---
|
# Start / Stop Logic for OCP 4 Clusters
|
|
- import_playbook: ../../setup_runtime.yml
|
|
- name: Build inventory
|
hosts: localhost
|
connection: local
|
gather_facts: false
|
become: false
|
tasks:
|
- when: cloud_provider == 'ec2'
|
block:
|
- name: Run infra-ec2-create-inventory Role
|
include_role:
|
name: infra-ec2-create-inventory
|
|
- name: Run Common SSH Config Generator Role
|
include_role:
|
name: infra-common-ssh-config-generate
|
when: "'bastions' in groups"
|
|
- name: Set ansible_ssh_extra_args
|
hosts:
|
- all:!windows:!network
|
gather_facts: false
|
any_errors_fatal: true
|
ignore_errors: false
|
tasks:
|
- name: Set facts for remote access
|
set_fact:
|
ansible_ssh_extra_args: >-
|
{{ ansible_ssh_extra_args|d() }}
|
-F {{hostvars.localhost.output_dir}}/{{ env_type }}_{{ guid }}_ssh_conf
|
|
- name: Run stop/start/status/... actions
|
hosts: localhost
|
connection: local
|
gather_facts: False
|
become: no
|
tasks:
|
- name: Check for project_tag
|
when: project_tag is not defined or project_tag == ''
|
fail:
|
msg: "project_tag is not defined"
|
|
- name: Check for ACTION
|
when: ACTION is not defined
|
fail:
|
msg: "ACTION is not defined"
|
|
- name: Start / Stop VMs on AWS
|
when: cloud_provider == 'ec2'
|
environment:
|
AWS_ACCESS_KEY_ID: "{{aws_access_key_id}}"
|
AWS_SECRET_ACCESS_KEY: "{{aws_secret_access_key}}"
|
AWS_DEFAULT_REGION: "{{aws_region_final|d(aws_region)}}"
|
block:
|
- name: Stop instances by (guid,env_type) tags
|
when: ACTION == 'stop'
|
ec2_instance:
|
state: stopped
|
wait: no
|
filters:
|
"tag:guid": "{{ guid }}"
|
"tag:env_type": "{{ env_type }}"
|
|
- name: Start instances by (guid, env_type) tags
|
when: ACTION == 'start'
|
ec2_instance:
|
state: started
|
wait: true
|
filters:
|
"tag:guid": "{{ guid }}"
|
"tag:env_type": "{{ env_type }}"
|
|
- when: ACTION == 'status'
|
block:
|
- name: Get EC2 facts using (guid, env_type) tag
|
ec2_instance_facts:
|
filters:
|
"tag:guid": "{{ guid }}"
|
"tag:env_type": "{{ env_type }}"
|
register: r_instances
|
|
- name: Print status information to a file
|
template:
|
dest: "{{ output_dir }}/status.txt"
|
src: files/status.j2
|
|
- name: Run recover cluster actions
|
hosts: localhost
|
run_once: true
|
become: false
|
gather_facts: false
|
tasks:
|
- name: Recover cluster if it missed cert rotation
|
delegate_to: "{{ groups['bastions'] | first }}"
|
when: ACTION == 'start'
|
block:
|
- name: Wait (default 5m) for Nodes to settle and pods to start
|
pause:
|
seconds: "{{ lifecycle_start_pause | default(300) }}"
|
|
- name: Get CSRs that need to be patched
|
command: oc get csr -oname
|
register: r_csrs
|
changed_when: false
|
|
- when: r_csrs.stdout_lines | length > 0
|
name: Approve all Pending CSRs
|
command: oc adm certificate approve
|
args:
|
stdin: "{{ r_csrs.stdout_lines }}"
|