---
|
# Start / Stop Logic for OCP 4 Clusters
|
|
- import_playbook: ../../setup_runtime.yml
|
|
- name: Build inventory
|
hosts: localhost
|
connection: local
|
gather_facts: false
|
become: false
|
tasks:
|
- when: cloud_provider == 'ec2'
|
block:
|
- name: Run infra-ec2-create-inventory Role
|
include_role:
|
name: infra-ec2-create-inventory
|
|
- name: Run Common SSH Config Generator Role
|
include_role:
|
name: infra-common-ssh-config-generate
|
when: "'bastions' in groups"
|
|
- name: Run stop/start/status/... actions
|
hosts: localhost
|
connection: local
|
gather_facts: False
|
become: no
|
tasks:
|
- name: Check for project_tag
|
when: project_tag is not defined or project_tag == ''
|
fail:
|
msg: "project_tag is not defined"
|
|
- name: Check for ACTION
|
when: ACTION is not defined
|
fail:
|
msg: "ACTION is not defined"
|
|
- name: Start / Stop VMs on AWS
|
when: cloud_provider == 'ec2'
|
environment:
|
AWS_ACCESS_KEY_ID: "{{aws_access_key_id}}"
|
AWS_SECRET_ACCESS_KEY: "{{aws_secret_access_key}}"
|
AWS_DEFAULT_REGION: "{{aws_region_final|d(aws_region)}}"
|
block:
|
- name: Stop instances by (guid,env_type) tags
|
when: ACTION == 'stop'
|
ec2_instance:
|
state: stopped
|
wait: no
|
filters:
|
"tag:guid": "{{ guid }}"
|
"tag:env_type": "{{ env_type }}"
|
|
- name: Start instances by (guid, env_type) tags
|
when: ACTION == 'start'
|
ec2_instance:
|
state: started
|
wait: true
|
filters:
|
"tag:guid": "{{ guid }}"
|
"tag:env_type": "{{ env_type }}"
|
|
- name: Run recover cluster actions
|
hosts: localhost
|
run_once: yes
|
become: no
|
tasks:
|
- name: Recover cluster if it missed cert rotation
|
delegate_to: "bastion.{{ guid }}{{ subdomain_base_suffix }}"
|
when: ACTION == 'start'
|
block:
|
- name: Wait 150 seconds for Nodes to settle and pods to start
|
pause:
|
seconds: 150
|
# - name: Get Node Readiness status
|
# shell: "oc get nodes|grep -v AGE|awk -c '{print $2}'"
|
# register: r_nodestatus
|
- name: Approve all Pending CSRs
|
# when: "'NotReady' in r_nodestatus.stdout_lines"
|
shell: "oc get csr -oname | xargs oc adm certificate approve"
|
ignore_errors: yes
|