded @@ -76,12 +75,6 @@ - glusterfs_heketi_is_native - glusterfs_heketi_is_missing -- name: Check if gluster-s3 can't be deployed - set_fact: - glusterfs_s3_deploy: False - when: - - "glusterfs_s3_account is not defined or glusterfs_s3_user is not defined or glusterfs_s3_password is not defined" - - block: - name: Create heketi secret oc_secret: @@ -108,8 +101,7 @@ name: "glusterfs-{{ glusterfs_name }}" files: - "{{ mktemp.stdout }}/glusterfs-storageclass.yml" - when: - - glusterfs_storageclass or glusterfs_s3_deploy + when: glusterfs_storageclass - import_tasks: glusterblock_deploy.yml when: glusterfs_block_deploy @@ -118,4 +110,8 @@ when: glusterfs_block_storageclass - import_tasks: gluster_s3_deploy.yml - when: glusterfs_s3_deploy + when: + - glusterfs_s3_deploy + - glusterfs_s3_account is defined + - glusterfs_s3_user is defined + - glusterfs_s3_password is defined diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_uninstall.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_uninstall.yml index 84adba07f91..a46b329aa85 100644 --- a/roles/openshift_storage_glusterfs/tasks/glusterfs_uninstall.yml +++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_uninstall.yml @@ -44,7 +44,7 @@ - name: Unlabel any existing GlusterFS nodes oc_label: - name: "{{ hostvars[item].openshift.node.nodename }}" + name: "{{ hostvars[item].l_kubelet_node_name }}" kind: node state: absent labels: "{{ glusterfs_nodeselector | lib_utils_oo_dict_to_list_of_dict }}" @@ -140,7 +140,6 @@ with_items: "{{ glusterfs_nodes | default([]) }}" when: - not glusterfs_is_native | bool - - not openshift_is_atomic | bool - name: Get GlusterFS storage devices state command: "pvdisplay -C --noheadings -o pv_name,vg_name {% for device in hostvars[item].glusterfs_devices %}{{ device }} {% endfor %}" diff --git a/roles/openshift_storage_glusterfs/tasks/heketi_deploy.yml b/roles/openshift_storage_glusterfs/tasks/heketi_deploy.yml index 0c1ae678063..b5ba4d97eae 100644 --- a/roles/openshift_storage_glusterfs/tasks/heketi_deploy.yml +++ b/roles/openshift_storage_glusterfs/tasks/heketi_deploy.yml @@ -69,18 +69,10 @@ delay: 10 retries: "{{ (glusterfs_timeout | int / 10) | int }}" -- name: Update heketi pod result - set_fact: +- import_tasks: heketi_set_cli.yml + vars: heketi_pod: "{{ heketi_pod_wait.results.results[0]['items'][0] }}" -- name: Set heketi-cli command - set_fact: - glusterfs_heketi_client: "{{ openshift_client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig rsh --namespace={{ glusterfs_namespace }} {{ heketi_pod.metadata.name }} {{ glusterfs_heketi_cli }} -s http://localhost:8080 --user admin --secret '{{ glusterfs_heketi_admin_key }}'" - -- name: Verify heketi service - command: "{{ glusterfs_heketi_client }} cluster list" - changed_when: False - - name: Set heketi deployed fact set_fact: glusterfs_heketi_is_missing: False diff --git a/roles/openshift_storage_glusterfs/tasks/heketi_init_db.yml b/roles/openshift_storage_glusterfs/tasks/heketi_init_db.yml index 7a108e0352c..c45b8b067d5 100644 --- a/roles/openshift_storage_glusterfs/tasks/heketi_init_db.yml +++ b/roles/openshift_storage_glusterfs/tasks/heketi_init_db.yml @@ -4,7 +4,7 @@ register: setup_storage - name: Copy heketi-storage list - shell: "{{ openshift_client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig rsh --namespace={{ glusterfs_namespace }} {{ deploy_heketi_pod.metadata.name }} cat /tmp/heketi-storage.json > {{ mktemp.stdout }}/heketi-storage.json" + shell: "{{ openshift_client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig rsh --namespace={{ glusterfs_namespace }} {{ heketi_pod_name }} cat /tmp/heketi-storage.json > {{ mktemp.stdout }}/heketi-storage.json" # Need `command` here because heketi-storage.json contains multiple objects. - name: Copy heketi DB to GlusterFS volume @@ -45,3 +45,7 @@ name: "heketi-storage-endpoints" - kind: "secret" name: "heketi-{{ glusterfs_name | default }}-topology-secret" + +- name: Set deploy-heketi deployed fact + set_fact: + glusterfs_heketi_deploy_is_missing: True diff --git a/roles/openshift_storage_glusterfs/tasks/heketi_init_deploy.yml b/roles/openshift_storage_glusterfs/tasks/heketi_init_deploy.yml index 87466774f4a..aa1e84fc6ec 100644 --- a/roles/openshift_storage_glusterfs/tasks/heketi_init_deploy.yml +++ b/roles/openshift_storage_glusterfs/tasks/heketi_init_deploy.yml @@ -43,9 +43,9 @@ delay: 10 retries: "{{ (glusterfs_timeout | int / 10) | int }}" -- name: Update deploy-heketi pod result - set_fact: - deploy_heketi_pod: "{{ deploy_heketi_pod_wait.results.results[0]['items'][0] }}" +- import_tasks: heketi_set_cli.yml + vars: + heketi_pod: "{{ deploy_heketi_pod_wait.results.results[0]['items'][0] }}" - name: Set deploy-heketi deployed fact set_fact: diff --git a/roles/openshift_storage_glusterfs/tasks/heketi_load.yml b/roles/openshift_storage_glusterfs/tasks/heketi_load.yml index 713f5201a44..09dd2461d62 100644 --- a/roles/openshift_storage_glusterfs/tasks/heketi_load.yml +++ b/roles/openshift_storage_glusterfs/tasks/heketi_load.yml @@ -1,19 +1,11 @@ --- -- name: Set heketi-cli command - set_fact: - glusterfs_heketi_client: "{% if glusterfs_heketi_is_native %}{{ openshift_client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig rsh --namespace={{ glusterfs_namespace }} {%if heketi_pod is defined %}{{ heketi_pod.metadata.name }}{% elif deploy_heketi_pod is defined %}{{ deploy_heketi_pod.metadata.name }}{% endif %} {% endif %}{{ glusterfs_heketi_cli }} -s http://{% if glusterfs_heketi_is_native %}localhost:8080{% else %}{{ glusterfs_heketi_url }}:{{ glusterfs_heketi_port }}{% endif %} --user admin {% if glusterfs_heketi_admin_key is defined %}--secret '{{ glusterfs_heketi_admin_key }}'{% endif %}" - -- name: Verify heketi service - command: "{{ glusterfs_heketi_client }} cluster list" - changed_when: False - - name: Generate topology file template: src: "topology.json.j2" dest: "{{ mktemp.stdout }}/topology.json" - name: Place heketi topology on heketi Pod - shell: "{{ openshift_client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig exec --namespace={{ glusterfs_namespace }} -i {%if heketi_pod is defined %}{{ heketi_pod.metadata.name }}{% elif deploy_heketi_pod is defined %}{{ deploy_heketi_pod.metadata.name }}{% endif %} -- bash -c 'mkdir -p {{ mktemp.stdout }} && cat > {{ mktemp.stdout }}/topology.json' < {{ mktemp.stdout }}/topology.json" + shell: "{{ openshift_client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig exec --namespace={{ glusterfs_namespace }} -i {{ heketi_pod_name }} -- bash -c 'mkdir -p {{ mktemp.stdout }} && cat > {{ mktemp.stdout }}/topology.json' < {{ mktemp.stdout }}/topology.json" when: - glusterfs_heketi_is_native diff --git a/roles/openshift_storage_glusterfs/tasks/heketi_pod_check.yml b/roles/openshift_storage_glusterfs/tasks/heketi_pod_check.yml index 05a5e105b68..e6207bc6e30 100644 --- a/roles/openshift_storage_glusterfs/tasks/heketi_pod_check.yml +++ b/roles/openshift_storage_glusterfs/tasks/heketi_pod_check.yml @@ -7,14 +7,14 @@ selector: "glusterfs=deploy-heketi-{{ glusterfs_name }}-pod" register: deploy_heketi_pod_check +# deploy-heketi pod is not missing when there are one or more pods with matching labels whose 'Ready' status is True - name: Check if need to deploy deploy-heketi set_fact: - glusterfs_heketi_deploy_is_missing: False - deploy_heketi_pod: "{{ deploy_heketi_pod_check.results.results[0]['items'][0] }}" - when: - - "deploy_heketi_pod_check.results.results[0]['items'] | count > 0" - # deploy-heketi is not missing when there are one or more pods with matching labels whose 'Ready' status is True - - "deploy_heketi_pod_check.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count > 0" + glusterfs_heketi_deploy_is_missing: "{{ heketi_pod_results_count | int == 0 or heketi_pod_results_ready_count | int == 0 }}" + vars: + heketi_pod_results: "{{ deploy_heketi_pod_check.results.results[0]['items'] }}" + heketi_pod_results_count: "{{ heketi_pod_results | count }}" + heketi_pod_results_ready_count: "{{ heketi_pod_results | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count }}" - name: Check for existing heketi pod oc_obj: @@ -24,11 +24,17 @@ selector: "glusterfs=heketi-{{ glusterfs_name }}-pod" register: heketi_pod_check +# heketi pod is not missing when there are one or more pods with matching labels whose 'Ready' status is True - name: Check if need to deploy heketi set_fact: - glusterfs_heketi_is_missing: False - heketi_pod: "{{ heketi_pod_check.results.results[0]['items'][0] }}" - when: - - "heketi_pod_check.results.results[0]['items'] | count > 0" - # heketi is not missing when there are one or more pods with matching labels whose 'Ready' status is True - - "heketi_pod_check.results.results[0]['items'] | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count > 0" + glusterfs_heketi_is_missing: "{{ heketi_pod_results_count | int == 0 or heketi_pod_results_ready_count | int == 0 }}" + vars: + heketi_pod_results: "{{ heketi_pod_check.results.results[0]['items'] }}" + heketi_pod_results_count: "{{ heketi_pod_results | count }}" + heketi_pod_results_ready_count: "{{ heketi_pod_results | lib_utils_oo_collect(attribute='status.conditions') | lib_utils_oo_collect(attribute='status', filters={'type': 'Ready'}) | map('bool') | select | list | count }}" + +- import_tasks: heketi_set_cli.yml + vars: + deploy_heketi_pod_results: "{{ deploy_heketi_pod_check.results.results[0]['items'] }}" + heketi_pod_results: "{{ heketi_pod_check.results.results[0]['items'] }}" + heketi_pod: "{{ heketi_pod_results | default(deploy_heketi_pod_results, true) | default([''], true) | first }}" diff --git a/roles/openshift_storage_glusterfs/tasks/heketi_set_cli.yml b/roles/openshift_storage_glusterfs/tasks/heketi_set_cli.yml new file mode 100644 index 00000000000..0e9d46d0a15 --- /dev/null +++ b/roles/openshift_storage_glusterfs/tasks/heketi_set_cli.yml @@ -0,0 +1,18 @@ +--- +- name: Set heketi_pod_name + set_fact: + heketi_pod_name: "{{ heketi_pod.metadata.name if glusterfs_heketi_is_native and heketi_pod is defined and 'metadata' in heketi_pod else '' }}" + +- name: Set heketi-cli command + set_fact: + glusterfs_heketi_client: "{{ heketi_pod_rsh }}{{ glusterfs_heketi_cli }} -s http://{{ heketi_server }} --user admin {{ heketi_admin_key }}" + vars: + heketi_pod_rsh: "{% if glusterfs_heketi_is_native %}{{ openshift_client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig rsh --namespace={{ glusterfs_namespace }} {{ heketi_pod_name }} {% endif %}" + heketi_server: "{% if glusterfs_heketi_is_native %}localhost:8080{% else %}{{ glusterfs_heketi_url }}:{{ glusterfs_heketi_port }}{% endif %}" + heketi_admin_key: " {% if glusterfs_heketi_admin_key is defined %}--secret '{{ glusterfs_heketi_admin_key }}'{% endif %}" + +- name: Verify heketi service + command: "{{ glusterfs_heketi_client }} cluster list" + changed_when: False + when: + - heketi_pod_name != '' or not glusterfs_heketi_is_native diff --git a/roles/openshift_storage_glusterfs/tasks/kernel_modules.yml b/roles/openshift_storage_glusterfs/tasks/kernel_modules.yml index fdc84f6e2a7..8964df9be42 100644 --- a/roles/openshift_storage_glusterfs/tasks/kernel_modules.yml +++ b/roles/openshift_storage_glusterfs/tasks/kernel_modules.yml @@ -9,7 +9,6 @@ shell: "dnf install kernel-modules-$(uname -r) -y" when: - ansible_distribution == "Fedora" - - not (openshift_is_atomic | bool) - name: load kernel modules systemd: diff --git a/roles/openshift_storage_glusterfs/tasks/label_nodes.yml b/roles/openshift_storage_glusterfs/tasks/label_nodes.yml index c7e1a873044..61c26a18cc0 100644 --- a/roles/openshift_storage_glusterfs/tasks/label_nodes.yml +++ b/roles/openshift_storage_glusterfs/tasks/label_nodes.yml @@ -1,7 +1,7 @@ --- - name: Label GlusterFS nodes oc_label: - name: "{{ hostvars[item].openshift.node.nodename }}" + name: "{{ hostvars[item].l_kubelet_node_name }}" kind: node state: add labels: "{{ glusterfs_nodeselector | lib_utils_oo_dict_to_list_of_dict }}" diff --git a/roles/openshift_storage_glusterfs/templates/topology.json.j2 b/roles/openshift_storage_glusterfs/templates/topology.json.j2 index bdbd857a534..d392a827c19 100644 --- a/roles/openshift_storage_glusterfs/templates/topology.json.j2 +++ b/roles/openshift_storage_glusterfs/templates/topology.json.j2 @@ -20,7 +20,7 @@ {%- if 'glusterfs_hostname' in hostvars[node] -%} "{{ hostvars[node].glusterfs_hostname }}" {%- elif 'openshift' in hostvars[node] -%} - "{{ hostvars[node].openshift.node.nodename }}" + "{{ hostvars[node].l_kubelet_node_name }}" {%- else -%} "{{ node }}" {%- endif -%} diff --git a/roles/openshift_storage_nfs_lvm/tasks/main.yml b/roles/openshift_storage_nfs_lvm/tasks/main.yml index ff92e59e5bc..9acb5b33ed7 100644 --- a/roles/openshift_storage_nfs_lvm/tasks/main.yml +++ b/roles/openshift_storage_nfs_lvm/tasks/main.yml @@ -1,9 +1,4 @@ --- -# TODO -- this may actually work on atomic hosts -- fail: - msg: "openshift_storage_nfs_lvm is not compatible with atomic host" - when: openshift_is_atomic | bool - - name: Create lvm volumes lvol: vg={{osnl_volume_group}} lv={{ item }} size={{osnl_volume_size}}G with_sequence: start={{osnl_volume_num_start}} count={{osnl_number_of_volumes}} format={{osnl_volume_prefix}}{{osnl_volume_size}}g%04d diff --git a/roles/openshift_storage_nfs_lvm/tasks/nfs.yml b/roles/openshift_storage_nfs_lvm/tasks/nfs.yml index 2e6aadd1987..adad8bcb456 100644 --- a/roles/openshift_storage_nfs_lvm/tasks/nfs.yml +++ b/roles/openshift_storage_nfs_lvm/tasks/nfs.yml @@ -3,7 +3,6 @@ package: name: nfs-utils state: present - when: not openshift_is_atomic | bool register: result until: result is succeeded @@ -23,8 +22,5 @@ lineinfile: dest=/etc/exports regexp="^{{ osnl_mount_dir }}/{{ item }} " line="{{ osnl_mount_dir }}/{{ item }} {{osnl_nfs_export_options}}" - with_sequence: - start: "{{osnl_volume_num_start}}" - count: "{{osnl_number_of_volumes}}" - format: "{{osnl_volume_prefix}}{{osnl_volume_size}}g%04d" + with_sequence: start={{osnl_volume_num_start}} count={{osnl_number_of_volumes}} format={{osnl_volume_prefix}}{{osnl_volume_size}}g%04d notify: restart nfs diff --git a/roles/openshift_version/defaults/main.yml b/roles/openshift_version/defaults/main.yml index 701e025a7b7..51e5530ec93 100644 --- a/roles/openshift_version/defaults/main.yml +++ b/roles/openshift_version/defaults/main.yml @@ -1,3 +1,3 @@ --- openshift_protect_installed_version: True -openshift_release: '3.11' +openshift_release: '4.0' diff --git a/roles/os_firewall/README.md b/roles/os_firewall/README.md index 5ee11f7bd75..b04119101ac 100644 --- a/roles/os_firewall/README.md +++ b/roles/os_firewall/README.md @@ -4,9 +4,6 @@ OS Firewall OS Firewall manages firewalld and iptables installation. case. -Note: firewalld is not supported on Atomic Host -https://bugzilla.redhat.com/show_bug.cgi?id=1403331 - Requirements ------------ diff --git a/roles/os_firewall/defaults/main.yml b/roles/os_firewall/defaults/main.yml index 2cae944113f..51f02e2a9e4 100644 --- a/roles/os_firewall/defaults/main.yml +++ b/roles/os_firewall/defaults/main.yml @@ -1,5 +1,3 @@ --- os_firewall_enabled: True -# firewalld is not supported on Atomic Host -# https://bugzilla.redhat.com/show_bug.cgi?id=1403331 os_firewall_use_firewalld: False diff --git a/roles/os_firewall/tasks/firewalld.yml b/roles/os_firewall/tasks/firewalld.yml index a9da3767637..a07a1762294 100644 --- a/roles/os_firewall/tasks/firewalld.yml +++ b/roles/os_firewall/tasks/firewalld.yml @@ -1,18 +1,10 @@ --- -- name: Fail - Firewalld is not supported on Atomic Host - fail: - msg: "Firewalld is not supported on Atomic Host" - when: - - openshift_is_atomic | bool - - not openshift_enable_unsupported_configurations | default(false) - - name: Install firewalld packages package: name: firewalld state: present register: result until: result is succeeded - when: not openshift_is_atomic | bool - name: Ensure iptables services are not enabled systemd: diff --git a/roles/os_firewall/tasks/iptables.yml b/roles/os_firewall/tasks/iptables.yml index 388506cbad2..7df1872a0c9 100644 --- a/roles/os_firewall/tasks/iptables.yml +++ b/roles/os_firewall/tasks/iptables.yml @@ -24,7 +24,6 @@ pkg_list: - iptables - iptables-services - when: not openshift_is_atomic | bool register: result until: result is succeeded diff --git a/roles/tuned/defaults/main.yml b/roles/tuned/defaults/main.yml index c0bf5da1fa8..563f0d1baa4 100644 --- a/roles/tuned/defaults/main.yml +++ b/roles/tuned/defaults/main.yml @@ -3,3 +3,4 @@ tuned_etc_directory: '/etc/tuned' tuned_templates_source: '../templates' openshift_fs_inotify_max_user_watches: 65536 openshift_fs_inotify_max_user_instances: 8192 +openshift_tuned_guest_profile: "virtual-guest" diff --git a/roles/tuned/tasks/main.yml b/roles/tuned/tasks/main.yml index 5129f447139..f24dd568884 100644 --- a/roles/tuned/tasks/main.yml +++ b/roles/tuned/tasks/main.yml @@ -9,10 +9,6 @@ - name: Tuned service setup block: - - name: Set tuned OpenShift variables - set_fact: - openshift_tuned_guest_profile: "{{ 'atomic-guest' if openshift_is_atomic else 'virtual-guest' }}" - - name: Ensure directory structure exists file: state: directory diff --git a/roles/tuned/templates/openshift/tuned.conf b/roles/tuned/templates/openshift/tuned.conf index 7f45b49e665..eab27a97422 100644 --- a/roles/tuned/templates/openshift/tuned.conf +++ b/roles/tuned/templates/openshift/tuned.conf @@ -7,7 +7,7 @@ summary=Optimize systems running OpenShift (parent profile) include=${f:virt_check:{{ openshift_tuned_guest_profile }}:throughput-performance} [selinux] -avc_cache_threshold=65536 +avc_cache_threshold=8192 [net] nf_conntrack_hashsize=131072 diff --git a/test-requirements.txt b/test-requirements.txt index 585cca0b9ac..0de49a54d78 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -12,3 +12,4 @@ coverage==4.3.4 mock==2.0.0 pytest==3.0.7 pytest-cov==2.4.0 +python-dateutil==2.7.3 diff --git a/test/ci/deprovision.yml b/test/ci/deprovision.yml index 481dccf2f97..17703bb99f4 100644 --- a/test/ci/deprovision.yml +++ b/test/ci/deprovision.yml @@ -15,20 +15,31 @@ tag-key: "kubernetes.io/cluster/{{ aws_cluster_id }}" register: ec2 - - name: Stop VMs + - name: Terminate instances ec2: instance_ids: "{{ item.instance_id }}" region: "{{ aws_region }}" - state: stopped + state: absent wait: no with_items: "{{ ec2.instances }}" - ignore_errors: true + when: not aws_use_auto_terminator | default(true) - - name: Rename VMs - ec2_tag: - resource: "{{ item.instance_id }}" - region: "{{ aws_region }}" - tags: - Name: "{{ item.tags.Name }}-terminate" - when: "'-terminate' not in item.tags.Name" - with_items: "{{ ec2.instances }}" + - when: aws_use_auto_terminator | default(true) + block: + - name: Stop VMs + ec2: + instance_ids: "{{ item.instance_id }}" + region: "{{ aws_region }}" + state: stopped + wait: no + with_items: "{{ ec2.instances }}" + ignore_errors: true + + - name: Rename VMs + ec2_tag: + resource: "{{ item.instance_id }}" + region: "{{ aws_region }}" + tags: + Name: "{{ item.tags.Name }}-terminate" + when: "'-terminate' not in item.tags.Name" + with_items: "{{ ec2.instances }}" diff --git a/test/ci/inventory/group_vars/OSEv3/vars.yml b/test/ci/inventory/group_vars/OSEv3/vars.yml index f5fdd112607..2de93476bb0 100644 --- a/test/ci/inventory/group_vars/OSEv3/vars.yml +++ b/test/ci/inventory/group_vars/OSEv3/vars.yml @@ -12,7 +12,6 @@ openshift_metrics_install_metrics: false openshift_metrics_install_logging: false openshift_logging_install_logging: false openshift_management_install_management: false -openshift_hosted_prometheus_deploy: false template_service_broker_install: false ansible_service_broker_install: false openshift_enable_service_catalog: false diff --git a/test/ci/launch.yml b/test/ci/launch.yml index 511e43c4393..9be6f80fe7a 100644 --- a/test/ci/launch.yml +++ b/test/ci/launch.yml @@ -47,6 +47,7 @@ "Name": "{{ item.name }}", "ansible-groups": "{{ item.ansible_groups | join(',') }}", "ansible-node-group": "{{ item.node_group }}", + "expirationDate": "{{ item.aws_expiration_date | default(aws_expiration_date) }}" } - name: Add machine to inventory @@ -74,7 +75,38 @@ become: true tasks: - wait_for_connection: {} + - name: Make sure hostname is set to public ansible host + hostname: + name: "{{ ansible_host }}" + - name: Detecting Operating System + shell: ls /run/ostree-booted + ignore_errors: yes + failed_when: false + register: ostree_output + - name: Update all packages + package: + name: '*' + state: latest + when: ostree_output.rc != 0 + register: yum_update + - name: Update Atomic system + command: atomic host upgrade + when: ostree_output.rc == 0 + register: ostree_update + - name: Reboot machines + shell: sleep 5 && systemctl reboot + async: 1 + poll: 0 + ignore_errors: true + when: yum_update | changed or ostree_update | changed + - name: Wait for connection + wait_for_connection: + connect_timeout: 20 + sleep: 5 + delay: 5 + timeout: 300 - setup: {} +- import_playbook: ../../playbooks/openshift-node/network_manager.yml - import_playbook: ../../playbooks/prerequisites.yml - import_playbook: ../../playbooks/deploy_cluster.yml diff --git a/test/ci/vars.yml.sample b/test/ci/vars.yml.sample index 64354b57d53..ded275e9a8a 100644 --- a/test/ci/vars.yml.sample +++ b/test/ci/vars.yml.sample @@ -1,15 +1,21 @@ --- vm_prefix: "ci_test" +#aws_use_auto_terminator is set to True by default, as rh-dev account doesn't have permission +# to terminate instances. These should be stopped and renamed to include 'terminate' instead +#aws_use_auto_terminator: false type: aws aws_user: "ec2-user" python: "/usr/bin/python" + aws_key: "libra" aws_region: "us-east-1" aws_cluster_id: "ci" # us-east-1d aws_subnet: "subnet-cf57c596" +aws_expiration_date: "{{ lookup('pipe','date -d \"4 hours\" --iso=minutes --utc') }}" + aws_ami_tags: "tag:operating_system": "rhel" "tag:image_stage": "base" @@ -36,3 +42,5 @@ aws_instances: # - device_name: /dev/sdb # volume_size: 50 # delete_on_termination: yes + #Set expiration date for instances on CI namespace + #aws_expiration_date: "{{ lookup('pipe','date -d \"4 hours\" --iso=minutes --utc') }}" diff --git a/test/tox-inventory.txt b/test/tox-inventory.txt index bc3a211d4f5..828bdac277e 100644 --- a/test/tox-inventory.txt +++ b/test/tox-inventory.txt @@ -94,6 +94,9 @@ localhost [oo_nfs_to_config] localhost +[oo_glusterfs_to_config] +localhost + [glusterfs] localhost