diff options
| -rw-r--r-- | .tito/packages/openshift-ansible | 2 | ||||
| -rw-r--r-- | inventory/byo/hosts.origin.example | 7 | ||||
| -rw-r--r-- | inventory/byo/hosts.ose.example | 7 | ||||
| -rw-r--r-- | openshift-ansible.spec | 7 | ||||
| -rw-r--r-- | playbooks/common/openshift-cluster/redeploy-certificates/registry.yml | 2 | ||||
| -rw-r--r-- | roles/lib_openshift/library/oc_process.py | 12 | ||||
| -rw-r--r-- | roles/lib_openshift/src/class/oc_process.py | 12 | ||||
| -rw-r--r-- | roles/openshift_hosted/tasks/registry/secure.yml | 3 |
8 files changed, 34 insertions, 18 deletions
diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index d42684482..1cd7bde30 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.6.14-1 ./ +3.6.15-1 ./ diff --git a/inventory/byo/hosts.origin.example b/inventory/byo/hosts.origin.example index d61f033f8..27914e60a 100644 --- a/inventory/byo/hosts.origin.example +++ b/inventory/byo/hosts.origin.example @@ -757,13 +757,18 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # by deployment_type=origin #openshift_enable_origin_repo=false -# Validity of the auto-generated certificates in days. +# Validity of the auto-generated OpenShift certificates in days. # See also openshift_hosted_registry_cert_expire_days above. # #openshift_ca_cert_expire_days=1825 #openshift_node_cert_expire_days=730 #openshift_master_cert_expire_days=730 +# Validity of the auto-generated external etcd certificates in days. +# Controls validity for etcd CA, peer, server and client certificates. +# +#etcd_ca_default_days=1825 + # host group for masters [masters] ose3-master[1:3]-ansible.test.example.com diff --git a/inventory/byo/hosts.ose.example b/inventory/byo/hosts.ose.example index 823d6f58f..f0269bff8 100644 --- a/inventory/byo/hosts.ose.example +++ b/inventory/byo/hosts.ose.example @@ -754,13 +754,18 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # Enable API service auditing, available as of 3.2 #openshift_master_audit_config={"basicAuditEnabled": true} -# Validity of the auto-generated certificates in days. +# Validity of the auto-generated OpenShift certificates in days. # See also openshift_hosted_registry_cert_expire_days above. # #openshift_ca_cert_expire_days=1825 #openshift_node_cert_expire_days=730 #openshift_master_cert_expire_days=730 +# Validity of the auto-generated external etcd certificates in days. +# Controls validity for etcd CA, peer, server and client certificates. +# +#etcd_ca_default_days=1825 + # host group for masters [masters] ose3-master[1:3]-ansible.test.example.com diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 7ffe69a79..992fe63c2 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -9,7 +9,7 @@ %global __requires_exclude ^/usr/bin/ansible-playbook$ Name: openshift-ansible -Version: 3.6.14 +Version: 3.6.15 Release: 1%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 @@ -270,6 +270,11 @@ Atomic OpenShift Utilities includes %changelog +* Tue Apr 04 2017 Jenkins CD Merge Bot <tdawson@redhat.com> 3.6.15-1 +- Document etcd_ca_default_days in example inventories. (abutcher@redhat.com) +- Fixed a bug. Ansible requires a msg param when module.fail_json. + (kwoodson@redhat.com) + * Sat Apr 01 2017 Jenkins CD Merge Bot <tdawson@redhat.com> 3.6.14-1 - Update v1.5 content (sdodson@redhat.com) - Add v1.6 content (sdodson@redhat.com) diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml b/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml index e82996cf4..8c8062585 100644 --- a/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml +++ b/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml @@ -66,7 +66,7 @@ --signer-cert={{ openshift.common.config_base }}/master/ca.crt --signer-key={{ openshift.common.config_base }}/master/ca.key --signer-serial={{ openshift.common.config_base }}/master/ca.serial.txt - --hostnames="{{ docker_registry_service_ip.results.clusterip }},docker-registry.default.svc.cluster.local,{{ docker_registry_route_hostname }}" + --hostnames="{{ docker_registry_service_ip.results.clusterip }},docker-registry.default.svc,docker-registry.default.svc.cluster.local,{{ docker_registry_route_hostname }}" --cert={{ openshift.common.config_base }}/master/registry.crt --key={{ openshift.common.config_base }}/master/registry.key {% if openshift_version | oo_version_gte_3_5_or_1_5(openshift.common.deployment_type) | bool %} diff --git a/roles/lib_openshift/library/oc_process.py b/roles/lib_openshift/library/oc_process.py index d487746eb..112d9ab5f 100644 --- a/roles/lib_openshift/library/oc_process.py +++ b/roles/lib_openshift/library/oc_process.py @@ -1545,7 +1545,7 @@ class OCProcess(OpenShiftCLI): if api_rval['returncode'] != 0: return {"failed": True, "msg" : api_rval} - return {"changed" : False, "results": api_rval, "state": "list"} + return {"changed" : False, "results": api_rval, "state": state} elif state == 'present': if check_mode and params['create']: @@ -1567,9 +1567,9 @@ class OCProcess(OpenShiftCLI): return {"failed": True, "msg": api_rval} if params['create']: - return {"changed": True, "results": api_rval, "state": "present"} + return {"changed": True, "results": api_rval, "state": state} - return {"changed": False, "results": api_rval, "state": "present"} + return {"changed": False, "results": api_rval, "state": state} # verify results update = False @@ -1584,13 +1584,13 @@ class OCProcess(OpenShiftCLI): update = True if not update: - return {"changed": update, "results": api_rval, "state": "present"} + return {"changed": update, "results": api_rval, "state": state} for cmd in rval: if cmd['returncode'] != 0: - return {"failed": True, "changed": update, "results": rval, "state": "present"} + return {"failed": True, "changed": update, "msg": rval, "state": state} - return {"changed": update, "results": rval, "state": "present"} + return {"changed": update, "results": rval, "state": state} # -*- -*- -*- End included fragment: class/oc_process.py -*- -*- -*- diff --git a/roles/lib_openshift/src/class/oc_process.py b/roles/lib_openshift/src/class/oc_process.py index 9d29938aa..eba9a43cd 100644 --- a/roles/lib_openshift/src/class/oc_process.py +++ b/roles/lib_openshift/src/class/oc_process.py @@ -136,7 +136,7 @@ class OCProcess(OpenShiftCLI): if api_rval['returncode'] != 0: return {"failed": True, "msg" : api_rval} - return {"changed" : False, "results": api_rval, "state": "list"} + return {"changed" : False, "results": api_rval, "state": state} elif state == 'present': if check_mode and params['create']: @@ -158,9 +158,9 @@ class OCProcess(OpenShiftCLI): return {"failed": True, "msg": api_rval} if params['create']: - return {"changed": True, "results": api_rval, "state": "present"} + return {"changed": True, "results": api_rval, "state": state} - return {"changed": False, "results": api_rval, "state": "present"} + return {"changed": False, "results": api_rval, "state": state} # verify results update = False @@ -175,11 +175,11 @@ class OCProcess(OpenShiftCLI): update = True if not update: - return {"changed": update, "results": api_rval, "state": "present"} + return {"changed": update, "results": api_rval, "state": state} for cmd in rval: if cmd['returncode'] != 0: - return {"failed": True, "changed": update, "results": rval, "state": "present"} + return {"failed": True, "changed": update, "msg": rval, "state": state} - return {"changed": update, "results": rval, "state": "present"} + return {"changed": update, "results": rval, "state": state} diff --git a/roles/openshift_hosted/tasks/registry/secure.yml b/roles/openshift_hosted/tasks/registry/secure.yml index 8a159bf73..29c164f52 100644 --- a/roles/openshift_hosted/tasks/registry/secure.yml +++ b/roles/openshift_hosted/tasks/registry/secure.yml @@ -53,7 +53,8 @@ signer_serial: "{{ openshift_master_config_dir }}/ca.serial.txt" hostnames: - "{{ docker_registry_service_ip.results.clusterip }}" - - docker-registry.default.svc.cluster.local + - "{{ openshift_hosted_registry_name }}.default.svc" + - "{{ openshift_hosted_registry_name }}.default.svc.{{ openshift.common.dns_domain }}" - "{{ docker_registry_route_hostname }}" cert: "{{ openshift_master_config_dir }}/registry.crt" key: "{{ openshift_master_config_dir }}/registry.key" |