Make CaaS DNS domains configurable 98/698/3
authorKrisztian Lengyel <krisztian.lengyel@nokia.com>
Fri, 10 May 2019 20:16:36 +0000 (16:16 -0400)
committerKrisztian Lengyel <krisztian.lengyel@nokia.com>
Wed, 15 May 2019 14:39:15 +0000 (10:39 -0400)
Change-Id: I9f982d03886cc81601e7c43719de0c092c1b44db
Signed-off-by: Krisztian Lengyel <krisztian.lengyel@nokia.com>
ansible/roles/install_caas_infra/tasks/main.yaml
ansible/roles/pre_config_all/tasks/main.yml
ansible/roles/pre_install_caas_infra/meta/main.yaml
cm_config/caas.yaml
infra-charts/templates/elasticsearch-data-statefulset.yaml
infra-charts/templates/elasticsearch-master-statefulset.yaml
infra-charts/values.yaml.j2
utils/common/aliases.sh

index 0e2c856..f2378f0 100644 (file)
 
 - name: helm-list
   shell: HELM_HOST={{ caas.tiller_ip }}:{{ caas.tiller_port }} helm get {{ infra_chart_name }}
-  register: crf_list_result
-  failed_when: "( crf_list_result.rc != 0 ) and ( not (crf_list_result.stderr | search('Error: release')) )"
+  register: caas_list_result
+  failed_when: "( caas_list_result.rc != 0 ) and ( not (caas_list_result.stderr | search('Error: release')) )"
 
 - block:
   - name: Install infra_chart with helm
     shell: HELM_HOST={{ caas.tiller_ip }}:{{ caas.tiller_port }} helm install --wait --timeout {{ caas.helm_operation_timeout }} --name {{ infra_chart_name }} default/{{ infra_chart_name }}
-    when: "crf_list_result is defined and ( ( crf_list_result.stderr | search('Error: release:') ) or ( crf_list_result.stdout == '' ) )"
+    when: "caas_list_result is defined and ( ( caas_list_result.stderr | search('Error: release:') ) or ( caas_list_result.stdout == '' ) )"
 
   rescue:
-  - name: Delete the crf_infra_chart
+  - name: Delete the caas_infra_chart
     shell: HELM_HOST={{ caas.tiller_ip }}:{{ caas.tiller_port }} helm delete --purge {{ infra_chart_name }}
 
   - name: fail the current playbook run, because helm install failed
index 5eaf89d..596f721 100644 (file)
   shell: "kubectl completion bash > /etc/bash_completion.d/kubectl-bash"
   become: true
   become_user: "root"
+
+- name: set envinment variables
+  lineinfile:
+    dest: /etc/environment
+    state: present
+    line: "{{ item }}"
+    regexp: "{{ item }}"
+  become: true
+  become_user: "root"
+  with_items:
+    - "SWIFT_URL={{ caas.swift }}"
index 7506305..842164f 100644 (file)
@@ -21,7 +21,7 @@ dependencies:
     cert_path: /etc/kubernetes/ssl
     alt_names:
       dns:
-        - "cpu-dev-pod-mutator-svc.kube-system.svc.nokia.net"
+        - "cpu-dev-pod-mutator-svc.kube-system.svc.{{ caas.dns_domain }}"
         - "cpu-dev-pod-mutator-svc.kube-system.svc"
     become: true
     become_user: "root"
@@ -46,7 +46,7 @@ dependencies:
     cert_path: /etc/metrics-server/ssl
     alt_names:
       dns:
-        - metrics-server.kube-system.svc.nokia.net
+        - "metrics-server.kube-system.svc.{{ caas.dns_domain }}"
         - metrics-server.kube-system.svc
     become: true
     become_user: "root"
index 7b86625..e88f40d 100644 (file)
@@ -23,33 +23,33 @@ caas_base_directory: "/var/lib/caas"
 infra_containers_directory: "{{ caas_base_directory }}/images"
 manifests_directory: "{{ caas_base_directory }}/manifests"
 registry_directory: /var/lib/registry
-apiserver_in_hosts: apiserver.nokia.net
+apiserver_in_hosts: apiserver.{{ dns_domain }}
 etcd_api_port: 4111
 etcd_peer_port: 4112
-kubernetes_component_label: ncrf-image
-swift_url: swift.kube-system.svc.nokia.net
+kubernetes_component_label: akrec-image
+swift_url: swift.kube-system.svc.{{ dns_domain }}
 swift_port: 8084
 swift: https://{{ swift_url }}:{{ swift_port }}
-swift_update_url: swift-update.kube-system.svc.nokia.net
+swift_update_url: swift-update.kube-system.svc.{{ dns_domain }}
 swift_memcached_port: 11222
 update_swift_port: 8091
 swift_update: https://{{ swift_update_url }}:{{ update_swift_port }}
 chart_repo_ip: 10.254.210.229
-chart_repo_url: chart-repo.kube-system.svc.nokia.net
+chart_repo_url: chart-repo.kube-system.svc.{{ dns_domain }}
 chart_repo_port: 8088
 chart_repo: https://{{ chart_repo_url }}:{{ chart_repo_port }}
 tiller_ip: 10.254.165.237
-tiller_url: tiller.kube-system.svc.nokia.net
+tiller_url: tiller.kube-system.svc.{{ dns_domain }}
 tiller_port: 44134
 tiller: https://{{ tiller_url }}:{{ tiller_port }}
-registry_url: registry.kube-system.svc.nokia.net
+registry_url: registry.kube-system.svc.{{ dns_domain }}
 registry_port: 5555
 registry: https://{{ registry_url }}:{{ registry_port }}
 registry_repo: "caas"
-update_registry_url: registry-update.kube-system.svc.nokia.net
+update_registry_url: registry-update.kube-system.svc.{{ dns_domain }}
 update_registry_port: 5556
 update_registry: https://{{ update_registry_url }}:{{ update_registry_port }}
-elasticsearch_url: elasticsearch-logging.kube-system.svc.nokia.net
+elasticsearch_url: elasticsearch-logging.kube-system.svc.{{ dns_domain }}
 elasticsearch_port: 9200
 elasticsearch_memory_request: 1Gi
 elasticsearch_memory_limit: 2Gi
@@ -59,8 +59,8 @@ elasticsearch_port_for_cluster_communication: 9300
 elasticsearch: https://{{ elasticsearch_url }}:{{ elasticsearch_port }}
 internal_flannel_interface: eth0
 container_wait_timeout: 120
-ldap_master_url: master.infraldap-server.nokia.net
-ldap_slave_url: infraldap-server-slave.kube-system.svc.nokia.net
+ldap_master_url: master.infraldap-server.{{ dns_domain }}
+ldap_slave_url: infraldap-server-slave.kube-system.svc.{{ dns_domain }}
 apiserver_secure_port: 6443
 apiserver_svc_port: 443
 default_partition_size: 16
@@ -72,7 +72,7 @@ caas_chart_path: "{{ caas_base_directory }}/infra-charts"
 caas_policy_directory: "{{ caas_base_directory }}/policies"
 kubernetes_service_url: kubernetes.default.svc
 prometheus_port: 9090
-prometheus_url: prometheus.kube-system.svc.nokia.net
+prometheus_url: prometheus.kube-system.svc.{{ dns_domain }}
 prometheus: https://{{ prometheus_url }}:{{ prometheus_port }}
 custom_metrics_api_port: 6443
 custom_metrics_api_serviceport: 443
@@ -85,7 +85,7 @@ kubernetes_secret_users: kube
 service_cluster_ip_cidr: "10.254.0.0/16"
 apiserver_svc_ip: "10.254.0.1"
 dns_svc_ip: "10.254.0.254"
-apiserver_service_name: "kubernetes.default.svc.nokia.net"
+apiserver_service_name: "kubernetes.default.svc.{{ dns_domain }}"
 rbac_manifests_directory: "{{ caas_base_directory }}/rbac_manifests"
 webhook_port: 443
 root_partition: "/dev/vda"
index 246be09..13ea626 100644 (file)
@@ -55,7 +55,7 @@ spec:
         - name: NODE_MASTER
           value: "false"
         - name: DISCOVERY_SERVICE
-          value: elasticsearch-data.kube-system.svc.nokia.net
+          value: elasticsearch-data.kube-system.svc.{{ .Values.domain }}
         - name: PROCESSORS
           valueFrom:
             resourceFieldRef:
index 50c0c8f..904f0fc 100644 (file)
@@ -55,7 +55,7 @@ spec:
         - name: NODE_DATA
           value: "false"
         - name: DISCOVERY_SERVICE
-          value: elasticsearch-data.kube-system.svc.nokia.net
+          value: elasticsearch-data.kube-system.svc.{{ .Values.domain }}
         - name: ES_JAVA_OPTS
           value: "-Xms{{ .Values.elasticsearch.java_heap_request }} -Xmx{{ .Values.elasticsearch.java_heap_max }} -Dmapper.allow_dots_in_name=true"
         {{- range $key, $value :=  .Values.elasticsearch.cluster.env }}
index 51603bd..d772e35 100644 (file)
@@ -17,6 +17,7 @@ limitations under the License.
 kubernetes_component_label: {{ caas.kubernetes_component_label }}
 registry_url: {{ caas.registry_url }}:{{ caas.registry_port }}
 registry_reponame: "{{ caas.registry_repo }}"
+domain: "{{ caas.dns_domain }}"
 
 metrics_server:
   required: true
index d5d5c78..18587bb 100644 (file)
@@ -14,6 +14,6 @@
 # limitations under the License.
 
 # Swift
-function swiftauth { source /etc/swift/usr/admin/env_file; export SWIFT_AUTH_KEY=`curl --cacert /etc/swift/main/tls-proxy/ca.pem -XGET -i -H"X-Auth-User:${SWIFT_TENANT}:${SWIFT_USER}" -H"X-Auth-Key:${SWIFT_PASS}" https://swift.kube-system.svc.nokia.net:8084/auth/v1.0 | grep X-Auth-Token: | awk '{print $2;}'`; }
-function swiftget { curl --cacert /etc/swift/main/tls-proxy/ca.pem -XGET -H"X-Auth-Token: ${SWIFT_AUTH_KEY}" https://swift.kube-system.svc.nokia.net:8084/v1.0/AUTH_admin${1}; }
-function swiftput { curl --cacert /etc/swift/main/tls-proxy/ca.pem -XPUT -H"X-Auth-Token: ${SWIFT_AUTH_KEY}" -T ${1} https://swift.kube-system.svc.nokia.net:8084/v1.0/AUTH_admin${2}; }
+function swiftauth { source /etc/swift/usr/admin/env_file; export SWIFT_AUTH_KEY=`curl --cacert /etc/swift/main/tls-proxy/ca.pem -XGET -i -H"X-Auth-User:${SWIFT_TENANT}:${SWIFT_USER}" -H"X-Auth-Key:${SWIFT_PASS}" "${SWIFT_URL}/auth/v1.0" | grep X-Auth-Token: | awk '{print $2;}'`; }
+function swiftget { curl --cacert /etc/swift/main/tls-proxy/ca.pem -XGET -H"X-Auth-Token: ${SWIFT_AUTH_KEY}" "${SWIFT_URL}/v1.0/AUTH_admin${1}"; }
+function swiftput { curl --cacert /etc/swift/main/tls-proxy/ca.pem -XPUT -H"X-Auth-Token: ${SWIFT_AUTH_KEY}" -T ${1} "${SWIFT_URL}/v1.0/AUTH_admin${2}"; }