diff options
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | .tito/packages/openshift-ansible | 2 | ||||
| -rw-r--r-- | filter_plugins/oo_filters.py | 30 | ||||
| -rw-r--r-- | inventory/byo/hosts.aep.example | 37 | ||||
| -rw-r--r-- | inventory/byo/hosts.origin.example | 37 | ||||
| -rw-r--r-- | inventory/byo/hosts.ose.example | 37 | ||||
| -rw-r--r-- | openshift-ansible.spec | 5 | ||||
| -rw-r--r-- | playbooks/adhoc/uninstall.yml | 1 | ||||
| -rw-r--r-- | playbooks/byo/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml | 25 | ||||
| -rw-r--r-- | playbooks/common/openshift-cluster/config.yml | 2 | ||||
| -rw-r--r-- | playbooks/common/openshift-cluster/initialize_facts.yml | 7 | ||||
| -rw-r--r-- | playbooks/common/openshift-cluster/validate_hostnames.yml | 2 | ||||
| -rw-r--r-- | playbooks/common/openshift-node/config.yml | 23 | ||||
| -rw-r--r-- | roles/docker/tasks/main.yml | 4 | ||||
| -rw-r--r-- | roles/etcd_certificates/tasks/client.yml | 8 | ||||
| -rw-r--r-- | roles/etcd_certificates/tasks/server.yml | 12 | ||||
| -rw-r--r-- | roles/nuage_master/defaults/main.yaml | 4 | ||||
| -rw-r--r-- | roles/nuage_master/vars/main.yaml | 4 | ||||
| -rwxr-xr-x | roles/openshift_facts/library/openshift_facts.py | 20 | ||||
| -rw-r--r-- | utils/src/ooinstall/openshift_ansible.py | 10 |
20 files changed, 193 insertions, 78 deletions
diff --git a/.gitignore b/.gitignore index 626065fe1..dcea26d60 100644 --- a/.gitignore +++ b/.gitignore @@ -19,3 +19,4 @@ multi_inventory.yaml .vagrant .tags* ansible.cfg +*.retry diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index 3f8085fa9..4fc92f3c7 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.0.88-1 ./ +3.0.89-1 ./ diff --git a/filter_plugins/oo_filters.py b/filter_plugins/oo_filters.py index 402103b09..e7409bf22 100644 --- a/filter_plugins/oo_filters.py +++ b/filter_plugins/oo_filters.py @@ -732,21 +732,22 @@ class FilterModule(object): if 'hosted' in hostvars['openshift']: for component in hostvars['openshift']['hosted']: if 'storage' in hostvars['openshift']['hosted'][component]: - kind = hostvars['openshift']['hosted'][component]['storage']['kind'] - create_pv = hostvars['openshift']['hosted'][component]['storage']['create_pv'] + params = hostvars['openshift']['hosted'][component]['storage'] + kind = params['kind'] + create_pv = params['create_pv'] if kind != None and create_pv: if kind == 'nfs': - host = hostvars['openshift']['hosted'][component]['storage']['host'] + host = params['host'] if host == None: if len(groups['oo_nfs_to_config']) > 0: host = groups['oo_nfs_to_config'][0] else: raise errors.AnsibleFilterError("|failed no storage host detected") - directory = hostvars['openshift']['hosted'][component]['storage']['nfs']['directory'] - volume = hostvars['openshift']['hosted'][component]['storage']['volume']['name'] + directory = params['nfs']['directory'] + volume = params['volume']['name'] path = directory + '/' + volume - size = hostvars['openshift']['hosted'][component]['storage']['volume']['size'] - access_modes = hostvars['openshift']['hosted'][component]['storage']['access_modes'] + size = params['volume']['size'] + access_modes = params['access_modes'] persistent_volume = dict( name="{0}-volume".format(volume), capacity=size, @@ -756,6 +757,21 @@ class FilterModule(object): server=host, path=path))) persistent_volumes.append(persistent_volume) + elif kind == 'openstack': + volume = params['volume']['name'] + size = params['volume']['size'] + access_modes = params['access_modes'] + filesystem = params['openstack']['filesystem'] + volume_id = params['openstack']['volumeID'] + persistent_volume = dict( + name="{0}-volume".format(volume), + capacity=size, + access_modes=access_modes, + storage=dict( + cinder=dict( + fsType=filesystem, + volumeID=volume_id))) + persistent_volumes.append(persistent_volume) else: msg = "|failed invalid storage kind '{0}' for component '{1}'".format( kind, diff --git a/inventory/byo/hosts.aep.example b/inventory/byo/hosts.aep.example index c18a423bf..185508608 100644 --- a/inventory/byo/hosts.aep.example +++ b/inventory/byo/hosts.aep.example @@ -308,9 +308,22 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', ## ## Storage Kind ## Specifies which storage kind will be used for the registry. -## "nfs" is the only supported kind at this time. +## "nfs" and "openstack" are supported kinds at this time. ##openshift_hosted_registry_storage_kind=nfs ## +## Persistent Volume Access Mode +## When using the 'openstack' storage kind, this has to be 'ReadWriteOnce' +##openshift_hosted_registry_storage_access_modes=['ReadWriteMany'] +## +## Registry Volume Name +## Specify the storage volume name. This directory will be created +## within openshift_hosted_registry_storage_nfs_directory if +## specifying an [nfs] group. Ex. /exports/registry +## This variable must be supplied if using a pre-existing nfs server. +##openshift_hosted_registry_storage_volume_name=registry +## +## NFS Specific Options +## ## Storage Host ## This variable can be used to identify a pre-existing storage host ## if a storage host group corresponding to the storage kind (such as @@ -326,15 +339,19 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', ## This variable must be supplied if using a pre-existing nfs server. ##openshift_hosted_registry_storage_nfs_directory=/exports ## -## Registry Volume Name -## Specify the storage volume name. This directory will be created -## within openshift_hosted_registry_storage_nfs_directory if -## specifying an [nfs] group. Ex. /exports/registry -## This variable must be supplied if using a pre-existing nfs server. -##openshift_hosted_registry_storage_volume_name=registry +## Openstack Specific Options ## -## Persistent Volume Access Mode -##openshift_hosted_registry_storage_access_modes=['ReadWriteMany'] +## Openstack Volume ID +## Specify the identifier of the volume to use for the registry. +## At this time, the volume has to be created manually by the administrator. +##openshift_hosted_registry_storage_openstack_volumeID=3a650b4f-c8c5-4e0a-8ca5-eaee11f16c57 +## +## Openstack Volume Size +##openshift_hosted_registry_storage_volume_size=10Gi +## +## Openstack Volume Filesystem +## Specify the filesystem that will be used when formatting the volume +##openshift_hosted_registry_storage_openstack_filesystem=ext4 # Configure node kubelet arguments #openshift_node_kubelet_args={'max-pods': ['40'], 'image-gc-high-threshold': ['90'], 'image-gc-low-threshold': ['80']} @@ -367,7 +384,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # etcd hosts. So automatically add those hostnames to the openshift_no_proxy list. # If all of your hosts share a common domain you may wish to disable this and # specify that domain above. -#openshift_generate_no_proxy_hosts: True +#openshift_generate_no_proxy_hosts=True # # These options configure the BuildDefaults admission controller which injects # environment variables into Builds. These values will default to their diff --git a/inventory/byo/hosts.origin.example b/inventory/byo/hosts.origin.example index 28298d940..1891d4c58 100644 --- a/inventory/byo/hosts.origin.example +++ b/inventory/byo/hosts.origin.example @@ -313,9 +313,22 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', ## ## Storage Kind ## Specifies which storage kind will be used for the registry. -## nfs is the only supported kind at this time. +## "nfs" and "openstack" are supported kinds at this time. ##openshift_hosted_registry_storage_kind=nfs ## +## Persistent Volume Access Mode +## When using the 'openstack' storage kind, this has to be 'ReadWriteOnce' +##openshift_hosted_registry_storage_access_modes=['ReadWriteMany'] +## +## Registry Volume Name +## Specify the storage volume name. This directory will be created +## within openshift_hosted_registry_storage_nfs_directory if +## specifying an [nfs] group. Ex. /exports/registry +## This variable must be supplied if using a pre-existing nfs server. +##openshift_hosted_registry_storage_volume_name=registry +## +## NFS Specific Options +## ## Storage Host ## This variable can be used to identify a pre-existing storage host ## if a storage host group corresponding to the storage kind (such as @@ -331,15 +344,19 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', ## This variable must be supplied if using a pre-existing nfs server. ##openshift_hosted_registry_storage_nfs_directory=/exports ## -## Registry Volume Name -## Specify the storage volume name. This directory will be created -## within openshift_hosted_registry_storage_nfs_directory if -## specifying an [nfs] group. Ex: /exports/registry -## This variable must be supplied if using a pre-existing nfs server. -##openshift_hosted_registry_storage_volume_name=registry +## Openstack Specific Options ## -## Persistent Volume Access Mode -##openshift_hosted_registry_storage_access_modes=['ReadWriteMany'] +## Openstack Volume ID +## Specify the identifier of the volume to use for the registry. +## At this time, the volume has to be created manually by the administrator. +##openshift_hosted_registry_storage_openstack_volumeID=3a650b4f-c8c5-4e0a-8ca5-eaee11f16c57 +## +## Openstack Volume Size +##openshift_hosted_registry_storage_volume_size=10Gi +## +## Openstack Volume Filesystem +## Specify the filesystem that will be used when formatting the volume +##openshift_hosted_registry_storage_openstack_filesystem=ext4 # Configure node kubelet arguments #openshift_node_kubelet_args={'max-pods': ['40'], 'image-gc-high-threshold': ['90'], 'image-gc-low-threshold': ['80']} @@ -372,7 +389,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # etcd hosts. So automatically add those hostnames to the openshift_no_proxy list. # If all of your hosts share a common domain you may wish to disable this and # specify that domain above. -#openshift_generate_no_proxy_hosts: True +#openshift_generate_no_proxy_hosts=True # # These options configure the BuildDefaults admission controller which injects # environment variables into Builds. These values will default to their diff --git a/inventory/byo/hosts.ose.example b/inventory/byo/hosts.ose.example index 38adfe572..623e0811d 100644 --- a/inventory/byo/hosts.ose.example +++ b/inventory/byo/hosts.ose.example @@ -309,9 +309,22 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', ## ## Storage Kind ## Specifies which storage kind will be used for the registry. -## "nfs" is the only supported kind at this time. +## "nfs" and "openstack" are supported kinds at this time. ##openshift_hosted_registry_storage_kind=nfs ## +## Persistent Volume Access Mode +## When using the 'openstack' storage kind, this has to be 'ReadWriteOnce' +##openshift_hosted_registry_storage_access_modes=['ReadWriteMany'] +## +## Registry Volume Name +## Specify the storage volume name. This directory will be created +## within openshift_hosted_registry_storage_nfs_directory if +## specifying an [nfs] group. Ex. /exports/registry +## This variable must be supplied if using a pre-existing nfs server. +##openshift_hosted_registry_storage_volume_name=registry +## +## NFS Specific Options +## ## Storage Host ## This variable can be used to identify a pre-existing storage host ## if a storage host group corresponding to the storage kind (such as @@ -327,15 +340,19 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', ## This variable must be supplied if using a pre-existing nfs server. ##openshift_hosted_registry_storage_nfs_directory=/exports ## -## Registry Volume Name -## Specify the storage volume name. This directory will be created -## within openshift_hosted_registry_storage_nfs_directory if -## specifying an [nfs] group Ex: /exports/registry -## This variable must be supplied if using a pre-existing nfs server. -##openshift_hosted_registry_storage_volume_name=registry +## Openstack Specific Options ## -## Persistent Volume Access Mode -##openshift_hosted_registry_storage_access_modes=['ReadWriteMany'] +## Openstack Volume ID +## Specify the identifier of the volume to use for the registry. +## At this time, the volume has to be created manually by the administrator. +##openshift_hosted_registry_storage_openstack_volumeID=3a650b4f-c8c5-4e0a-8ca5-eaee11f16c57 +## +## Openstack Volume Size +##openshift_hosted_registry_storage_volume_size=10Gi +## +## Openstack Volume Filesystem +## Specify the filesystem that will be used when formatting the volume +##openshift_hosted_registry_storage_openstack_filesystem=ext4 # Configure node kubelet arguments #openshift_node_kubelet_args={'max-pods': ['40'], 'image-gc-high-threshold': ['90'], 'image-gc-low-threshold': ['80']} @@ -368,7 +385,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # etcd hosts. So automatically add those hostnames to the openshift_no_proxy list. # If all of your hosts share a common domain you may wish to disable this and # specify that domain above. -#openshift_generate_no_proxy_hosts: True +#openshift_generate_no_proxy_hosts=True # # These options configure the BuildDefaults admission controller which injects # environment variables into Builds. These values will default to their diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 473e74bee..6a5695177 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -5,7 +5,7 @@ } Name: openshift-ansible -Version: 3.0.88 +Version: 3.0.89 Release: 1%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 @@ -183,6 +183,9 @@ Atomic OpenShift Utilities includes %changelog +* Mon May 09 2016 Brenton Leanhardt <bleanhar@redhat.com> 3.0.89-1 +- Use yum swap to downgrade docker (sdodson@redhat.com) + * Fri May 06 2016 Brenton Leanhardt <bleanhar@redhat.com> 3.0.88-1 - Open port 53 whenever we're unsure of version (sdodson@redhat.com) - Fix unsafe boolean handling on use_dnsmasq (sdodson@redhat.com) diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml index 0755d8bc5..a407e326b 100644 --- a/playbooks/adhoc/uninstall.yml +++ b/playbooks/adhoc/uninstall.yml @@ -60,6 +60,7 @@ with_items: - etcd - firewalld + - atomic-openshift-master - name: Stop additional atomic services service: name={{ item }} state=stopped diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml index 0c91b51d6..a929e4a6a 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml @@ -7,8 +7,33 @@ g_nfs_hosts: "{{ groups.nfs | default([]) }}" g_node_hosts: "{{ groups.nodes | default([]) }}" g_lb_hosts: "{{ groups.lb | default([]) }}" + g_all_hosts: "{{ groups.masters | default([]) | union(groups.nodes | default([])) | union(groups.etcd | default([])) + | union(groups.lb | default([])) | union(groups.nfs | default([])) }}" openshift_cluster_id: "{{ cluster_id | default('default') }}" openshift_deployment_type: "{{ deployment_type }}" + +- name: Set oo_options + hosts: oo_all_hosts + tasks: + - set_fact: + openshift_docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') }}" + when: openshift_docker_additional_registries is not defined + - set_fact: + openshift_docker_insecure_registries: "{{ lookup('oo_option', 'docker_insecure_registries') }}" + when: openshift_docker_insecure_registries is not defined + - set_fact: + openshift_docker_blocked_registries: "{{ lookup('oo_option', 'docker_blocked_registries') }}" + when: openshift_docker_blocked_registries is not defined + - set_fact: + openshift_docker_options: "{{ lookup('oo_option', 'docker_options') }}" + when: openshift_docker_options is not defined + - set_fact: + openshift_docker_log_driver: "{{ lookup('oo_option', 'docker_log_driver') }}" + when: openshift_docker_log_driver is not defined + - set_fact: + openshift_docker_log_options: "{{ lookup('oo_option', 'docker_log_options') }}" + when: openshift_docker_log_options is not defined + - include: ../../../../common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml vars: openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml index 99b36098a..903babc45 100644 --- a/playbooks/common/openshift-cluster/config.yml +++ b/playbooks/common/openshift-cluster/config.yml @@ -1,6 +1,8 @@ --- - include: evaluate_groups.yml +- include: initialize_facts.yml + - include: validate_hostnames.yml - name: Set oo_options diff --git a/playbooks/common/openshift-cluster/initialize_facts.yml b/playbooks/common/openshift-cluster/initialize_facts.yml new file mode 100644 index 000000000..9a844e216 --- /dev/null +++ b/playbooks/common/openshift-cluster/initialize_facts.yml @@ -0,0 +1,7 @@ +--- +- name: Initialize host facts + hosts: OSEv3 + roles: + - openshift_facts + tasks: + - openshift_facts: diff --git a/playbooks/common/openshift-cluster/validate_hostnames.yml b/playbooks/common/openshift-cluster/validate_hostnames.yml index 0f562e019..50e25984f 100644 --- a/playbooks/common/openshift-cluster/validate_hostnames.yml +++ b/playbooks/common/openshift-cluster/validate_hostnames.yml @@ -1,6 +1,4 @@ --- -- include: evaluate_groups.yml - - name: Gather and set facts for node hosts hosts: oo_nodes_to_config roles: diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index f0bb91568..b0407ef74 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -148,15 +148,15 @@ register: g_external_etcd_flannel_cert_stat_result when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config and (openshift.common.use_flannel | bool) - set_fact: - etcd_client_flannel_certs_missing: "{{ g_external_etcd_flannel_cert_stat_result.results + etcd_client_flannel_certs_missing: "{{ False in g_external_etcd_flannel_cert_stat_result.results | oo_collect(attribute='stat.exists') - | list | intersect([false])}}" + | list }}" etcd_cert_subdir: openshift-node-{{ openshift.common.hostname }} etcd_cert_config_dir: "{{ openshift.common.config_base }}/node" etcd_cert_prefix: node.etcd- etcd_hostname: "{{ openshift.common.hostname }}" etcd_ip: "{{ openshift.common.ip }}" - when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config and (openshift.common.use_flannel | bool) + when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config | length > 0 and (openshift.common.use_flannel | bool) - name: Configure flannel etcd certificates hosts: oo_first_etcd @@ -166,9 +166,8 @@ pre_tasks: - set_fact: etcd_needing_client_certs: "{{ hostvars - | oo_select_keys(groups['oo_nodes_to_config']) - | oo_filter_list(filter_attr='etcd_client_flannel_certs_missing') | default([]) }}" - when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + | oo_select_keys(groups['oo_nodes_to_config']) + | oo_filter_list('etcd_client_flannel_certs_missing') | default([]) }}" roles: - role: openshift_etcd_certificates when: openshift_use_flannel | default(false) | bool @@ -179,8 +178,7 @@ -C {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }} . args: creates: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" - with_items: "{{ etcd_needing_client_certs | default([]) }}" - when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + with_items: etcd_needing_client_certs | default([]) - name: Retrieve the etcd cert tarballs fetch: src: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" @@ -188,8 +186,7 @@ flat: yes fail_on_missing: yes validate_checksum: yes - with_items: "{{ etcd_needing_client_certs | default([]) }}" - when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + with_items: etcd_needing_client_certs | default([]) - name: Copy the external etcd flannel certs to the nodes hosts: oo_nodes_to_config @@ -200,12 +197,12 @@ file: path: "{{ openshift.common.config_base }}/node" state: directory - when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + when: etcd_client_flannel_certs_missing | default(false) | bool - name: Unarchive the tarball on the master unarchive: src: "{{ sync_tmpdir }}/{{ etcd_cert_subdir }}.tgz" dest: "{{ etcd_cert_config_dir }}" - when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + when: etcd_client_flannel_certs_missing | default(false) | bool - file: path: "{{ etcd_cert_config_dir }}/{{ item }}" owner: root @@ -215,7 +212,7 @@ - node.etcd-client.crt - node.etcd-client.key - node.etcd-ca.crt - when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + when: etcd_client_flannel_certs_missing | default(false) | bool - name: Additional node config diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index e4a31c692..b9b2666fb 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -16,7 +16,7 @@ when: docker_storage_check.stat.exists | bool and not docker_version_result | skipped and docker_version_result.stdout | default('0.0', True) | version_compare('1.9', '>=') and docker_version | version_compare('1.9', '<') - name: Downgrade docker if necessary - command: "{{ ansible_pkg_mgr }} downgrade -y docker-{{ docker_version }}" + command: "{{ ansible_pkg_mgr }} swap -y docker-* docker-*{{ docker_version }}" register: docker_downgrade_result when: not docker_version_result | skipped and docker_version_result.stdout | default('0.0', True) | version_compare(docker_version, 'gt') @@ -69,7 +69,7 @@ reg_flag: --insecure-registry notify: - restart docker - + - name: Set Proxy Settings lineinfile: dest: /etc/sysconfig/docker diff --git a/roles/etcd_certificates/tasks/client.yml b/roles/etcd_certificates/tasks/client.yml index b497a46c0..a9f130bb9 100644 --- a/roles/etcd_certificates/tasks/client.yml +++ b/roles/etcd_certificates/tasks/client.yml @@ -4,7 +4,7 @@ path: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" state: directory mode: 0700 - with_items: "{{ etcd_needing_client_certs | default([]) }}" + with_items: etcd_needing_client_certs | default([]) - name: Create the client csr command: > @@ -19,7 +19,7 @@ ~ item.etcd_cert_prefix ~ 'client.csr' }}" environment: SAN: "IP:{{ item.etcd_ip }}" - with_items: "{{ etcd_needing_client_certs | default([]) }}" + with_items: etcd_needing_client_certs | default([]) - name: Sign and create the client crt command: > @@ -33,10 +33,10 @@ ~ item.etcd_cert_prefix ~ 'client.crt' }}" environment: SAN: "IP:{{ item.etcd_ip }}" - with_items: "{{ etcd_needing_client_certs | default([]) }}" + with_items: etcd_needing_client_certs | default([]) - file: src: "{{ etcd_ca_cert }}" dest: "{{ etcd_generated_certs_dir}}/{{ item.etcd_cert_subdir }}/{{ item.etcd_cert_prefix }}ca.crt" state: hard - with_items: "{{ etcd_needing_client_certs | default([]) }}" + with_items: etcd_needing_client_certs | default([]) diff --git a/roles/etcd_certificates/tasks/server.yml b/roles/etcd_certificates/tasks/server.yml index 934b8b805..223917ccd 100644 --- a/roles/etcd_certificates/tasks/server.yml +++ b/roles/etcd_certificates/tasks/server.yml @@ -4,7 +4,7 @@ path: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}" state: directory mode: 0700 - with_items: "{{ etcd_needing_server_certs | default([]) }}" + with_items: etcd_needing_server_certs | default([]) - name: Create the server csr command: > @@ -19,7 +19,7 @@ ~ item.etcd_cert_prefix ~ 'server.csr' }}" environment: SAN: "IP:{{ item.etcd_ip }}" - with_items: "{{ etcd_needing_server_certs | default([]) }}" + with_items: etcd_needing_server_certs | default([]) - name: Sign and create the server crt command: > @@ -33,7 +33,7 @@ ~ item.etcd_cert_prefix ~ 'server.crt' }}" environment: SAN: "IP:{{ item.etcd_ip }}" - with_items: "{{ etcd_needing_server_certs | default([]) }}" + with_items: etcd_needing_server_certs | default([]) - name: Create the peer csr command: > @@ -48,7 +48,7 @@ ~ item.etcd_cert_prefix ~ 'peer.csr' }}" environment: SAN: "IP:{{ item.etcd_ip }}" - with_items: "{{ etcd_needing_server_certs | default([]) }}" + with_items: etcd_needing_server_certs | default([]) - name: Sign and create the peer crt command: > @@ -62,10 +62,10 @@ ~ item.etcd_cert_prefix ~ 'peer.crt' }}" environment: SAN: "IP:{{ item.etcd_ip }}" - with_items: "{{ etcd_needing_server_certs | default([]) }}" + with_items: etcd_needing_server_certs | default([]) - file: src: "{{ etcd_ca_cert }}" dest: "{{ etcd_generated_certs_dir}}/{{ item.etcd_cert_subdir }}/{{ item.etcd_cert_prefix }}ca.crt" state: hard - with_items: "{{ etcd_needing_server_certs | default([]) }}" + with_items: etcd_needing_server_certs | default([]) diff --git a/roles/nuage_master/defaults/main.yaml b/roles/nuage_master/defaults/main.yaml new file mode 100644 index 000000000..cf670a9e1 --- /dev/null +++ b/roles/nuage_master/defaults/main.yaml @@ -0,0 +1,4 @@ +--- +nuage_master_cspadminpasswd: "" +nuage_master_adminusername: admin +nuage_master_adminuserpasswd: admin diff --git a/roles/nuage_master/vars/main.yaml b/roles/nuage_master/vars/main.yaml index d3536eb33..5bc735bb6 100644 --- a/roles/nuage_master/vars/main.yaml +++ b/roles/nuage_master/vars/main.yaml @@ -28,7 +28,3 @@ nuage_service_account_config: nuage_tasks: - policy add-cluster-role-to-user cluster-reader {{ nuage_service_account }} - -nuage_master_cspadminpasswd: '' -nuage_master_adminusername: 'admin' -nuage_master_adminuserpasswd: 'admin' diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index bfd09676f..cb8301da4 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -1374,18 +1374,19 @@ def set_proxy_facts(facts): if 'common' in facts: common = facts['common'] if 'http_proxy' in common or 'https_proxy' in common: + if 'no_proxy' in common and \ + isinstance(common['no_proxy'], basestring): + common['no_proxy'] = common['no_proxy'].split(",") + elif 'no_proxy' not in common: + common['no_proxy'] = [] if 'generate_no_proxy_hosts' in common and \ - common['generate_no_proxy_hosts']: - if 'no_proxy' in common and \ - isinstance(common['no_proxy'], basestring): - common['no_proxy'] = common['no_proxy'].split(",") - else: - common['no_proxy'] = [] + safe_get_bool(common['generate_no_proxy_hosts']): if 'no_proxy_internal_hostnames' in common: common['no_proxy'].extend(common['no_proxy_internal_hostnames'].split(',')) common['no_proxy'].append('.' + common['dns_domain']) - common['no_proxy'].append(common['hostname']) - common['no_proxy'] = sort_unique(common['no_proxy']) + # We always add ourselves no matter what + common['no_proxy'].append(common['hostname']) + common['no_proxy'] = sort_unique(common['no_proxy']) facts['common'] = common if 'builddefaults' in facts: @@ -1735,6 +1736,9 @@ class OpenShiftFacts(object): nfs=dict( directory='/exports', options='*(rw,root_squash)'), + openstack=dict( + filesystem='ext4', + volumeID='123'), host=None, access_modes=['ReadWriteMany'], create_pv=True diff --git a/utils/src/ooinstall/openshift_ansible.py b/utils/src/ooinstall/openshift_ansible.py index 5ace63918..97aee0b53 100644 --- a/utils/src/ooinstall/openshift_ansible.py +++ b/utils/src/ooinstall/openshift_ansible.py @@ -135,6 +135,16 @@ def write_inventory_vars(base_inventory, multiple_masters, proxy): #base_inventory.write('openshift_image_tag=v{}\n'.format(CFG.settings.get('variant_version'))) base_inventory.write('openshift_image_tag=v{}\n'.format('3.1.1.6')) + if CFG.settings.get('openshift_http_proxy', ''): + base_inventory.write("openshift_http_proxy={}\n".format( + CFG.settings['openshift_http_proxy'])) + if CFG.settings.get('openshift_https_proxy', ''): + base_inventory.write("openshift_https_proxy={}\n".format( + CFG.settings['openshift_https_proxy'])) + if CFG.settings.get('openshift_no_proxy', ''): + base_inventory.write("openshift_no_proxy={}\n".format( + CFG.settings['openshift_no_proxy'])) + def write_host(host, inventory, schedulable=None): global CFG |