Skip to content

Fix Windows node deployment for OCP 4.18+ #9626

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 1 commit into from
Closed

Fix Windows node deployment for OCP 4.18+ #9626

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion ansible/roles_ocp_workloads/ocp4_workload_windows_node/defaults/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,5 +16,5 @@ ocp4_workload_windows_node_doc_svc: "winc-doc"
ocp4_workload_windows_node_doc_route: "winc-doc"
ocp4_workload_windows_node_doc_image: "quay.io/redhatworkshops/windows-containers-quickstart"
ocp4_workload_windows_node_doc_image_tag: "latest"
ocp4_workload_windows_node_windows_ami_filter: "Windows_Server-2019*English*Full*ContainersLatest*"
ocp4_workload_windows_node_windows_ami_filter: "Windows_Server-2022*English*Full*ContainersLatest*"
ocp4_workload_windows_node_windows_ami_owner: "801119661308"
29 changes: 29 additions & 0 deletions ansible/roles_ocp_workloads/ocp4_workload_windows_node/tasks/workload.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,35 @@
set_fact:
cluster_az: "{{ machineset_list.resources[0].spec.template.spec.providerSpec.value.placement.availabilityZone }}"

# Extract security group from existing worker MachineSet
- name: Extract security group configuration from existing worker MachineSet
set_fact:
worker_sg_config: "{{ machineset_list.resources[0].spec.template.spec.providerSpec.value.securityGroups }}"

- name: Determine security group tag name or ID from existing configuration
set_fact:
worker_sg_tag: "{{ worker_sg_config[0].filters[0].values[0] if worker_sg_config[0].filters is defined else worker_sg_config[0].id }}"
when: worker_sg_config is defined and worker_sg_config | length > 0

# Query AWS to resolve security group tag to ID
- name: Query AWS for security group ID by tag name
ec2_security_group_info:
region: "{{ cluster_region }}"
aws_access_key: "{{ ocp_access_key }}"
aws_secret_key: "{{ ocp_secret_key }}"
filters:
"tag:Name": "{{ worker_sg_tag }}"
register: worker_sg_query
when: worker_sg_tag is defined

- name: Set worker security group ID from AWS query
set_fact:
worker_sg_id: "{{ worker_sg_query.security_groups[0].group_id }}"
when:
- worker_sg_query is defined
- worker_sg_query.security_groups is defined
- worker_sg_query.security_groups | length > 0

# Get the latest Windows Server 2019 with Containers
- name: Extract the latest Windows Server 2019 with Containers Image
ec2_ami_info:
Expand Down
4 changes: 4 additions & 0 deletions ansible/roles_ocp_workloads/ocp4_workload_windows_node/templates/windows-ms.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,10 +44,14 @@ spec:
availabilityZone: "{{ cluster_az }}"
region: "{{ cluster_region }}"
securityGroups:
{% if worker_sg_id is defined %}
- id: "{{ worker_sg_id }}"
{% else %}
- filters:
- name: tag:Name
values:
- "{{ cluster_id }}-worker-sg"
{% endif %}
subnet:
filters:
- name: tag:Name
Expand Down