diff options
-rw-r--r-- | .tito/packages/openshift-ansible | 2 | ||||
-rw-r--r-- | callback_plugins/openshift_quick_installer.py | 4 | ||||
-rw-r--r-- | openshift-ansible.spec | 10 | ||||
-rw-r--r-- | playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml | 2 | ||||
-rw-r--r-- | playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml | 6 | ||||
-rw-r--r-- | playbooks/common/openshift-cluster/upgrades/rpm_upgrade.yml | 4 | ||||
-rw-r--r-- | playbooks/common/openshift-node/config.yml | 4 | ||||
-rwxr-xr-x | roles/openshift_facts/library/openshift_facts.py | 4 | ||||
-rw-r--r-- | roles/openshift_node/tasks/main.yml | 2 | ||||
-rw-r--r-- | roles/openshift_node/tasks/storage_plugins/nfs.yml | 32 |
10 files changed, 42 insertions, 28 deletions
diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index 56c99bf4c..d231e0c7f 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.4.7-1 ./ +3.4.8-1 ./ diff --git a/callback_plugins/openshift_quick_installer.py b/callback_plugins/openshift_quick_installer.py index e2f125df9..fc9bfb899 100644 --- a/callback_plugins/openshift_quick_installer.py +++ b/callback_plugins/openshift_quick_installer.py @@ -1,4 +1,4 @@ -# pylint: disable=invalid-name,protected-access,import-error,line-too-long +# pylint: disable=invalid-name,protected-access,import-error,line-too-long,attribute-defined-outside-init # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -112,6 +112,8 @@ role. Only the tasks directly assigned to a play are exposed in the else: msg = "PLAY [%s]" % name + self._play = play + self.banner(msg) # pylint: disable=unused-argument,no-self-use diff --git a/openshift-ansible.spec b/openshift-ansible.spec index bf0f1f3e2..b2e81eaf2 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -5,7 +5,7 @@ } Name: openshift-ansible -Version: 3.4.7 +Version: 3.4.8 Release: 1%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 @@ -249,6 +249,14 @@ Atomic OpenShift Utilities includes %changelog +* Fri Oct 14 2016 Troy Dawson <tdawson@redhat.com> 3.4.8-1 +- update handling of use_dnsmasq (jdetiber@redhat.com) +- Fix standalone docker upgrade playbook skipping nodes. (dgoodwin@redhat.com) +- Fix missing play assignment in a-o-i callback plugin (tbielawa@redhat.com) +- Stop restarting node after upgrading master rpms. (dgoodwin@redhat.com) +- Fix upgrade mappings in quick installer (smunilla@redhat.com) +- nfs: Handle seboolean aliases not just in Fedora (walters@verbum.org) + * Wed Oct 12 2016 Troy Dawson <tdawson@redhat.com> 3.4.7-1 - set defaults for debug_level in template and task (jhcook@gmail.com) - Set HTTPS_PROXY in example builddefaults_json (sdodson@redhat.com) diff --git a/playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml index 0f86abd89..1755203a4 100644 --- a/playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml +++ b/playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml @@ -26,4 +26,6 @@ openshift_cluster_id: "{{ cluster_id | default('default') }}" openshift_deployment_type: "{{ deployment_type }}" +- include: ../../../../common/openshift-cluster/upgrades/initialize_nodes_to_upgrade.yml + - include: docker_upgrade.yml diff --git a/playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml b/playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml index fc26d029e..46ff421fd 100644 --- a/playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml +++ b/playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml @@ -22,13 +22,15 @@ command: > {{ repoquery_cmd }} --qf '%{version}' "docker" register: avail_docker_version + # Don't expect docker rpm to be available on hosts that don't already have it installed: + when: pkg_check.rc == 0 failed_when: false changed_when: false - fail: msg: This playbook requires access to Docker 1.10 or later # Disable the 1.10 requirement if the user set a specific Docker version - when: docker_version is not defined and (docker_upgrade is not defined or docker_upgrade | bool == True) and (avail_docker_version.stdout == "" or avail_docker_version.stdout | version_compare('1.10','<')) + when: docker_version is not defined and (docker_upgrade is not defined or docker_upgrade | bool == True) and (pkg_check.rc == 0 and (avail_docker_version.stdout == "" or avail_docker_version.stdout | version_compare('1.10','<'))) # Default l_docker_upgrade to False, we'll set to True if an upgrade is required: - set_fact: @@ -37,7 +39,7 @@ # Make sure a docker_verison is set if none was requested: - set_fact: docker_version: "{{ avail_docker_version.stdout }}" - when: docker_version is not defined + when: pkg_check.rc == 0 and docker_version is not defined - name: Flag for Docker upgrade if necessary set_fact: diff --git a/playbooks/common/openshift-cluster/upgrades/rpm_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/rpm_upgrade.yml index af77f140f..cd1139b29 100644 --- a/playbooks/common/openshift-cluster/upgrades/rpm_upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/rpm_upgrade.yml @@ -5,3 +5,7 @@ - name: Ensure python-yaml present for config upgrade action: "{{ ansible_pkg_mgr }} name=PyYAML state=present" when: not openshift.common.is_atomic | bool + +- name: Restart node service + service: name="{{ openshift.common.service_type }}-node" state=restarted + when: component == "node" diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index 364a62dd0..5191662f7 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -67,7 +67,7 @@ openshift_ca_host: "{{ groups.oo_first_master.0 }}" - role: openshift_cloud_provider - role: openshift_node_dnsmasq - when: openshift.common.use_dnsmasq + when: openshift.common.use_dnsmasq | bool - role: os_firewall os_firewall_allow: - service: Kubernetes kubelet @@ -106,7 +106,7 @@ openshift_ca_host: "{{ groups.oo_first_master.0 }}" - role: openshift_cloud_provider - role: openshift_node_dnsmasq - when: openshift.common.use_dnsmasq + when: openshift.common.use_dnsmasq | bool - role: os_firewall os_firewall_allow: - service: Kubernetes kubelet diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 0ee018c5c..cb642e12e 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -501,8 +501,8 @@ def set_dnsmasq_facts_if_unset(facts): """ if 'common' in facts: - facts['common']['use_dnsmasq'] = bool('use_dnsmasq' not in facts['common'] and - safe_get_bool(facts['common']['version_gte_3_2_or_1_2'])) + if 'use_dnsmasq' not in facts['common']: + facts['common']['use_dnsmasq'] = bool(safe_get_bool(facts['common']['version_gte_3_2_or_1_2'])) if 'master' in facts and 'dns_port' not in facts['master']: if safe_get_bool(facts['common']['use_dnsmasq']): facts['master']['dns_port'] = 8053 diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 8e9c9f511..64c90db50 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -112,6 +112,8 @@ - name: NFS storage plugin configuration include: storage_plugins/nfs.yml + tags: + - nfs - name: GlusterFS storage plugin configuration include: storage_plugins/glusterfs.yml diff --git a/roles/openshift_node/tasks/storage_plugins/nfs.yml b/roles/openshift_node/tasks/storage_plugins/nfs.yml index 22b539d16..5f99f129c 100644 --- a/roles/openshift_node/tasks/storage_plugins/nfs.yml +++ b/roles/openshift_node/tasks/storage_plugins/nfs.yml @@ -3,30 +3,24 @@ action: "{{ ansible_pkg_mgr }} name=nfs-utils state=present" when: not openshift.common.is_atomic | bool -- name: Check for existence of virt_use_nfs seboolean - command: getsebool virt_use_nfs - register: virt_use_nfs_output +- name: Check for existence of seboolean + command: getsebool {{ item }} + register: getsebool_status when: ansible_selinux and ansible_selinux.status == "enabled" failed_when: false changed_when: false + with_items: + - virt_use_nfs + - virt_sandbox_use_nfs - name: Set seboolean to allow nfs storage plugin access from containers seboolean: - name: virt_use_nfs + name: "{{ item.item }}" state: yes persistent: yes - when: ansible_selinux and ansible_selinux.status == "enabled" and virt_use_nfs_output.rc == 0 - -- name: Check for existence of virt_sandbox_use_nfs seboolean (RHEL) - command: getsebool virt_sandbox_use_nfs - register: virt_sandbox_use_nfs_output - when: ansible_distribution != "Fedora" and ansible_selinux and ansible_selinux.status == "enabled" - failed_when: false - changed_when: false - -- name: Set seboolean to allow nfs storage plugin access from containers(sandbox) (RHEL) - seboolean: - name: virt_sandbox_use_nfs - state: yes - persistent: yes - when: ansible_distribution != "Fedora" and ansible_selinux and ansible_selinux.status == "enabled" and virt_sandbox_use_nfs_output.rc == 0 + # We need to detect whether or not the boolean is an alias, since `seboolean` + # will error if it is an alias. We do this by inspecting stdout for the boolean name, + # since getsebool prints the resolved name. (At some point Ansible's seboolean module + # should learn to deal with aliases) + when: ansible_selinux and ansible_selinux.status == "enabled" and item.rc == 0 and item.stdout.find(item.item) != -1 + with_items: "{{ getsebool_status.results }}" |