diff options
| -rw-r--r-- | .tito/packages/openshift-ansible | 2 | ||||
| -rw-r--r-- | openshift-ansible.spec | 12 | ||||
| -rw-r--r-- | playbooks/common/openshift-cluster/upgrades/v3_7/master_config_upgrade.yml | 5 | ||||
| -rw-r--r-- | roles/docker/handlers/main.yml | 1 | ||||
| -rw-r--r-- | roles/docker/tasks/package_docker.yml | 4 | ||||
| -rw-r--r-- | roles/docker/templates/crio.conf.j2 | 28 | ||||
| -rw-r--r-- | roles/flannel/handlers/main.yml | 9 |
7 files changed, 55 insertions, 6 deletions
diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index 3c19ccf9c..80fd6c0e3 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.7.0-0.144.0 ./ +3.7.0-0.145.0 ./ diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 1528f3fc8..9b3b4d829 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -10,7 +10,7 @@ Name: openshift-ansible Version: 3.7.0 -Release: 0.144.0%{?dist} +Release: 0.145.0%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 URL: https://github.com/openshift/openshift-ansible @@ -276,6 +276,16 @@ Atomic OpenShift Utilities includes %changelog +* Mon Oct 09 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.145.0 +- add missing restart node handler to flannel (jchaloup@redhat.com) +- Switch to configmap leader election on 3.7 upgrade (mkhan@redhat.com) +- crio.conf.j2: sync from upstream (gscrivan@redhat.com) +- cri-o: use overlay instead of overlay2 (gscrivan@redhat.com) +- Ensure docker is restarted when iptables is restarted (mgugino@redhat.com) +- Stop including origin and ose hosts example file (sdodson@redhat.com) +- node: make node service PartOf=openvswitch.service when openshift-sdn is used + (dcbw@redhat.com) + * Fri Oct 06 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.144.0 - fix typo for default in etcd (mgugino@redhat.com) - Bumping version of service catalog image for 3.7 (ewolinet@redhat.com) diff --git a/playbooks/common/openshift-cluster/upgrades/v3_7/master_config_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_7/master_config_upgrade.yml index ed89dbe8d..df59a8782 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_7/master_config_upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_7/master_config_upgrade.yml @@ -14,3 +14,8 @@ dest: "{{ openshift.common.config_base}}/master/master-config.yaml" yaml_key: 'kubernetesMasterConfig.admissionConfig' yaml_value: + +- modify_yaml: + dest: "{{ openshift.common.config_base}}/master/master-config.yaml" + yaml_key: 'controllerConfig.election.lockName' + yaml_value: 'openshift-master-controllers' diff --git a/roles/docker/handlers/main.yml b/roles/docker/handlers/main.yml index 591367467..866ed0452 100644 --- a/roles/docker/handlers/main.yml +++ b/roles/docker/handlers/main.yml @@ -4,6 +4,7 @@ systemd: name: "{{ openshift.docker.service_name }}" state: restarted + daemon_reload: yes register: r_docker_restart_docker_result until: not r_docker_restart_docker_result | failed retries: 3 diff --git a/roles/docker/tasks/package_docker.yml b/roles/docker/tasks/package_docker.yml index eab5c3bb1..dbe0b0d28 100644 --- a/roles/docker/tasks/package_docker.yml +++ b/roles/docker/tasks/package_docker.yml @@ -48,7 +48,9 @@ template: dest: "{{ docker_systemd_dir }}/custom.conf" src: custom.conf.j2 - when: not os_firewall_use_firewalld | default(False) | bool + notify: + - restart docker + when: not (os_firewall_use_firewalld | default(False)) | bool - name: Add enterprise registry, if necessary set_fact: diff --git a/roles/docker/templates/crio.conf.j2 b/roles/docker/templates/crio.conf.j2 index b4ee84fd0..cce790a60 100644 --- a/roles/docker/templates/crio.conf.j2 +++ b/roles/docker/templates/crio.conf.j2 @@ -13,12 +13,12 @@ runroot = "/var/run/containers/storage" # storage_driver select which storage driver is used to manage storage # of images and containers. -storage_driver = "overlay2" +storage_driver = "overlay" # storage_option is used to pass an option to the storage driver. storage_option = [ {% if ansible_distribution in ['RedHat', 'CentOS'] %} - "overlay2.override_kernel_check=1" + "overlay.override_kernel_check=1" {% endif %} ] @@ -35,6 +35,10 @@ stream_address = "" # stream_port is the port on which the stream server will listen stream_port = "10010" +# file_locking is whether file-based locking will be used instead of +# in-memory locking +file_locking = true + # The "crio.runtime" table contains settings pertaining to the OCI # runtime used and options for how to set up and manage the OCI runtime. [crio.runtime] @@ -67,6 +71,9 @@ runtime_untrusted_workload = "" # container runtime for all containers. default_workload_trust = "trusted" +# no_pivot instructs the runtime to not use pivot_root, but instead use MS_MOVE +no_pivot = false + # conmon is the path to conmon binary, used for managing the runtime. conmon = "/usr/libexec/crio/conmon" @@ -91,7 +98,17 @@ apparmor_profile = "crio-default" # cgroup_manager is the cgroup management implementation to be used # for the runtime. -cgroup_manager = "systemd" +cgroup_manager = "cgroupfs" + +# hooks_dir_path is the oci hooks directory for automatically executed hooks +hooks_dir_path = "/usr/share/containers/oci/hooks.d" + +# pids_limit is the number of processes allowed in a container +pids_limit = 1024 + +# log_size_max is the max limit for the container log size in bytes. +# Negative values indicate that no limit is imposed. +log_size_max = -1 # The "crio.image" table contains settings pertaining to the # management of OCI images. @@ -115,6 +132,10 @@ pause_command = "/pause" # unspecified so that the default system-wide policy will be used. signature_policy = "" +# image_volumes controls how image volumes are handled. +# The valid values are mkdir and ignore. +image_volumes = "mkdir" + # insecure_registries is used to skip TLS verification when pulling images. insecure_registries = [ {{ l_insecure_crio_registries|default("") }} @@ -125,6 +146,7 @@ insecure_registries = [ registries = [ {{ l_additional_crio_registries|default("") }} ] + # The "crio.network" table contains settings pertaining to the # management of CNI plugins. [crio.network] diff --git a/roles/flannel/handlers/main.yml b/roles/flannel/handlers/main.yml index 02f5a5f64..889069485 100644 --- a/roles/flannel/handlers/main.yml +++ b/roles/flannel/handlers/main.yml @@ -12,3 +12,12 @@ until: not l_docker_restart_docker_in_flannel_result | failed retries: 3 delay: 30 + +- name: restart node + systemd: + name: "{{ openshift.common.service_type }}-node" + state: restarted + register: l_restart_node_result + until: not l_restart_node_result | failed + retries: 3 + delay: 30 |