README.rst

ansible-ansible-openshift-ansible

Ansible playbooks to run ansible on a remote "openshift control" what will run `openshift-ansible`_ to deploy a cluster.

What? Why?

The `openshift-ansible`_ playbooks require that various tasks be run on localhost in order to build their internal abstracted representation of the inventory list. Running potentially arbitrary code from external sources on a bastion host (which is what localhost would be as the ansible control machine) is often frowned upon. The goal here is to allow for the deployment of `openshift-ansible`_ via an intermediate host.

+---------------+                   +-------------------+
|               |                   |                   |
| bastion host  +----[ansible]----->| openshift control |
|               |                   |                   |
+---------------+                   +---------+---------+
                                              |
                                              |
                                          [ansible]
                                              |
                                              |
                                              V
+--------------------------------------------------------------------------+
|                                                                          |
|  openshift cluster                                                       |
|                                                                          |
|  +-----------+               +-----------+   +-----------+               |
|  |           |               |           |   |           |               |
|  | openshift |  ...[masters] | openshift |   | openshift |   ...[nodes]  |
|  |  master   |               |   node    |   |   node    |               |
|  |           |               |           |   |           |               |
|  +-----------+               +-----------+   +-----------+               |
|                                                                          |
+--------------------------------------------------------------------------+

How to use this

You will need to configure two ansible inventory files, the first will be for the "local" ansible run which will target the group openshift_control and that file is inventory/inventory. You will also need to configure the inventory that will be used in the remote execution of ansible on the openshift control machine, this file is files/openshift-cluster-inventory

Note

There is a requirement to setup the SSH keys such that the bastion host can passwordless ssh into the openshift control host and such that the openshift control host can passwordless ssh into each of the hosts in the openshift cluster. This is outside the scope of this document.

Then you can run the playbook to run the playbook:

ansible-playbook ansible-ansible-openshift-ansible.yml -i inventory/inventory