Merge pull request #5337 from sjug/ansible_updates

USHIFT-5984: Rollup of Ansible script updates as of MicroShift 4.19

Author: openshift-merge-bot[bot]

ansible/roles/add-kubelet-logging/tasks/main.yml

@@ -1,55 +1,58 @@
 ---
 # add-kubelet-logging tasks
 
-- name: check to ensure promdir target exists
+- name: Check to ensure promdir target exists
   ansible.builtin.stat:
     path: "{{ prometheus_dir }}"
   register: promdir
 
-- name: check if the file exists
+- name: Check if the file exists
   ansible.builtin.stat:
     path: "{{ sa_token_file }}"
   register: token_file
 
-- block:
-  - name: load sa-token file from localhost
-    ansible.builtin.slurp:
-      src: "{{ sa_token_file }}"
-    register: bearer_token_slurp
-    delegate_to: localhost
+- name: Deal with metrics service account token file
+  when: token_file.stat.exists
+  block:
+    - name: Load sa-token file from localhost
+      ansible.builtin.slurp:
+        src: "{{ sa_token_file }}"
+      register: bearer_token_slurp
+      delegate_to: localhost
 
-  - name: decode bearer token
-    set_fact:
-      bearer_token: "{{ bearer_token_slurp.content | b64decode }}"
+    - name: Decode bearer token
+      ansible.builtin.set_fact:
+        bearer_token: "{{ bearer_token_slurp.content | b64decode }}"
 
-  - name: create metrics service account token file in prometheus folder
-    ansible.builtin.copy:
-      content: "{{ bearer_token }}"
-      dest: "{{ kubelet_auth_token_file }}"
-    when: promdir.stat.exists
+    - name: Create metrics service account token file in prometheus folder
+      ansible.builtin.copy:
+        content: "{{ bearer_token }}"
+        dest: "{{ kubelet_auth_token_file }}"
+        mode: '0644'
+      when: promdir.stat.exists
 
-  - name: remove the sa-token file
-    ansible.builtin.file:
-      path: "{{ sa_token_file }}"
-      state: absent
-  when: token_file.stat.exists
+    - name: Remove the sa-token file
+      ansible.builtin.file:
+        path: "{{ sa_token_file }}"
+        state: absent
 
-- name: append kubelet scrape config target to prometheus config
+- name: Append kubelet scrape config target to prometheus config
   ansible.builtin.blockinfile:
     path: "{{ prometheus_config }}"
     block: |
       # kubelet targets
-        - job_name: kubelet
+      {% for host in groups['microshift'] %}
+        - job_name: kubelet-{{ host }}
           scheme: https
           authorization:
             credentials_file: "{{ kubelet_auth_token_file }}"
           tls_config:
             insecure_skip_verify: true
           static_configs:
             - targets:
-              - microshift-dev:10250
+              - {{ hostvars[host].ansible_host }}:10250
 
-        - job_name: kubelet cadvisor
+        - job_name: kubelet-{{ host }}-cadvisor
           scheme: https
           authorization:
             credentials_file: "{{ kubelet_auth_token_file }}"
@@ -58,9 +61,10 @@
           metrics_path: /metrics/cadvisor
           static_configs:
             - targets:
-              - microshift-dev:10250
+              - {{ hostvars[host].ansible_host }}:10250
+      {% endfor %}
 
-- name: restart prometheus to pick up new target
+- name: Restart prometheus to pick up new target
   ansible.builtin.systemd:
     state: restarted
     name: prometheus

ansible/roles/common/tasks/boot.yml

@@ -1,6 +1,11 @@
 ---
 # common microshift boot start time script
 
+# Include shared microshift version configuration
+- name: Include shared microshift version configuration
+  include_vars:
+    file: "{{ playbook_dir }}/vars/microshift_versions.yml"
+
 - block:
   - name: find microshift cleanup script
     ansible.builtin.find:
@@ -16,13 +21,13 @@
       microshift_cleanup_bin: "{{ find_cleanup.files[0].path if find_cleanup.files }}"
 
   - name: cleanup microshift data
-    become: yes
+    become: true
     ansible.builtin.shell: echo 1 | {{ microshift_cleanup_bin }} --all
   when: cleanup_microshift | default('false') | bool
 
 - block:
   - name: reboot machine
-    become: yes
+    become: true
     ansible.builtin.reboot:
       reboot_timeout: 600
 
@@ -31,9 +36,26 @@
       seconds: 60
   when: reboot | default('false') | bool
 
+- name: Extract major version for pod counts
+  set_fact:
+    microshift_major_version: "{{ microshift_version.split('.')[:2] | join('.') }}"
+
+- name: Validate that version exists in config
+  fail:
+    msg: "Error: MicroShift version {{ microshift_major_version }} not found in microshift_versions dictionary. Please update the defaults/main.yml file."
+  when: microshift_major_version not in microshift_versions
+
+- name: Set expected pod counts
+  set_fact:
+    expected_pods: "{{ microshift_versions[microshift_major_version].expected_pods }}"
+    all_pods: "{{ microshift_versions[microshift_major_version].all_pods }}"
+
 - name: run the microshift boot script
   ansible.builtin.script:
-    cmd: ready.sh
+    cmd: >
+      ready.sh
+      {{ expected_pods }}
+      {{ all_pods }}
   register: script_output
 
 - name: display script output

ansible/roles/configure-firewall/defaults/main.yml

@@ -27,4 +27,5 @@ firewall_ports:
 firewall_trusted_cidr:
   - 10.42.0.0/16
   - 169.254.169.1/32
+  - fd01::/48
 

ansible/roles/install-logging/defaults/main.yml

@@ -12,6 +12,7 @@ logging_services:
 grafana_setup: false
 grafana_username: admin
 grafana_password: admin
+grafana_host_address: "192.168.1.100"
 grafana_port: 3000
 
 prometheus_port: 9091