ansible-ansible-openshift-ansible

Created 4 years ago
Maintained by maxamillion
Ansible playbooks to run ansible on a remote "openshift control" what will run openshift-ansible to deploy a cluster
Members 1
ansible-ansible-openshift-ansible
#################################

Ansible playbooks to run ansible on a remote "openshift control" what will run
`openshift-ansible`_ to deploy a cluster.

What? Why?
----------

The `openshift-ansible`_ playbooks require that various tasks be run on
``localhost`` in order to build their internal abstracted representation of the
inventory list. Running potentially arbitrary code from external sources on a
bastion host (which is what ``localhost`` would be as the ansible control
machine) is often frowned upon. The goal here is to allow for the deployment of
`openshift-ansible`_ via an intermediate host.


::

    +---------------+                   +-------------------+
    |               |                   |                   |
    | bastion host  +----[ansible]----->| openshift control |
    |               |                   |                   |
    +---------------+                   +---------+---------+
                                                  |
                                                  |
                                              [ansible]
                                                  |
                                                  |
                                                  V
    +--------------------------------------------------------------------------+
    |                                                                          |
    |  openshift cluster                                                       |
    |                                                                          |
    |  +-----------+               +-----------+   +-----------+               |
    |  |           |               |           |   |           |               |
    |  | openshift |  ...[masters] | openshift |   | openshift |   ...[nodes]  |
    |  |  master   |               |   node    |   |   node    |               |
    |  |           |               |           |   |           |               |
    |  +-----------+               +-----------+   +-----------+               |
    |                                                                          |
    +--------------------------------------------------------------------------+

How to use this
----------------

You will need to configure the inventory file ``inventory/inventory`` to contain
the host names of the openshift control host and the various hosts for
openshift masters and openshift nodes. The group names for the masters inventory
list and the nodes inventory list needs to match the group names for
``openshift_cluster_masters_group`` and ``openshift_cluster_nodes_group`` in the
file ``vars/variables.yml``. The inventory used on the openshift control host is
generated using the template ``templates/cluster-inventory.j2`` and by default
the master nodes are also used for various openshift infrastructure components
of the cluster and if there are desired changes for the openshift configuration
as per the `OpenShift Advanced Configuration Guide`_, they should be made to
that template.

.. note::
    There is a requirement to setup the SSH keys such that the bastion host
    can passwordless ssh into the openshift control host and such that the
    openshift control host can passwordless ssh into each of the hosts in
    the openshift cluster. This is outside the scope of this document.

Then you can run the playbook to run the playbook:

::

    ansible-playbook ansible-ansible-openshift-ansible.yml -i inventory/inventory

.. _OpenShift Advanced Configuration Guide:
    https://docs.openshift.org/latest/install_config/install/advanced_install.html