From: Krisztian Lengyel Date: Fri, 10 May 2019 20:16:36 +0000 (-0400) Subject: Make CaaS DNS domains configurable X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=commitdiff_plain;h=fa506c690e93d698718affeda094104b518c0b4e;p=ta%2Fcaas-install.git Make CaaS DNS domains configurable Change-Id: I9f982d03886cc81601e7c43719de0c092c1b44db Signed-off-by: Krisztian Lengyel --- diff --git a/ansible/roles/install_caas_infra/tasks/main.yaml b/ansible/roles/install_caas_infra/tasks/main.yaml index 0e2c856..f2378f0 100644 --- a/ansible/roles/install_caas_infra/tasks/main.yaml +++ b/ansible/roles/install_caas_infra/tasks/main.yaml @@ -35,16 +35,16 @@ - name: helm-list shell: HELM_HOST={{ caas.tiller_ip }}:{{ caas.tiller_port }} helm get {{ infra_chart_name }} - register: crf_list_result - failed_when: "( crf_list_result.rc != 0 ) and ( not (crf_list_result.stderr | search('Error: release')) )" + register: caas_list_result + failed_when: "( caas_list_result.rc != 0 ) and ( not (caas_list_result.stderr | search('Error: release')) )" - block: - name: Install infra_chart with helm shell: HELM_HOST={{ caas.tiller_ip }}:{{ caas.tiller_port }} helm install --wait --timeout {{ caas.helm_operation_timeout }} --name {{ infra_chart_name }} default/{{ infra_chart_name }} - when: "crf_list_result is defined and ( ( crf_list_result.stderr | search('Error: release:') ) or ( crf_list_result.stdout == '' ) )" + when: "caas_list_result is defined and ( ( caas_list_result.stderr | search('Error: release:') ) or ( caas_list_result.stdout == '' ) )" rescue: - - name: Delete the crf_infra_chart + - name: Delete the caas_infra_chart shell: HELM_HOST={{ caas.tiller_ip }}:{{ caas.tiller_port }} helm delete --purge {{ infra_chart_name }} - name: fail the current playbook run, because helm install failed diff --git a/ansible/roles/pre_config_all/tasks/main.yml b/ansible/roles/pre_config_all/tasks/main.yml index 5eaf89d..596f721 100644 --- a/ansible/roles/pre_config_all/tasks/main.yml +++ b/ansible/roles/pre_config_all/tasks/main.yml @@ -153,3 +153,14 @@ shell: "kubectl completion bash > /etc/bash_completion.d/kubectl-bash" become: true become_user: "root" + +- name: set envinment variables + lineinfile: + dest: /etc/environment + state: present + line: "{{ item }}" + regexp: "{{ item }}" + become: true + become_user: "root" + with_items: + - "SWIFT_URL={{ caas.swift }}" diff --git a/ansible/roles/pre_install_caas_infra/meta/main.yaml b/ansible/roles/pre_install_caas_infra/meta/main.yaml index 7506305..842164f 100644 --- a/ansible/roles/pre_install_caas_infra/meta/main.yaml +++ b/ansible/roles/pre_install_caas_infra/meta/main.yaml @@ -21,7 +21,7 @@ dependencies: cert_path: /etc/kubernetes/ssl alt_names: dns: - - "cpu-dev-pod-mutator-svc.kube-system.svc.nokia.net" + - "cpu-dev-pod-mutator-svc.kube-system.svc.{{ caas.dns_domain }}" - "cpu-dev-pod-mutator-svc.kube-system.svc" become: true become_user: "root" @@ -46,7 +46,7 @@ dependencies: cert_path: /etc/metrics-server/ssl alt_names: dns: - - metrics-server.kube-system.svc.nokia.net + - "metrics-server.kube-system.svc.{{ caas.dns_domain }}" - metrics-server.kube-system.svc become: true become_user: "root" diff --git a/cm_config/caas.yaml b/cm_config/caas.yaml index 7b86625..e88f40d 100644 --- a/cm_config/caas.yaml +++ b/cm_config/caas.yaml @@ -23,33 +23,33 @@ caas_base_directory: "/var/lib/caas" infra_containers_directory: "{{ caas_base_directory }}/images" manifests_directory: "{{ caas_base_directory }}/manifests" registry_directory: /var/lib/registry -apiserver_in_hosts: apiserver.nokia.net +apiserver_in_hosts: apiserver.{{ dns_domain }} etcd_api_port: 4111 etcd_peer_port: 4112 -kubernetes_component_label: ncrf-image -swift_url: swift.kube-system.svc.nokia.net +kubernetes_component_label: akrec-image +swift_url: swift.kube-system.svc.{{ dns_domain }} swift_port: 8084 swift: https://{{ swift_url }}:{{ swift_port }} -swift_update_url: swift-update.kube-system.svc.nokia.net +swift_update_url: swift-update.kube-system.svc.{{ dns_domain }} swift_memcached_port: 11222 update_swift_port: 8091 swift_update: https://{{ swift_update_url }}:{{ update_swift_port }} chart_repo_ip: 10.254.210.229 -chart_repo_url: chart-repo.kube-system.svc.nokia.net +chart_repo_url: chart-repo.kube-system.svc.{{ dns_domain }} chart_repo_port: 8088 chart_repo: https://{{ chart_repo_url }}:{{ chart_repo_port }} tiller_ip: 10.254.165.237 -tiller_url: tiller.kube-system.svc.nokia.net +tiller_url: tiller.kube-system.svc.{{ dns_domain }} tiller_port: 44134 tiller: https://{{ tiller_url }}:{{ tiller_port }} -registry_url: registry.kube-system.svc.nokia.net +registry_url: registry.kube-system.svc.{{ dns_domain }} registry_port: 5555 registry: https://{{ registry_url }}:{{ registry_port }} registry_repo: "caas" -update_registry_url: registry-update.kube-system.svc.nokia.net +update_registry_url: registry-update.kube-system.svc.{{ dns_domain }} update_registry_port: 5556 update_registry: https://{{ update_registry_url }}:{{ update_registry_port }} -elasticsearch_url: elasticsearch-logging.kube-system.svc.nokia.net +elasticsearch_url: elasticsearch-logging.kube-system.svc.{{ dns_domain }} elasticsearch_port: 9200 elasticsearch_memory_request: 1Gi elasticsearch_memory_limit: 2Gi @@ -59,8 +59,8 @@ elasticsearch_port_for_cluster_communication: 9300 elasticsearch: https://{{ elasticsearch_url }}:{{ elasticsearch_port }} internal_flannel_interface: eth0 container_wait_timeout: 120 -ldap_master_url: master.infraldap-server.nokia.net -ldap_slave_url: infraldap-server-slave.kube-system.svc.nokia.net +ldap_master_url: master.infraldap-server.{{ dns_domain }} +ldap_slave_url: infraldap-server-slave.kube-system.svc.{{ dns_domain }} apiserver_secure_port: 6443 apiserver_svc_port: 443 default_partition_size: 16 @@ -72,7 +72,7 @@ caas_chart_path: "{{ caas_base_directory }}/infra-charts" caas_policy_directory: "{{ caas_base_directory }}/policies" kubernetes_service_url: kubernetes.default.svc prometheus_port: 9090 -prometheus_url: prometheus.kube-system.svc.nokia.net +prometheus_url: prometheus.kube-system.svc.{{ dns_domain }} prometheus: https://{{ prometheus_url }}:{{ prometheus_port }} custom_metrics_api_port: 6443 custom_metrics_api_serviceport: 443 @@ -85,7 +85,7 @@ kubernetes_secret_users: kube service_cluster_ip_cidr: "10.254.0.0/16" apiserver_svc_ip: "10.254.0.1" dns_svc_ip: "10.254.0.254" -apiserver_service_name: "kubernetes.default.svc.nokia.net" +apiserver_service_name: "kubernetes.default.svc.{{ dns_domain }}" rbac_manifests_directory: "{{ caas_base_directory }}/rbac_manifests" webhook_port: 443 root_partition: "/dev/vda" diff --git a/infra-charts/templates/elasticsearch-data-statefulset.yaml b/infra-charts/templates/elasticsearch-data-statefulset.yaml index 246be09..13ea626 100644 --- a/infra-charts/templates/elasticsearch-data-statefulset.yaml +++ b/infra-charts/templates/elasticsearch-data-statefulset.yaml @@ -55,7 +55,7 @@ spec: - name: NODE_MASTER value: "false" - name: DISCOVERY_SERVICE - value: elasticsearch-data.kube-system.svc.nokia.net + value: elasticsearch-data.kube-system.svc.{{ .Values.domain }} - name: PROCESSORS valueFrom: resourceFieldRef: diff --git a/infra-charts/templates/elasticsearch-master-statefulset.yaml b/infra-charts/templates/elasticsearch-master-statefulset.yaml index 50c0c8f..904f0fc 100644 --- a/infra-charts/templates/elasticsearch-master-statefulset.yaml +++ b/infra-charts/templates/elasticsearch-master-statefulset.yaml @@ -55,7 +55,7 @@ spec: - name: NODE_DATA value: "false" - name: DISCOVERY_SERVICE - value: elasticsearch-data.kube-system.svc.nokia.net + value: elasticsearch-data.kube-system.svc.{{ .Values.domain }} - name: ES_JAVA_OPTS value: "-Xms{{ .Values.elasticsearch.java_heap_request }} -Xmx{{ .Values.elasticsearch.java_heap_max }} -Dmapper.allow_dots_in_name=true" {{- range $key, $value := .Values.elasticsearch.cluster.env }} diff --git a/infra-charts/values.yaml.j2 b/infra-charts/values.yaml.j2 index 51603bd..d772e35 100644 --- a/infra-charts/values.yaml.j2 +++ b/infra-charts/values.yaml.j2 @@ -17,6 +17,7 @@ limitations under the License. kubernetes_component_label: {{ caas.kubernetes_component_label }} registry_url: {{ caas.registry_url }}:{{ caas.registry_port }} registry_reponame: "{{ caas.registry_repo }}" +domain: "{{ caas.dns_domain }}" metrics_server: required: true diff --git a/utils/common/aliases.sh b/utils/common/aliases.sh index d5d5c78..18587bb 100644 --- a/utils/common/aliases.sh +++ b/utils/common/aliases.sh @@ -14,6 +14,6 @@ # limitations under the License. # Swift -function swiftauth { source /etc/swift/usr/admin/env_file; export SWIFT_AUTH_KEY=`curl --cacert /etc/swift/main/tls-proxy/ca.pem -XGET -i -H"X-Auth-User:${SWIFT_TENANT}:${SWIFT_USER}" -H"X-Auth-Key:${SWIFT_PASS}" https://swift.kube-system.svc.nokia.net:8084/auth/v1.0 | grep X-Auth-Token: | awk '{print $2;}'`; } -function swiftget { curl --cacert /etc/swift/main/tls-proxy/ca.pem -XGET -H"X-Auth-Token: ${SWIFT_AUTH_KEY}" https://swift.kube-system.svc.nokia.net:8084/v1.0/AUTH_admin${1}; } -function swiftput { curl --cacert /etc/swift/main/tls-proxy/ca.pem -XPUT -H"X-Auth-Token: ${SWIFT_AUTH_KEY}" -T ${1} https://swift.kube-system.svc.nokia.net:8084/v1.0/AUTH_admin${2}; } +function swiftauth { source /etc/swift/usr/admin/env_file; export SWIFT_AUTH_KEY=`curl --cacert /etc/swift/main/tls-proxy/ca.pem -XGET -i -H"X-Auth-User:${SWIFT_TENANT}:${SWIFT_USER}" -H"X-Auth-Key:${SWIFT_PASS}" "${SWIFT_URL}/auth/v1.0" | grep X-Auth-Token: | awk '{print $2;}'`; } +function swiftget { curl --cacert /etc/swift/main/tls-proxy/ca.pem -XGET -H"X-Auth-Token: ${SWIFT_AUTH_KEY}" "${SWIFT_URL}/v1.0/AUTH_admin${1}"; } +function swiftput { curl --cacert /etc/swift/main/tls-proxy/ca.pem -XPUT -H"X-Auth-Token: ${SWIFT_AUTH_KEY}" -T ${1} "${SWIFT_URL}/v1.0/AUTH_admin${2}"; }