summaryrefslogtreecommitdiffstats
path: root/roles/openshift_master
diff options
context:
space:
mode:
Diffstat (limited to 'roles/openshift_master')
-rw-r--r--roles/openshift_master/tasks/main.yml25
-rw-r--r--roles/openshift_master/templates/master.yaml.v1.j229
2 files changed, 37 insertions, 17 deletions
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 23f8b4649..da0a663ec 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -8,6 +8,15 @@
- openshift_master_oauth_grant_method in openshift_master_valid_grant_methods
when: openshift_master_oauth_grant_method is defined
+- name: Install OpenShift Master package
+ yum: pkg=openshift-master state=present
+ register: install_result
+
+# TODO: Is this necessary or was this a workaround for an old bug in packaging?
+- name: Reload systemd units
+ command: systemctl daemon-reload
+ when: install_result | changed
+
- name: Set master OpenShift facts
openshift_facts:
role: master
@@ -51,14 +60,6 @@
domain: cluster.local
when: openshift.master.embedded_dns
-- name: Install OpenShift Master package
- yum: pkg=openshift-master state=present
- register: install_result
-
-- name: Reload systemd units
- command: systemctl daemon-reload
- when: install_result | changed
-
- name: Create config parent directory if it doesn't exist
file:
path: "{{ openshift_master_config_dir }}"
@@ -130,7 +131,7 @@
- name: Create the OpenShift client config dir(s)
file:
- path: "~{{ item }}/.config/openshift"
+ path: "~{{ item }}/.kube"
state: directory
mode: 0700
owner: "{{ item }}"
@@ -142,16 +143,16 @@
# TODO: Update this file if the contents of the source file are not present in
# the dest file, will need to make sure to ignore things that could be added
- name: Copy the OpenShift admin client config(s)
- command: cp {{ openshift_master_config_dir }}/admin.kubeconfig ~{{ item }}/.config/openshift/.config
+ command: cp {{ openshift_master_config_dir }}/admin.kubeconfig ~{{ item }}/.kube/config
args:
- creates: ~{{ item }}/.config/openshift/.config
+ creates: ~{{ item }}/.kube/config
with_items:
- root
- "{{ ansible_ssh_user }}"
- name: Update the permissions on the OpenShift admin client config(s)
file:
- path: "~{{ item }}/.config/openshift/.config"
+ path: "~{{ item }}/.kube/config"
state: file
mode: 0700
owner: "{{ item }}"
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index 1c2d37b63..9df07e925 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -1,3 +1,6 @@
+apiLevels:
+- v1beta3
+- v1
apiVersion: v1
assetConfig:
logoutURL: ""
@@ -8,6 +11,8 @@ assetConfig:
certFile: master.server.crt
clientCA: ""
keyFile: master.server.key
+ maxRequestsInFlight: 0
+ requestTimeoutSeconds: 0
corsAllowedOrigins:
{# TODO: add support for user specified corsAllowedOrigins #}
{% for origin in ['127.0.0.1', 'localhost', openshift.common.hostname, openshift.common.ip, openshift.common.public_hostname, openshift.common.public_ip] %}
@@ -43,9 +48,9 @@ etcdConfig:
{% endif %}
etcdStorageConfig:
kubernetesStoragePrefix: kubernetes.io
- kubernetesStorageVersion: v1beta3
- kubernetesStoragePrefix: kubernetes.io
- openShiftStorageVersion: v1beta3
+ kubernetesStorageVersion: v1
+ openShiftStoragePrefix: openshift.io
+ openShiftStorageVersion: v1
imageConfig:
format: {{ openshift.master.registry_url }}
latest: false
@@ -58,18 +63,24 @@ kubeletClientInfo:
port: 10250
{% if openshift.master.embedded_kube %}
kubernetesMasterConfig:
+ apiLevels:
+ - v1beta3
+ - v1
+ apiServerArguments: null
+ controllerArguments: null
{# TODO: support overriding masterCount #}
masterCount: 1
masterIP: ""
+ podEvictionTimeout: ""
schedulerConfigFile: {{ openshift_master_scheduler_conf }}
+ servicesNodePortRange: ""
servicesSubnet: {{ openshift.master.portal_net }}
staticNodeNames: {{ openshift_node_ips | default([], true) }}
{% endif %}
masterClients:
{# TODO: allow user to set externalKubernetesKubeConfig #}
- deployerKubeConfig: openshift-deployer.kubeconfig
externalKubernetesKubeConfig: ""
- openshiftLoopbackKubeConfig: openshift-client.kubeconfig
+ openshiftLoopbackKubeConfig: openshift-master.kubeconfig
masterPublicURL: {{ openshift.master.public_api_url }}
networkConfig:
clusterNetworkCIDR: {{ openshift.master.sdn_cluster_network_cidr }}
@@ -78,16 +89,22 @@ networkConfig:
{% include 'v1_partials/oauthConfig.j2' %}
policyConfig:
bootstrapPolicyFile: {{ openshift_master_policy }}
+ openshiftInfrastructureNamespace: openshift-infra
openshiftSharedResourcesNamespace: openshift
{# TODO: Allow users to override projectConfig items #}
projectConfig:
defaultNodeSelector: ""
projectRequestMessage: ""
projectRequestTemplate: ""
+ securityAllocator:
+ mcsAllocatorRange: s0:/2
+ mcsLabelsPerProject: 5
+ uidAllocatorRange: 1000000000-1999999999/10000
serviceAccountConfig:
managedNames:
- default
- builder
+ - deployer
privateKeyFile: serviceaccounts.private.key
publicKeyFiles:
- serviceaccounts.public.key
@@ -96,3 +113,5 @@ servingInfo:
certFile: master.server.crt
clientCA: ca.crt
keyFile: master.server.key
+ maxRequestsInFlight: 0
+ requestTimeoutSeconds: 0