Playbooks to configure OpenShift 4.x cluster

Couple of ansible roles to configure serveral components for a fresh install of an openshift cluster.

None of these role are written to be used blindly. They are provided as a POC/minimum viable option to get you kickstarted without having to put a ton of effort to figure out exactly what all needs to be done.

A lot of assumptions are made. So please walk through the roles first, before attempting to run them.

Setting up your environment to run the playbooks


Assuming that you are running as root. Adjust accordingly

subscription-manager repos --enable="rhel-7-server-ansible-2.7-rpms"
yum update ansible

subscription-manager repos --enable rhel-server-rhscl-7-rpms

yum install python27-python-pip
pip install -U setuptools
pip install --user openshift kubernetes

Runing the indivdual roles

You can run individual roles by runnning ansible playbook against the roles/<role-name>/apply/main.yaml playbook in each of the individual roles.

ansible-playbook roles/<role-name>/apply/main.yaml

Below are the list of ansible roles that are available. Do checkout the individual role’s documenation for more information on what they do.

List of Roles

├── cluster-monitoring
├── etcd-backup
├── ldap-group-sync
├── ldap-oauth
├── ocp-ntp
├── project-template
├── service-mesh
├── splunk-connect
└── trident

Wait for Cluster Boostrap to Finish

When onboarding team and dong workshops to install OpenShift, it almost goes without saying that you will be installing and re-installing the OpenShift cluster multiple times. During the intial phases it is great for teams to watch the boostrap process tail the logs and and wait for the bootstrap process to complete.

I often run watch oc get co and wait till all the cluter operators have successfully been deployed, before I go about start my post install config playbooks.

Adding playbook wait-for-bootstrap.yml that will wait for boostrap proces to complete. This works great for a OCP 4.3 cluster since all the operators are available once a bootstrap completes. In OCP4.2 or earlier the imageregistry operator does not become available. You can easily make a few adjustment and have this working for OCP 4.2 or earlier clusters as well

ansible-playbook wait-for-bootstrap.yml

OR if you want the json output saved to file to inspect/query/process later.

ansible-playbook wait-for-bootstrap.yml -e save_json=true