summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.tito/packages/openshift-ansible2
-rw-r--r--callback_plugins/openshift_quick_installer.py4
-rw-r--r--openshift-ansible.spec10
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml2
-rw-r--r--playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml6
-rw-r--r--playbooks/common/openshift-cluster/upgrades/rpm_upgrade.yml4
-rw-r--r--playbooks/common/openshift-node/config.yml4
-rwxr-xr-xroles/openshift_facts/library/openshift_facts.py4
-rw-r--r--roles/openshift_node/tasks/main.yml2
-rw-r--r--roles/openshift_node/tasks/storage_plugins/nfs.yml32
10 files changed, 42 insertions, 28 deletions
diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible
index 56c99bf4c..d231e0c7f 100644
--- a/.tito/packages/openshift-ansible
+++ b/.tito/packages/openshift-ansible
@@ -1 +1 @@
-3.4.7-1 ./
+3.4.8-1 ./
diff --git a/callback_plugins/openshift_quick_installer.py b/callback_plugins/openshift_quick_installer.py
index e2f125df9..fc9bfb899 100644
--- a/callback_plugins/openshift_quick_installer.py
+++ b/callback_plugins/openshift_quick_installer.py
@@ -1,4 +1,4 @@
-# pylint: disable=invalid-name,protected-access,import-error,line-too-long
+# pylint: disable=invalid-name,protected-access,import-error,line-too-long,attribute-defined-outside-init
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -112,6 +112,8 @@ role. Only the tasks directly assigned to a play are exposed in the
else:
msg = "PLAY [%s]" % name
+ self._play = play
+
self.banner(msg)
# pylint: disable=unused-argument,no-self-use
diff --git a/openshift-ansible.spec b/openshift-ansible.spec
index bf0f1f3e2..b2e81eaf2 100644
--- a/openshift-ansible.spec
+++ b/openshift-ansible.spec
@@ -5,7 +5,7 @@
}
Name: openshift-ansible
-Version: 3.4.7
+Version: 3.4.8
Release: 1%{?dist}
Summary: Openshift and Atomic Enterprise Ansible
License: ASL 2.0
@@ -249,6 +249,14 @@ Atomic OpenShift Utilities includes
%changelog
+* Fri Oct 14 2016 Troy Dawson <tdawson@redhat.com> 3.4.8-1
+- update handling of use_dnsmasq (jdetiber@redhat.com)
+- Fix standalone docker upgrade playbook skipping nodes. (dgoodwin@redhat.com)
+- Fix missing play assignment in a-o-i callback plugin (tbielawa@redhat.com)
+- Stop restarting node after upgrading master rpms. (dgoodwin@redhat.com)
+- Fix upgrade mappings in quick installer (smunilla@redhat.com)
+- nfs: Handle seboolean aliases not just in Fedora (walters@verbum.org)
+
* Wed Oct 12 2016 Troy Dawson <tdawson@redhat.com> 3.4.7-1
- set defaults for debug_level in template and task (jhcook@gmail.com)
- Set HTTPS_PROXY in example builddefaults_json (sdodson@redhat.com)
diff --git a/playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml
index 0f86abd89..1755203a4 100644
--- a/playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/docker/upgrade.yml
@@ -26,4 +26,6 @@
openshift_cluster_id: "{{ cluster_id | default('default') }}"
openshift_deployment_type: "{{ deployment_type }}"
+- include: ../../../../common/openshift-cluster/upgrades/initialize_nodes_to_upgrade.yml
+
- include: docker_upgrade.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml b/playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml
index fc26d029e..46ff421fd 100644
--- a/playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml
+++ b/playbooks/common/openshift-cluster/upgrades/docker/upgrade_check.yml
@@ -22,13 +22,15 @@
command: >
{{ repoquery_cmd }} --qf '%{version}' "docker"
register: avail_docker_version
+ # Don't expect docker rpm to be available on hosts that don't already have it installed:
+ when: pkg_check.rc == 0
failed_when: false
changed_when: false
- fail:
msg: This playbook requires access to Docker 1.10 or later
# Disable the 1.10 requirement if the user set a specific Docker version
- when: docker_version is not defined and (docker_upgrade is not defined or docker_upgrade | bool == True) and (avail_docker_version.stdout == "" or avail_docker_version.stdout | version_compare('1.10','<'))
+ when: docker_version is not defined and (docker_upgrade is not defined or docker_upgrade | bool == True) and (pkg_check.rc == 0 and (avail_docker_version.stdout == "" or avail_docker_version.stdout | version_compare('1.10','<')))
# Default l_docker_upgrade to False, we'll set to True if an upgrade is required:
- set_fact:
@@ -37,7 +39,7 @@
# Make sure a docker_verison is set if none was requested:
- set_fact:
docker_version: "{{ avail_docker_version.stdout }}"
- when: docker_version is not defined
+ when: pkg_check.rc == 0 and docker_version is not defined
- name: Flag for Docker upgrade if necessary
set_fact:
diff --git a/playbooks/common/openshift-cluster/upgrades/rpm_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/rpm_upgrade.yml
index af77f140f..cd1139b29 100644
--- a/playbooks/common/openshift-cluster/upgrades/rpm_upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/rpm_upgrade.yml
@@ -5,3 +5,7 @@
- name: Ensure python-yaml present for config upgrade
action: "{{ ansible_pkg_mgr }} name=PyYAML state=present"
when: not openshift.common.is_atomic | bool
+
+- name: Restart node service
+ service: name="{{ openshift.common.service_type }}-node" state=restarted
+ when: component == "node"
diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml
index 364a62dd0..5191662f7 100644
--- a/playbooks/common/openshift-node/config.yml
+++ b/playbooks/common/openshift-node/config.yml
@@ -67,7 +67,7 @@
openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- role: openshift_cloud_provider
- role: openshift_node_dnsmasq
- when: openshift.common.use_dnsmasq
+ when: openshift.common.use_dnsmasq | bool
- role: os_firewall
os_firewall_allow:
- service: Kubernetes kubelet
@@ -106,7 +106,7 @@
openshift_ca_host: "{{ groups.oo_first_master.0 }}"
- role: openshift_cloud_provider
- role: openshift_node_dnsmasq
- when: openshift.common.use_dnsmasq
+ when: openshift.common.use_dnsmasq | bool
- role: os_firewall
os_firewall_allow:
- service: Kubernetes kubelet
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index 0ee018c5c..cb642e12e 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -501,8 +501,8 @@ def set_dnsmasq_facts_if_unset(facts):
"""
if 'common' in facts:
- facts['common']['use_dnsmasq'] = bool('use_dnsmasq' not in facts['common'] and
- safe_get_bool(facts['common']['version_gte_3_2_or_1_2']))
+ if 'use_dnsmasq' not in facts['common']:
+ facts['common']['use_dnsmasq'] = bool(safe_get_bool(facts['common']['version_gte_3_2_or_1_2']))
if 'master' in facts and 'dns_port' not in facts['master']:
if safe_get_bool(facts['common']['use_dnsmasq']):
facts['master']['dns_port'] = 8053
diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
index 8e9c9f511..64c90db50 100644
--- a/roles/openshift_node/tasks/main.yml
+++ b/roles/openshift_node/tasks/main.yml
@@ -112,6 +112,8 @@
- name: NFS storage plugin configuration
include: storage_plugins/nfs.yml
+ tags:
+ - nfs
- name: GlusterFS storage plugin configuration
include: storage_plugins/glusterfs.yml
diff --git a/roles/openshift_node/tasks/storage_plugins/nfs.yml b/roles/openshift_node/tasks/storage_plugins/nfs.yml
index 22b539d16..5f99f129c 100644
--- a/roles/openshift_node/tasks/storage_plugins/nfs.yml
+++ b/roles/openshift_node/tasks/storage_plugins/nfs.yml
@@ -3,30 +3,24 @@
action: "{{ ansible_pkg_mgr }} name=nfs-utils state=present"
when: not openshift.common.is_atomic | bool
-- name: Check for existence of virt_use_nfs seboolean
- command: getsebool virt_use_nfs
- register: virt_use_nfs_output
+- name: Check for existence of seboolean
+ command: getsebool {{ item }}
+ register: getsebool_status
when: ansible_selinux and ansible_selinux.status == "enabled"
failed_when: false
changed_when: false
+ with_items:
+ - virt_use_nfs
+ - virt_sandbox_use_nfs
- name: Set seboolean to allow nfs storage plugin access from containers
seboolean:
- name: virt_use_nfs
+ name: "{{ item.item }}"
state: yes
persistent: yes
- when: ansible_selinux and ansible_selinux.status == "enabled" and virt_use_nfs_output.rc == 0
-
-- name: Check for existence of virt_sandbox_use_nfs seboolean (RHEL)
- command: getsebool virt_sandbox_use_nfs
- register: virt_sandbox_use_nfs_output
- when: ansible_distribution != "Fedora" and ansible_selinux and ansible_selinux.status == "enabled"
- failed_when: false
- changed_when: false
-
-- name: Set seboolean to allow nfs storage plugin access from containers(sandbox) (RHEL)
- seboolean:
- name: virt_sandbox_use_nfs
- state: yes
- persistent: yes
- when: ansible_distribution != "Fedora" and ansible_selinux and ansible_selinux.status == "enabled" and virt_sandbox_use_nfs_output.rc == 0
+ # We need to detect whether or not the boolean is an alias, since `seboolean`
+ # will error if it is an alias. We do this by inspecting stdout for the boolean name,
+ # since getsebool prints the resolved name. (At some point Ansible's seboolean module
+ # should learn to deal with aliases)
+ when: ansible_selinux and ansible_selinux.status == "enabled" and item.rc == 0 and item.stdout.find(item.item) != -1
+ with_items: "{{ getsebool_status.results }}"