ansible-ansible-openshift-ansible

Ansible playbooks to run ansible on a remote "openshift control" what will run openshift-ansible to deploy a cluster

ansible-ansible-openshift-ansible

Ansible playbooks to run ansible on a remote "openshift control" what will run `openshift-ansible`_ to deploy a cluster.

What? Why?

The `openshift-ansible`_ playbooks require that various tasks be run on localhost in order to build their internal abstracted representation of the inventory list. Running potentially arbitrary code from external sources on a bastion host (which is what localhost would be as the ansible control machine) is often frowned upon. The goal here is to allow for the deployment of `openshift-ansible`_ via an intermediate host.

+---------------+                   +-------------------+
|               |                   |                   |
| bastion host  +----[ansible]----->| openshift control |
|               |                   |                   |
+---------------+                   +---------+---------+
                                              |
                                              |
                                          [ansible]
                                              |
                                              |
                                              V
+--------------------------------------------------------------------------+
|                                                                          |
|  openshift cluster                                                       |
|                                                                          |
|  +-----------+               +-----------+   +-----------+               |
|  |           |               |           |   |           |               |
|  | openshift |  ...[masters] | openshift |   | openshift |   ...[nodes]  |
|  |  master   |               |   node    |   |   node    |               |
|  |           |               |           |   |           |               |
|  +-----------+               +-----------+   +-----------+               |
|                                                                          |
+--------------------------------------------------------------------------+

How to use this

You will need to configure the inventory file inventory/inventory to contain the host names of the openshift control host and the various hosts for openshift masters and openshift nodes. The group names for the masters inventory list and the nodes inventory list needs to match the group names for openshift_cluster_masters_group and openshift_cluster_nodes_group in the file vars/variables.yml. The inventory used on the openshift control host is generated using the template templates/cluster-inventory.j2 and by default the master nodes are also used for various openshift infrastructure components of the cluster and if there are desired changes for the openshift configuration as per the OpenShift Advanced Configuration Guide, they should be made to that template.

Note

There is a requirement to setup the SSH keys such that the bastion host can passwordless ssh into the openshift control host and such that the openshift control host can passwordless ssh into each of the hosts in the openshift cluster. This is outside the scope of this document.

Then you can run the playbook to run the playbook:

ansible-playbook ansible-ansible-openshift-ansible.yml -i inventory/inventory