diff options
33 files changed, 828 insertions, 111 deletions
diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index ce566784c..44c87b2a3 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.0.16-1 ./ +3.0.18-1 ./ diff --git a/README_AWS.md b/README_AWS.md index 16ccb07e8..f8ecaec49 100644 --- a/README_AWS.md +++ b/README_AWS.md @@ -67,12 +67,12 @@ By default, a cluster is launched with the following configuration: - Keypair name: libra - Security group: public -Master specific defaults: +#### Master specific defaults: - Master root volume size: 10 (in GiBs) - Master root volume type: gp2 - Master root volume iops: 500 (only applicable when volume type is io1) -Node specific defaults: +#### Node specific defaults: - Node root volume size: 10 (in GiBs) - Node root volume type: gp2 - Node root volume iops: 500 (only applicable when volume type is io1) @@ -81,16 +81,26 @@ Node specific defaults: - Docker volume type: gp2 (only applicable if ephemeral is false) - Docker volume iops: 500 (only applicable when volume type is io1) -Specifying ec2 instance type. -All instances: +### Specifying ec2 instance type. + +#### All instances: + - export ec2_instance_type='m4.large' -Master instances: + +#### Master instances: + - export ec2_master_instance_type='m4.large' -Infra node instances: + +#### Infra node instances: + - export ec2_infra_instance_type='m4.large' -Non-infra node instances: + +#### Non-infra node instances: + - export ec2_node_instance_type='m4.large' -etcd instances: + +#### etcd instances: + - export ec2_etcd_instance_type='m4.large' If needed, these values can be changed by setting environment variables on your system. @@ -114,6 +124,7 @@ If needed, these values can be changed by setting environment variables on your Install Dependencies -------------------- 1. Ansible requires python-boto for aws operations: + RHEL/CentOS/Fedora ``` yum install -y ansible python-boto pyOpenSSL diff --git a/inventory/byo/hosts.aep.example b/inventory/byo/hosts.aep.example new file mode 100644 index 000000000..d5b872e06 --- /dev/null +++ b/inventory/byo/hosts.aep.example @@ -0,0 +1,178 @@ +# This is an example of a bring your own (byo) host inventory + +# Create an OSEv3 group that contains the masters and nodes groups +[OSEv3:children] +masters +nodes +etcd +lb + +# Set variables common for all OSEv3 hosts +[OSEv3:vars] +# SSH user, this user should allow ssh based auth without requiring a +# password. If using ssh key based auth, then the key should be managed by an +# ssh agent. +ansible_ssh_user=root + +# If ansible_ssh_user is not root, ansible_sudo must be set to true and the +# user must be configured for passwordless sudo +#ansible_sudo=true + +# deployment type valid values are origin, online, atomic-enterprise, and openshift-enterprise +deployment_type=atomic-enterprise + +# Enable cluster metrics +#use_cluster_metrics=true + +# Add additional, insecure, and blocked registries to global docker configuration +# For enterprise deployment types we ensure that registry.access.redhat.com is +# included if you do not include it +#cli_docker_additional_registries=registry.example.com +#cli_docker_insecure_registries=registry.example.com +#cli_docker_blocked_registries=registry.hacker.com + +# Alternate image format string. If you're not modifying the format string and +# only need to inject your own registry you may want to consider +# cli_docker_additional_registries instead +#oreg_url=example.com/aep3/aep-${component}:${version} + +# Additional yum repos to install +#openshift_additional_repos=[{'id': 'aep-devel', 'name': 'aep-devel', 'baseurl': 'http://example.com/puddle/build/AtomicOpenShift/3.1/latest/RH7-RHOSE-3.0/$basearch/os', 'enabled': 1, 'gpgcheck': 0}] + +# htpasswd auth +openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/htpasswd'}] + +# Allow all auth +#openshift_master_identity_providers=[{'name': 'allow_all', 'login': 'true', 'challenge': 'true', 'kind': 'AllowAllPasswordIdentityProvider'}] + +# LDAP auth +#openshift_master_identity_providers=[{'name': 'my_ldap_provider', 'challenge': 'true', 'login': 'true', 'kind': 'LDAPPasswordIdentityProvider', 'attributes': {'id': ['dn'], 'email': ['mail'], 'name': ['cn'], 'preferredUsername': ['uid']}, 'bindDN': '', 'bindPassword': '', 'ca': '', 'insecure': 'false', 'url': 'ldap://ldap.example.com:389/ou=users,dc=example,dc=com?uid'}] + +# Project Configuration +#osm_project_request_message='' +#osm_project_request_template='' +#osm_mcs_allocator_range='s0:/2' +#osm_mcs_labels_per_project=5 +#osm_uid_allocator_range='1000000000-1999999999/10000' + +# Configure Fluentd +#use_fluentd=true + +# Enable cockpit +#osm_use_cockpit=true +# +# Set cockpit plugins +#osm_cockpit_plugins=['cockpit-kubernetes'] + +# Native high availbility cluster method with optional load balancer. +# If no lb group is defined installer assumes that a load balancer has +# been preconfigured. For installation the value of +# openshift_master_cluster_hostname must resolve to the load balancer +# or to one or all of the masters defined in the inventory if no load +# balancer is present. +#openshift_master_cluster_method=native +#openshift_master_cluster_hostname=openshift-ansible.test.example.com +#openshift_master_cluster_public_hostname=openshift-ansible.test.example.com + +# Pacemaker high availability cluster method. +# Pacemaker HA environment must be able to self provision the +# configured VIP. For installation openshift_master_cluster_hostname +# must resolve to the configured VIP. +#openshift_master_cluster_method=pacemaker +#openshift_master_cluster_password=openshift_cluster +#openshift_master_cluster_vip=192.168.133.25 +#openshift_master_cluster_public_vip=192.168.133.25 +#openshift_master_cluster_hostname=openshift-ansible.test.example.com +#openshift_master_cluster_public_hostname=openshift-ansible.test.example.com + +# Override the default controller lease ttl +#osm_controller_lease_ttl=30 + +# default subdomain to use for exposed routes +#osm_default_subdomain=apps.test.example.com + +# additional cors origins +#osm_custom_cors_origins=['foo.example.com', 'bar.example.com'] + +# default project node selector +#osm_default_node_selector='region=primary' + +# default storage plugin dependencies to install, by default the ceph and +# glusterfs plugin dependencies will be installed, if available. +#osn_storage_plugin_deps=['ceph','glusterfs'] + +# default selectors for router and registry services +# openshift_router_selector='region=infra' +# openshift_registry_selector='region=infra' + +# Configure the multi-tenant SDN plugin (default is 'redhat/openshift-ovs-subnet') +# os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant' + +# Disable the OpenShift SDN plugin +# openshift_use_openshift_sdn=False + +# set RPM version for debugging purposes +#openshift_pkg_version=-3.1.0.0 + +# Configure custom named certificates +# NOTE: openshift_master_named_certificates is cached on masters and is an +# additive fact, meaning that each run with a different set of certificates +# will add the newly provided certificates to the cached set of certificates. +# If you would like openshift_master_named_certificates to be overwritten with +# the provided value, specify openshift_master_overwrite_named_certificates. +#openshift_master_overwrite_named_certificates: true +# +# Provide local certificate paths which will be deployed to masters +#openshift_master_named_certificates=[{"certfile": "/path/to/custom1.crt", "keyfile": "/path/to/custom1.key"}] +# +# Detected names may be overridden by specifying the "names" key +#openshift_master_named_certificates=[{"certfile": "/path/to/custom1.crt", "keyfile": "/path/to/custom1.key", "names": ["public-master-host.com"]}] + +# Session options +#openshift_master_session_name=ssn +#openshift_master_session_max_seconds=3600 + +# An authentication and encryption secret will be generated if secrets +# are not provided. If provided, openshift_master_session_auth_secrets +# and openshift_master_encryption_secrets must be equal length. +# +# Signing secrets, used to authenticate sessions using +# HMAC. Recommended to use secrets with 32 or 64 bytes. +#openshift_master_session_auth_secrets=['DONT+USE+THIS+SECRET+b4NV+pmZNSO'] +# +# Encrypting secrets, used to encrypt sessions. Must be 16, 24, or 32 +# characters long, to select AES-128, AES-192, or AES-256. +#openshift_master_session_encryption_secrets=['DONT+USE+THIS+SECRET+b4NV+pmZNSO'] + +# configure how often node iptables rules are refreshed +#openshift_node_iptables_sync_period=5s + +# Configure nodeIP in the node config +# This is needed in cases where node traffic is desired to go over an +# interface other than the default network interface. +#openshift_node_set_node_ip=True + +# Force setting of system hostname when configuring OpenShift +# This works around issues related to installations that do not have valid dns +# entries for the interfaces attached to the host. +#openshift_set_hostname=True + +# Configure dnsIP in the node config +#openshift_dns_ip=172.30.0.1 + +# host group for masters +[masters] +aep3-master[1:3]-ansible.test.example.com + +[etcd] +aep3-etcd[1:3]-ansible.test.example.com + +[lb] +aep3-lb-ansible.test.example.com + +# NOTE: Currently we require that masters be part of the SDN which requires that they also be nodes +# However, in order to ensure that your masters are not burdened with running pods you should +# make them unschedulable by adding openshift_schedulable=False any node that's also a master. +[nodes] +aep3-master[1:3]-ansible.test.example.com +aep3-node[1:2]-ansible.test.example.com openshift_node_labels="{'region': 'primary', 'zone': 'default'}" diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.origin.example index 799725a37..77a3a04b4 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.origin.example @@ -18,20 +18,23 @@ ansible_ssh_user=root # user must be configured for passwordless sudo #ansible_sudo=true -# deployment type valid values are origin, online and enterprise -deployment_type=atomic-enterprise +# deployment type valid values are origin, online, atomic-enterprise and openshift-enterprise +deployment_type=origin # Enable cluster metrics #use_cluster_metrics=true -# Pre-release registry URL -#oreg_url=example.com/openshift3/ose-${component}:${version} - -# Pre-release Dev puddle repo -#openshift_additional_repos=[{'id': 'ose-devel', 'name': 'ose-devel', 'baseurl': 'http://buildvm-devops.usersys.redhat.com/puddle/build/OpenShiftEnterprise/3.0/latest/RH7-RHOSE-3.0/$basearch/os', 'enabled': 1, 'gpgcheck': 0}] +# Add additional, insecure, and blocked registries to global docker configuration +# For enterprise deployment types we ensure that registry.access.redhat.com is +# included if you do not include it +#cli_docker_additional_registries=registry.example.com +#cli_docker_insecure_registries=registry.example.com +#cli_docker_blocked_registries=registry.hacker.com -# Pre-release Errata puddle repo -#openshift_additional_repos=[{'id': 'ose-devel', 'name': 'ose-devel', 'baseurl': 'http://buildvm-devops.usersys.redhat.com/puddle/build/OpenShiftEnterpriseErrata/3.0/latest/RH7-RHOSE-3.0/$basearch/os', 'enabled': 1, 'gpgcheck': 0}] +# Alternate image format string. If you're not modifying the format string and +# only need to inject your own registry you may want to consider +# cli_docker_additional_registries instead +#oreg_url=example.com/openshift3/ose-${component}:${version} # Origin copr repo #openshift_additional_repos=[{'id': 'openshift-origin-copr', 'name': 'OpenShift Origin COPR', 'baseurl': 'https://copr-be.cloud.fedoraproject.org/results/maxamillion/origin-next/epel-7-$basearch/', 'enabled': 1, 'gpgcheck': 1, gpgkey: 'https://copr-be.cloud.fedoraproject.org/results/maxamillion/origin-next/pubkey.gpg'}] @@ -41,7 +44,7 @@ deployment_type=atomic-enterprise #openshift_additional_repos=[{'id': 'fedora-openshift-origin-copr', 'name': 'OpenShift Origin COPR for Fedora', 'baseurl': 'https://copr-be.cloud.fedoraproject.org/results/maxamillion/fedora-openshift/fedora-$releasever-$basearch/', 'enabled': 1, 'gpgcheck': 1, gpgkey: 'https://copr-be.cloud.fedoraproject.org/results/maxamillion/fedora-openshift/pubkey.gpg'}] # htpasswd auth -openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/openshift/htpasswd'}] +openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/htpasswd'}] # Allow all auth #openshift_master_identity_providers=[{'name': 'allow_all', 'login': 'true', 'challenge': 'true', 'kind': 'AllowAllPasswordIdentityProvider'}] @@ -113,7 +116,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # openshift_use_openshift_sdn=False # set RPM version for debugging purposes -#openshift_pkg_version=-3.0.0.0 +#openshift_pkg_version=-1.1 # Configure custom named certificates # NOTE: openshift_master_named_certificates is cached on masters and is an diff --git a/inventory/byo/hosts.ose.example b/inventory/byo/hosts.ose.example new file mode 100644 index 000000000..5a4310298 --- /dev/null +++ b/inventory/byo/hosts.ose.example @@ -0,0 +1,178 @@ +# This is an example of a bring your own (byo) host inventory + +# Create an OSEv3 group that contains the masters and nodes groups +[OSEv3:children] +masters +nodes +etcd +lb + +# Set variables common for all OSEv3 hosts +[OSEv3:vars] +# SSH user, this user should allow ssh based auth without requiring a +# password. If using ssh key based auth, then the key should be managed by an +# ssh agent. +ansible_ssh_user=root + +# If ansible_ssh_user is not root, ansible_sudo must be set to true and the +# user must be configured for passwordless sudo +#ansible_sudo=true + +# deployment type valid values are origin, online, atomic-enterprise, and openshift-enterprise +deployment_type=openshift-enterprise + +# Enable cluster metrics +#use_cluster_metrics=true + +# Add additional, insecure, and blocked registries to global docker configuration +# For enterprise deployment types we ensure that registry.access.redhat.com is +# included if you do not include it +#cli_docker_additional_registries=registry.example.com +#cli_docker_insecure_registries=registry.example.com +#cli_docker_blocked_registries=registry.hacker.com + +# Alternate image format string. If you're not modifying the format string and +# only need to inject your own registry you may want to consider +# cli_docker_additional_registries instead +#oreg_url=example.com/openshift3/ose-${component}:${version} + +# Additional yum repos to install +#openshift_additional_repos=[{'id': 'ose-devel', 'name': 'ose-devel', 'baseurl': 'http://example.com/puddle/build/AtomicOpenShift/3.1/latest/RH7-RHOSE-3.0/$basearch/os', 'enabled': 1, 'gpgcheck': 0}] + +# htpasswd auth +openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/htpasswd'}] + +# Allow all auth +#openshift_master_identity_providers=[{'name': 'allow_all', 'login': 'true', 'challenge': 'true', 'kind': 'AllowAllPasswordIdentityProvider'}] + +# LDAP auth +#openshift_master_identity_providers=[{'name': 'my_ldap_provider', 'challenge': 'true', 'login': 'true', 'kind': 'LDAPPasswordIdentityProvider', 'attributes': {'id': ['dn'], 'email': ['mail'], 'name': ['cn'], 'preferredUsername': ['uid']}, 'bindDN': '', 'bindPassword': '', 'ca': '', 'insecure': 'false', 'url': 'ldap://ldap.example.com:389/ou=users,dc=example,dc=com?uid'}] + +# Project Configuration +#osm_project_request_message='' +#osm_project_request_template='' +#osm_mcs_allocator_range='s0:/2' +#osm_mcs_labels_per_project=5 +#osm_uid_allocator_range='1000000000-1999999999/10000' + +# Configure Fluentd +#use_fluentd=true + +# Enable cockpit +#osm_use_cockpit=true +# +# Set cockpit plugins +#osm_cockpit_plugins=['cockpit-kubernetes'] + +# Native high availbility cluster method with optional load balancer. +# If no lb group is defined installer assumes that a load balancer has +# been preconfigured. For installation the value of +# openshift_master_cluster_hostname must resolve to the load balancer +# or to one or all of the masters defined in the inventory if no load +# balancer is present. +#openshift_master_cluster_method=native +#openshift_master_cluster_hostname=openshift-ansible.test.example.com +#openshift_master_cluster_public_hostname=openshift-ansible.test.example.com + +# Pacemaker high availability cluster method. +# Pacemaker HA environment must be able to self provision the +# configured VIP. For installation openshift_master_cluster_hostname +# must resolve to the configured VIP. +#openshift_master_cluster_method=pacemaker +#openshift_master_cluster_password=openshift_cluster +#openshift_master_cluster_vip=192.168.133.25 +#openshift_master_cluster_public_vip=192.168.133.25 +#openshift_master_cluster_hostname=openshift-ansible.test.example.com +#openshift_master_cluster_public_hostname=openshift-ansible.test.example.com + +# Override the default controller lease ttl +#osm_controller_lease_ttl=30 + +# default subdomain to use for exposed routes +#osm_default_subdomain=apps.test.example.com + +# additional cors origins +#osm_custom_cors_origins=['foo.example.com', 'bar.example.com'] + +# default project node selector +#osm_default_node_selector='region=primary' + +# default storage plugin dependencies to install, by default the ceph and +# glusterfs plugin dependencies will be installed, if available. +#osn_storage_plugin_deps=['ceph','glusterfs'] + +# default selectors for router and registry services +# openshift_router_selector='region=infra' +# openshift_registry_selector='region=infra' + +# Configure the multi-tenant SDN plugin (default is 'redhat/openshift-ovs-subnet') +# os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant' + +# Disable the OpenShift SDN plugin +# openshift_use_openshift_sdn=False + +# set RPM version for debugging purposes +#openshift_pkg_version=-3.1.0.0 + +# Configure custom named certificates +# NOTE: openshift_master_named_certificates is cached on masters and is an +# additive fact, meaning that each run with a different set of certificates +# will add the newly provided certificates to the cached set of certificates. +# If you would like openshift_master_named_certificates to be overwritten with +# the provided value, specify openshift_master_overwrite_named_certificates. +#openshift_master_overwrite_named_certificates: true +# +# Provide local certificate paths which will be deployed to masters +#openshift_master_named_certificates=[{"certfile": "/path/to/custom1.crt", "keyfile": "/path/to/custom1.key"}] +# +# Detected names may be overridden by specifying the "names" key +#openshift_master_named_certificates=[{"certfile": "/path/to/custom1.crt", "keyfile": "/path/to/custom1.key", "names": ["public-master-host.com"]}] + +# Session options +#openshift_master_session_name=ssn +#openshift_master_session_max_seconds=3600 + +# An authentication and encryption secret will be generated if secrets +# are not provided. If provided, openshift_master_session_auth_secrets +# and openshift_master_encryption_secrets must be equal length. +# +# Signing secrets, used to authenticate sessions using +# HMAC. Recommended to use secrets with 32 or 64 bytes. +#openshift_master_session_auth_secrets=['DONT+USE+THIS+SECRET+b4NV+pmZNSO'] +# +# Encrypting secrets, used to encrypt sessions. Must be 16, 24, or 32 +# characters long, to select AES-128, AES-192, or AES-256. +#openshift_master_session_encryption_secrets=['DONT+USE+THIS+SECRET+b4NV+pmZNSO'] + +# configure how often node iptables rules are refreshed +#openshift_node_iptables_sync_period=5s + +# Configure nodeIP in the node config +# This is needed in cases where node traffic is desired to go over an +# interface other than the default network interface. +#openshift_node_set_node_ip=True + +# Force setting of system hostname when configuring OpenShift +# This works around issues related to installations that do not have valid dns +# entries for the interfaces attached to the host. +#openshift_set_hostname=True + +# Configure dnsIP in the node config +#openshift_dns_ip=172.30.0.1 + +# host group for masters +[masters] +ose3-master[1:3]-ansible.test.example.com + +[etcd] +ose3-etcd[1:3]-ansible.test.example.com + +[lb] +ose3-lb-ansible.test.example.com + +# NOTE: Currently we require that masters be part of the SDN which requires that they also be nodes +# However, in order to ensure that your masters are not burdened with running pods you should +# make them unschedulable by adding openshift_schedulable=False any node that's also a master. +[nodes] +ose3-master[1:3]-ansible.test.example.com +ose3-node[1:2]-ansible.test.example.com openshift_node_labels="{'region': 'primary', 'zone': 'default'}" diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 09569761f..d22afe23d 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -5,7 +5,7 @@ } Name: openshift-ansible -Version: 3.0.16 +Version: 3.0.18 Release: 1%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 @@ -192,7 +192,7 @@ BuildArch: noarch # ---------------------------------------------------------------------------------- %package roles Summary: Openshift and Atomic Enterprise Ansible roles -Requires: %{name} +Requires: %{name} = %{version} Requires: %{name}-lookup-plugins = %{version} Requires: %{name}-filter-plugins = %{version} BuildArch: noarch @@ -209,8 +209,9 @@ BuildArch: noarch # ---------------------------------------------------------------------------------- %package filter-plugins Summary: Openshift and Atomic Enterprise Ansible filter plugins -Requires: %{name} +Requires: %{name} = %{version} BuildArch: noarch +Requires: pyOpenSSL %description filter-plugins %{summary}. @@ -224,7 +225,7 @@ BuildArch: noarch # ---------------------------------------------------------------------------------- %package lookup-plugins Summary: Openshift and Atomic Enterprise Ansible lookup plugins -Requires: %{name} +Requires: %{name} = %{version} BuildArch: noarch %description lookup-plugins @@ -258,6 +259,87 @@ Atomic OpenShift Utilities includes %changelog +* Tue Dec 08 2015 Brenton Leanhardt <bleanhar@redhat.com> 3.0.18-1 +- Pass in and use first_master_ip as dnsIP for pre 3.1 nodes. + (abutcher@redhat.com) +- Fix delete state (jdiaz@redhat.com) +- Require pyOpenSSL (sdodson@redhat.com) +- Update sync db-templates, image-streams, and quickstart-templates + (sdodson@redhat.com) +- Clarify the preflight port check output (sdodson@redhat.com) +- Fix missing dependency version locking (sdodson@redhat.com) + +* Tue Dec 08 2015 Brenton Leanhardt <bleanhar@redhat.com> 3.0.17-1 +- Improving output when gathering facts (bleanhar@redhat.com) +- Bug 1287977 - Incorrect check output from atomic-openshift-installer when + working with preconfigured load balancer (bleanhar@redhat.com) +- Add unique AEP, OSE, and Origin BYO inventories (sdodson@redhat.com) +- bring the docker udev workaround into openshift-ansible.git + (jdiaz@redhat.com) +- Zabbix: put in a note about trigger prototype dependency + (mwoodson@redhat.com) +- Zabbix: added dependency for inode disk check (mwoodson@redhat.com) +- Zabbix: added dependency for disk check (mwoodson@redhat.com) +- zabbix: removed ethernet graphs (mwoodson@redhat.com) +- Zabbix: added trigger dependencies to certain master checks + (mwoodson@redhat.com) +- ManageIQ Service Account: added role for ManageIQ service account + (efreiber@redhat.com) +- added the pv zabbix keys (mwoodson@redhat.com) +- Refactor dns options and facts. (abutcher@redhat.com) +- Fix openshift_facts playbook for yum/dnf changes (jdetiber@redhat.com) +- Configured master count should be 1 for pacemaker ha. (abutcher@redhat.com) +- Fedora changes: (admiller@redhat.com) +- Centralize etcd/schedulability logic for each host. (dgoodwin@redhat.com) +- added upgrade playbook for online (sedgar@redhat.com) +- Improved installation summary. (dgoodwin@redhat.com) +- Fix kubernetes service ip gathering. (abutcher@redhat.com) +- added docker registry cluster check (mwoodson@redhat.com) +- Add warning for HA deployments with < 3 dedicated nodes. + (dgoodwin@redhat.com) +- Cleanup more schedulable typos. (dgoodwin@redhat.com) +- Fix validation for BasicAuthPasswordIdentityProvider (tschan@puzzle.ch) +- Fix ec2 instance type lookups (jdetiber@redhat.com) +- remove debug logging from scc/privileged patch command (jdetiber@redhat.com) +- Set api version for oc commands (jdetiber@redhat.com) +- 3.1 upgrade - use --api-version for patch commands (jdetiber@redhat.com) +- Fix bug when warning on no dedicated nodes. (dgoodwin@redhat.com) +- Suggest dedicated nodes for an HA deployment. (dgoodwin@redhat.com) +- Error out if no load balancer specified. (dgoodwin@redhat.com) +- Adjust requirement for 3 masters for HA deployments. (dgoodwin@redhat.com) +- Fixing 'unscheduleable' typo (bleanhar@redhat.com) +- Update IMAGE_PREFIX and IMAGE_VERSION values in hawkular template + (nakayamakenjiro@gmail.com) +- Improved output when re-running after editing config. (dgoodwin@redhat.com) +- Print a system summary after adding each. (dgoodwin@redhat.com) +- Text improvements for host specification. (dgoodwin@redhat.com) +- Assert etcd section written for HA installs. (dgoodwin@redhat.com) +- Breakout a test fixture to reduce module size. (dgoodwin@redhat.com) +- Pylint touchups. (dgoodwin@redhat.com) +- Trim assertions in HA testing. (dgoodwin@redhat.com) +- Test unattended HA quick install. (dgoodwin@redhat.com) +- Don't prompt to continue during unattended installs. (dgoodwin@redhat.com) +- Block re-use of master/node as load balancer in attended install. + (dgoodwin@redhat.com) +- Add -q flag to remove unwantend output (such as mirror and cache information) + (urs.breu@ergon.ch) +- Uninstall: only restart docker on node hosts. (abutcher@redhat.com) +- Explicitly set schedulable when masters == nodes. (dgoodwin@redhat.com) +- Use admin.kubeconfig for get svc ip. (abutcher@redhat.com) +- Point enterprise metrics at registry.access.redhat.com/openshift3/metrics- + (sdodson@redhat.com) +- Make sure that OpenSSL is installed before use (fsimonce@redhat.com) +- fixes for installer wrapper scaleup (jdetiber@redhat.com) +- addtl aws fixes (jdetiber@redhat.com) +- Fix failure when seboolean not present (jdetiber@redhat.com) +- fix addNodes.yml (jdetiber@redhat.com) +- more aws support for scaleup (jdetiber@redhat.com) +- start of aws scaleup (jdetiber@redhat.com) +- Improve scaleup playbook (jdetiber@redhat.com) +- Update openshift_repos to refresh package cache on changes + (jdetiber@redhat.com) +- Add etcd nodes management in OpenStack (lhuard@amadeus.com) + * Tue Nov 24 2015 Brenton Leanhardt <bleanhar@redhat.com> 3.0.16-1 - Silencing pylint branch errors for now for the atomic-openshift-installer harness (bleanhar@redhat.com) diff --git a/playbooks/common/openshift-cluster/scaleup.yml b/playbooks/common/openshift-cluster/scaleup.yml index e1778e41e..d2ba3fc7a 100644 --- a/playbooks/common/openshift-cluster/scaleup.yml +++ b/playbooks/common/openshift-cluster/scaleup.yml @@ -3,6 +3,4 @@ - include: ../openshift-node/config.yml vars: - osn_cluster_dns_domain: "{{ hostvars[groups.oo_first_master.0].openshift.dns.domain }}" - osn_cluster_dns_ip: "{{ hostvars[groups.oo_first_master.0].openshift.dns.ip }}" openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/common/openshift-cluster/upgrades/files/pre-upgrade-check b/playbooks/common/openshift-cluster/upgrades/files/pre-upgrade-check index b5459f312..e5c958ebb 100644 --- a/playbooks/common/openshift-cluster/upgrades/files/pre-upgrade-check +++ b/playbooks/common/openshift-cluster/upgrades/files/pre-upgrade-check @@ -111,13 +111,16 @@ def print_validation_header(): overwhelming the user. """ print """\ -At least one port name does not validate. Valid port names: +At least one port name is invalid and must be corrected before upgrading. +Please update or remove any resources with invalid port names. - * must be less that 16 chars + Valid port names must: + + * be less that 16 characters * have at least one letter - * only a-z0-9- - * do not start or end with - - * Dashes may not be next to eachother ('--') + * contain only a-z0-9- + * not start or end with - + * not contain dashes next to each other ('--') """ @@ -142,9 +145,9 @@ def main(): # Where the magic happens first_error = True for kind, path in [ + ('deploymentconfigs', ("spec", "template", "spec", "containers")), ('replicationcontrollers', ("spec", "template", "spec", "containers")), - ('pods', ("spec", "containers")), - ('deploymentconfigs', ("spec", "template", "spec", "containers"))]: + ('pods', ("spec", "containers"))]: for item in list_items(kind): namespace = item["metadata"]["namespace"] item_name = item["metadata"]["name"] diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index 2b6171cb3..952a9fd51 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -158,8 +158,10 @@ vars: sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}" openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}" + # TODO: Prefix flannel role variables. etcd_urls: "{{ hostvars[groups.oo_first_master.0].openshift.master.etcd_urls }}" embedded_etcd: "{{ hostvars[groups.oo_first_master.0].openshift.master.embedded_etcd }}" + openshift_node_first_master_ip: "{{ hostvars[groups.oo_first_master.0].openshift.common.ip }}" pre_tasks: - name: Ensure certificate directory exists file: diff --git a/playbooks/gce/openshift-cluster/join_node.yml b/playbooks/gce/openshift-cluster/join_node.yml index c8f6065cd..5ae3a8fef 100644 --- a/playbooks/gce/openshift-cluster/join_node.yml +++ b/playbooks/gce/openshift-cluster/join_node.yml @@ -45,5 +45,3 @@ openshift_use_openshift_sdn: true openshift_node_labels: "{{ lookup('oo_option', 'openshift_node_labels') }} " os_sdn_network_plugin_name: "redhat/openshift-ovs-subnet" - osn_cluster_dns_domain: "{{ hostvars[groups.oo_first_master.0].openshift.dns.domain }}" - osn_cluster_dns_ip: "{{ hostvars[groups.oo_first_master.0].cluster_dns_ip }}" diff --git a/roles/lib_zabbix/library/zbx_action.py b/roles/lib_zabbix/library/zbx_action.py index 24693e5db..8bb586c0b 100644 --- a/roles/lib_zabbix/library/zbx_action.py +++ b/roles/lib_zabbix/library/zbx_action.py @@ -1,8 +1,8 @@ #!/usr/bin/env python +# vim: expandtab:tabstop=4:shiftwidth=4 ''' Ansible module for zabbix actions ''' -# vim: expandtab:tabstop=4:shiftwidth=4 # # Zabbix action ansible module # @@ -457,7 +457,7 @@ def main(): if not exists(content): module.exit_json(changed=False, state="absent") - content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0]['itemid']]) + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0]['actionid']]) module.exit_json(changed=True, results=content['result'], state="absent") # Create and Update diff --git a/roles/openshift_examples/files/examples/v1.1/db-templates/README.md b/roles/openshift_examples/files/examples/v1.1/db-templates/README.md new file mode 100644 index 000000000..b39abf8b9 --- /dev/null +++ b/roles/openshift_examples/files/examples/v1.1/db-templates/README.md @@ -0,0 +1,100 @@ +OpenShift 3 Database Examples +============================= + +This directory contains example JSON templates to deploy databases in OpenShift. +They can be used to immediately instantiate a database and expose it as a +service in the current project, or to add a template that can be later used from +the Web Console or the CLI. + +The examples can also be tweaked to create new templates. + + +## Ephemeral x Persistent + +For each supported database, there are two template files. + +Files named `*-ephemeral-template.json` use +"[emptyDir](https://docs.openshift.org/latest/dev_guide/volumes.html)" volumes +for data storage, which means that data is lost after a pod restart. +This is tolerable for experimenting, but not suitable for production use. + +The other templates, named `*-persistent-template.json`, use [persistent volume +claims](https://docs.openshift.org/latest/architecture/additional_concepts/storage.html#persistent-volume-claims) +to request persistent storage provided by [persistent +volumes](https://docs.openshift.org/latest/architecture/additional_concepts/storage.html#persistent-volumes), +that must have been created upfront. + + +## Usage + +### Instantiating a new database service + +Use these instructions if you want to quickly deploy a new database service in +your current project. Instantiate a new database service with this command: + + $ oc new-app /path/to/template.json + +Replace `/path/to/template.json` with an appropriate path, that can be either a +local path or an URL. Example: + + $ oc new-app https://raw.githubusercontent.com/openshift/origin/master/examples/db-templates/mongodb-ephemeral-template.json + --> Deploying template mongodb-ephemeral for "https://raw.githubusercontent.com/openshift/origin/master/examples/db-templates/mongodb-ephemeral-template.json" + With parameters: + DATABASE_SERVICE_NAME=mongodb + MONGODB_USER=userJNX # generated + MONGODB_PASSWORD=tnEDilMVrgjp5AI2 # generated + MONGODB_DATABASE=sampledb + MONGODB_ADMIN_PASSWORD=8bYEs8OlNYhVyMBs # generated + --> Creating resources ... + Service "mongodb" created + DeploymentConfig "mongodb" created + --> Success + Run 'oc status' to view your app. + +The parameters listed in the output above can be tweaked by specifying values in +the command line with the `-p` option: + + $ oc new-app examples/db-templates/mongodb-ephemeral-template.json -p DATABASE_SERVICE_NAME=mydb -p MONGODB_USER=default + --> Deploying template mongodb-ephemeral for "examples/db-templates/mongodb-ephemeral-template.json" + With parameters: + DATABASE_SERVICE_NAME=mydb + MONGODB_USER=default + MONGODB_PASSWORD=RPvMbWlQFOevSowQ # generated + MONGODB_DATABASE=sampledb + MONGODB_ADMIN_PASSWORD=K7tIjDxDHHYCvFrJ # generated + --> Creating resources ... + Service "mydb" created + DeploymentConfig "mydb" created + --> Success + Run 'oc status' to view your app. + +Note that the persistent template requires an existing persistent volume, +otherwise the deployment won't ever succeed. + + +### Adding a database as a template + +Use these instructions if, instead of instantiating a service right away, you +want to load the template into an OpenShift project so that it can be used +later. Create the template with this command: + + $ oc create -f /path/to/template.json + +Replace `/path/to/template.json` with an appropriate path, that can be either a +local path or an URL. Example: + + $ oc create -f https://raw.githubusercontent.com/openshift/origin/master/examples/db-templates/mongodb-ephemeral-template.json + template "mongodb-ephemeral" created + +The new template is now available to use in the Web Console or with `oc +new-app`. + + +## More information + +The usage of each supported database image is further documented in the links +below: + +- [MySQL](https://docs.openshift.org/latest/using_images/db_images/mysql.html) +- [PostgreSQL](https://docs.openshift.org/latest/using_images/db_images/postgresql.html) +- [MongoDB](https://docs.openshift.org/latest/using_images/db_images/mongodb.html) diff --git a/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-ephemeral-template.json index 6b90fa54e..11767862d 100644 --- a/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-ephemeral-template.json @@ -55,7 +55,7 @@ { "type": "ImageChange", "imageChangeParams": { - "automatic": true, + "automatic": false, "containerNames": [ "mongodb" ], diff --git a/roles/openshift_examples/files/examples/v1.1/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.1/db-templates/mysql-ephemeral-template.json index b384a5992..84911d2d6 100644 --- a/roles/openshift_examples/files/examples/v1.1/db-templates/mysql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.1/db-templates/mysql-ephemeral-template.json @@ -55,7 +55,7 @@ { "type": "ImageChange", "imageChangeParams": { - "automatic": true, + "automatic": false, "containerNames": [ "mysql" ], diff --git a/roles/openshift_examples/files/examples/v1.1/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.1/db-templates/postgresql-ephemeral-template.json index 60d6b8519..9ee9364a9 100644 --- a/roles/openshift_examples/files/examples/v1.1/db-templates/postgresql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.1/db-templates/postgresql-ephemeral-template.json @@ -55,7 +55,7 @@ { "type": "ImageChange", "imageChangeParams": { - "automatic": true, + "automatic": false, "containerNames": [ "postgresql" ], diff --git a/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-centos7.json index 1a78b1279..51805d729 100644 --- a/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-centos7.json +++ b/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-centos7.json @@ -16,7 +16,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "2.0" + "Name": "2.2" } }, { @@ -99,7 +99,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "5.16" + "Name": "5.20" } }, { @@ -149,7 +149,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "5.5" + "Name": "5.6" } }, { @@ -198,7 +198,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "3.3" + "Name": "3.4" } }, { @@ -296,7 +296,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "5.5" + "Name": "5.6" } }, { @@ -329,7 +329,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "9.2" + "Name": "9.4" } }, { @@ -362,7 +362,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "2.4" + "Name": "2.6" } }, { diff --git a/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-rhel7.json index d2a8cfb1d..3092ee486 100644 --- a/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-rhel7.json +++ b/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-rhel7.json @@ -16,7 +16,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "2.0" + "Name": "2.2" } }, { @@ -99,7 +99,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "5.16" + "Name": "5.20" } }, { @@ -149,7 +149,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "5.5" + "Name": "5.6" } }, { @@ -198,7 +198,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "3.3" + "Name": "3.4" } }, { @@ -262,7 +262,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "5.5" + "Name": "5.6" } }, { @@ -295,7 +295,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "9.2" + "Name": "9.4" } }, { @@ -328,7 +328,7 @@ "name": "latest", "from": { "Kind": "ImageStreamTag", - "Name": "2.4" + "Name": "2.6" } }, { diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp-mysql.json index da5679444..52143da2d 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp-mysql.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp-mysql.json @@ -83,7 +83,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "openshift", - "name": "php:5.5" + "name": "php:5.6" } } }, @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" @@ -250,6 +253,20 @@ }, "triggers": [ { + "type": "ImageChange", + "imageChangeParams": { + "automatic": false, + "containerNames": [ + "mysql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "openshift", + "name": "mysql:5.6" + } + } + }, + { "type": "ConfigChange" } ], @@ -268,7 +285,7 @@ "containers": [ { "name": "mysql", - "image": "${MYSQL_IMAGE}", + "image": "mysql", "ports": [ { "containerPort": 3306 @@ -347,11 +364,6 @@ "from": "[a-zA-Z0-9]{16}" }, { - "name": "MYSQL_IMAGE", - "description": "Image to use for mysql", - "value": "openshift/mysql-55-centos7" - }, - { "name": "CAKEPHP_SECRET_TOKEN", "description": "Set this to a long random string", "generate": "expression", diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp.json index f426e1dd6..b77dc0c51 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp.json @@ -83,7 +83,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "openshift", - "name": "php:5.5" + "name": "php:5.6" } } }, @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer-mysql.json index 55f655102..edc6a1f3f 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer-mysql.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer-mysql.json @@ -83,7 +83,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "openshift", - "name": "perl:5.16" + "name": "perl:5.20" } } }, @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" @@ -224,6 +227,20 @@ }, "triggers": [ { + "type": "ImageChange", + "imageChangeParams": { + "automatic": false, + "containerNames": [ + "mysql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "openshift", + "name": "mysql:5.6" + } + } + }, + { "type": "ConfigChange" } ], @@ -242,7 +259,7 @@ "containers": [ { "name": "mysql", - "image": "${MYSQL_IMAGE}", + "image": "mysql", "ports": [ { "containerPort": 3306 @@ -329,11 +346,6 @@ "value": "sampledb" }, { - "name": "MYSQL_IMAGE", - "description": "Image to use for mysql", - "value": "openshift/mysql-55-centos7" - }, - { "name": "PERL_APACHE2_RELOAD", "description": "Set this to \"true\" to enable automatic reloading of modified Perl modules", "value": "" diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer.json index 3ee19be83..409252d82 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer.json @@ -83,7 +83,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "openshift", - "name": "perl:5.16" + "name": "perl:5.20" } } }, @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django-postgresql.json index 749064e98..c4c55ddd8 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django-postgresql.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django-postgresql.json @@ -83,7 +83,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "openshift", - "name": "python:3.3" + "name": "python:3.4" } } }, @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" @@ -231,6 +234,20 @@ }, "triggers": [ { + "type": "ImageChange", + "imageChangeParams": { + "automatic": false, + "containerNames": [ + "postgresql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "openshift", + "name": "postgresql:9.4" + } + } + }, + { "type": "ConfigChange" } ], @@ -249,7 +266,7 @@ "containers": [ { "name": "postgresql", - "image": "${POSTGRESQL_IMAGE}", + "image": "postgresql", "ports": [ { "containerPort": 5432 @@ -328,11 +345,6 @@ "from": "[a-zA-Z0-9]{16}" }, { - "name": "POSTGRESQL_IMAGE", - "description": "Image to use for postgresql", - "value": "openshift/postgresql-92-centos7" - }, - { "name": "APP_CONFIG", "description": "Relative path to Gunicorn configuration file (optional)" }, diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django.json index 143a942ab..75b6798b5 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django.json @@ -83,7 +83,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "openshift", - "name": "python:3.3" + "name": "python:3.4" } } }, @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-ephemeral-template.json index 14bd032af..0b016373f 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-ephemeral-template.json @@ -7,7 +7,7 @@ "annotations": { "description": "Jenkins service, without persistent storage. WARNING: Any data stored will be lost upon pod destruction. Only use this template for testing", "iconClass": "icon-jenkins", - "tags": "database,jenkins" + "tags": "instant-app,jenkins" } }, "objects": [ @@ -70,6 +70,21 @@ }, "triggers": [ { + "type": "ImageChange", + "imageChangeParams": { + "automatic": false, + "containerNames": [ + "jenkins" + ], + "from": { + "kind": "ImageStreamTag", + "name": "jenkins:latest", + "namespace": "openshift" + }, + "lastTriggeredImage": "" + } + }, + { "type": "ConfigChange" } ], @@ -133,11 +148,6 @@ "value": "jenkins" }, { - "name": "JENKINS_IMAGE", - "description": "Jenkins Docker image to use", - "value": "openshift/jenkins-1-centos7" - }, - { "name": "JENKINS_PASSWORD", "description": "Password for the Jenkins user", "generate": "expression", diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-persistent-template.json index fa31de486..98f0cea95 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-persistent-template.json @@ -7,7 +7,7 @@ "annotations": { "description": "Jenkins service, with persistent storage.", "iconClass": "icon-jenkins", - "tags": "database,jenkins" + "tags": "instant-app,jenkins" } }, "objects": [ @@ -87,6 +87,21 @@ }, "triggers": [ { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "jenkins" + ], + "from": { + "kind": "ImageStreamTag", + "name": "jenkins:latest", + "namespace": "openshift" + }, + "lastTriggeredImage": "" + } + }, + { "type": "ConfigChange" } ], @@ -156,11 +171,6 @@ "value": "password" }, { - "name": "JENKINS_IMAGE", - "description": "Jenkins Docker image to use", - "value": "openshift/jenkins-1-centos7" - }, - { "name": "VOLUME_CAPACITY", "description": "Volume space available for data, e.g. 512Mi, 2Gi", "value": "512Mi", diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs-mongodb.json index 8760b074c..21f943da7 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs-mongodb.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs-mongodb.json @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" @@ -229,6 +232,20 @@ }, "triggers": [ { + "type": "ImageChange", + "imageChangeParams": { + "automatic": false, + "containerNames": [ + "mongodb" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "openshift", + "name": "mongodb:2.6" + } + } + }, + { "type": "ConfigChange" } ], @@ -247,7 +264,7 @@ "containers": [ { "name": "mongodb", - "image": "${MONGODB_IMAGE}", + "image": "mongodb", "ports": [ { "containerPort": 27017 @@ -336,11 +353,6 @@ "description": "Password for the database admin user", "generate": "expression", "from": "[a-zA-Z0-9]{16}" - }, - { - "name": "MONGODB_IMAGE", - "description": "Image to use for mongodb", - "value": "openshift/mongodb-24-centos7" } ] } diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs.json index e047266e3..1e301c076 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs.json @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/rails-postgresql.json index b98282528..5dcbbc729 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/rails-postgresql.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/rails-postgresql.json @@ -83,7 +83,7 @@ "from": { "kind": "ImageStreamTag", "namespace": "openshift", - "name": "ruby:2.0" + "name": "ruby:2.2" } } }, @@ -98,6 +98,9 @@ "type": "ImageChange" }, { + "type": "ConfigChange" + }, + { "type": "GitHub", "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" @@ -262,6 +265,20 @@ }, "triggers": [ { + "type": "ImageChange", + "imageChangeParams": { + "automatic": false, + "containerNames": [ + "postgresql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "openshift", + "name": "postgresql:9.4" + } + } + }, + { "type": "ConfigChange" } ], @@ -280,7 +297,7 @@ "containers": [ { "name": "postgresql", - "image": "${POSTGRESQL_IMAGE}", + "image": "postgresql", "ports": [ { "containerPort": 5432 @@ -384,14 +401,9 @@ "value": "root" }, { - "name": "POSTGRESQL_IMAGE", - "description": "Image to use for postgresql", - "value": "openshift/postgresql-92-centos7" - }, - { "name": "POSTGRESQL_MAX_CONNECTIONS", "description": "database max connections", - "value": "10" + "value": "100" }, { "name": "POSTGRESQL_SHARED_BUFFERS", diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 29e7eb532..110556b4a 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -14,7 +14,10 @@ hostname: "{{ openshift_hostname | default(none) }}" public_hostname: "{{ openshift_public_hostname | default(none) }}" deployment_type: "{{ openshift_deployment_type }}" - dns_ip: "{{ openshift_dns_ip | default(openshift_master_cluster_vip | default(None, true), true) }}" + # TODO: Replace this with a lookup or filter plugin. + dns_ip: "{{ openshift_dns_ip + | default(openshift_master_cluster_vip + | default(None if openshift.common.version_greater_than_3_1_or_1_1 | bool else openshift_node_first_master_ip | default(None, true), true), true) }}" - role: node local_facts: annotations: "{{ openshift_node_annotations | default(none) }}" diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index 8cabe5431..dc88cb1ad 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -752,8 +752,8 @@ def install(ctx, force): check_hosts_config(oo_cfg, ctx.obj['unattended']) - click.echo('Gathering information from hosts...') print_installation_summary(oo_cfg.hosts) + click.echo('Gathering information from hosts...') callback_facts, error = openshift_ansible.default_facts(oo_cfg.hosts, verbose) if error: diff --git a/utils/src/ooinstall/oo_config.py b/utils/src/ooinstall/oo_config.py index 1be85bc1d..031b82bc1 100644 --- a/utils/src/ooinstall/oo_config.py +++ b/utils/src/ooinstall/oo_config.py @@ -14,7 +14,8 @@ PERSIST_SETTINGS = [ 'variant_version', 'version', ] -REQUIRED_FACTS = ['ip', 'public_ip', 'hostname', 'public_hostname'] +DEFAULT_REQUIRED_FACTS = ['ip', 'public_ip', 'hostname', 'public_hostname'] +PRECONFIGURED_REQUIRED_FACTS = ['hostname', 'public_hostname'] class OOConfigFileError(Exception): @@ -208,7 +209,12 @@ class OOConfig(object): for host in self.hosts: missing_facts = [] - for required_fact in REQUIRED_FACTS: + if host.preconfigured: + required_facts = PRECONFIGURED_REQUIRED_FACTS + else: + required_facts = DEFAULT_REQUIRED_FACTS + + for required_fact in required_facts: if not getattr(host, required_fact): missing_facts.append(required_fact) if len(missing_facts) > 0: diff --git a/utils/src/ooinstall/openshift_ansible.py b/utils/src/ooinstall/openshift_ansible.py index 17196a813..fd2cd7fbd 100644 --- a/utils/src/ooinstall/openshift_ansible.py +++ b/utils/src/ooinstall/openshift_ansible.py @@ -157,9 +157,15 @@ def load_system_facts(inventory_file, os_facts_path, env_vars, verbose=False): status = subprocess.call(args, env=env_vars, stdout=FNULL) if not status == 0: return [], 1 - callback_facts_file = open(CFG.settings['ansible_callback_facts_yaml'], 'r') - callback_facts = yaml.load(callback_facts_file) - callback_facts_file.close() + + with open(CFG.settings['ansible_callback_facts_yaml'], 'r') as callback_facts_file: + try: + callback_facts = yaml.safe_load(callback_facts_file) + except yaml.YAMLError, exc: + print "Error in {}".format(CFG.settings['ansible_callback_facts_yaml']), exc + print "Try deleting and rerunning the atomic-openshift-installer" + sys.exit(1) + return callback_facts, 0 diff --git a/utils/test/cli_installer_tests.py b/utils/test/cli_installer_tests.py index d028bf472..1da49c807 100644 --- a/utils/test/cli_installer_tests.py +++ b/utils/test/cli_installer_tests.py @@ -225,6 +225,44 @@ hosts: master: true """ +QUICKHA_CONFIG_PRECONFIGURED_LB = """ +variant: %s +ansible_ssh_user: root +hosts: + - connect_to: 10.0.0.1 + ip: 10.0.0.1 + hostname: master-private.example.com + public_ip: 24.222.0.1 + public_hostname: master.example.com + master: true + node: true + - connect_to: 10.0.0.2 + ip: 10.0.0.2 + hostname: node1-private.example.com + public_ip: 24.222.0.2 + public_hostname: node1.example.com + master: true + node: true + - connect_to: 10.0.0.3 + ip: 10.0.0.3 + hostname: node2-private.example.com + public_ip: 24.222.0.3 + public_hostname: node2.example.com + node: true + master: true + - connect_to: 10.0.0.4 + ip: 10.0.0.4 + hostname: node3-private.example.com + public_ip: 24.222.0.4 + public_hostname: node3.example.com + node: true + - connect_to: proxy-private.example.com + hostname: proxy-private.example.com + public_hostname: proxy.example.com + master_lb: true + preconfigured: true +""" + class UnattendedCliTests(OOCliFixture): def setUp(self): @@ -608,6 +646,25 @@ class UnattendedCliTests(OOCliFixture): # This is not a valid configuration: self.assert_result(result, 1) + #unattended with preconfigured lb + @patch('ooinstall.openshift_ansible.run_main_playbook') + @patch('ooinstall.openshift_ansible.load_system_facts') + def test_quick_ha_preconfigured_lb(self, load_facts_mock, run_playbook_mock): + load_facts_mock.return_value = (MOCK_FACTS_QUICKHA, 0) + run_playbook_mock.return_value = 0 + + config_file = self.write_config(os.path.join(self.work_dir, + 'ooinstall.conf'), QUICKHA_CONFIG_PRECONFIGURED_LB % 'openshift-enterprise') + + self.cli_args.extend(["-c", config_file, "install"]) + result = self.runner.invoke(cli.cli, self.cli_args) + self.assert_result(result, 0) + + # Make sure we ran on the expected masters and nodes: + hosts = run_playbook_mock.call_args[0][0] + hosts_to_run_on = run_playbook_mock.call_args[0][1] + self.assertEquals(5, len(hosts)) + self.assertEquals(5, len(hosts_to_run_on)) class AttendedCliTests(OOCliFixture): |