diff options
Diffstat (limited to 'roles/openshift_node/tasks')
-rw-r--r-- | roles/openshift_node/tasks/main.yml | 16 | ||||
-rw-r--r-- | roles/openshift_node/tasks/storage_plugins/nfs.yml | 8 | ||||
-rw-r--r-- | roles/openshift_node/tasks/systemd_units.yml | 23 |
3 files changed, 35 insertions, 12 deletions
diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 9c71af6d9..f49e97745 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -55,11 +55,11 @@ - name: Install the systemd units include: systemd_units.yml -- name: Reload systemd units - command: systemctl daemon-reload - when: openshift.common.is_containerized | bool and (install_node_result | changed or install_ovs_sysconfig | changed or install_node_dep_result | changed) - notify: - - restart node +# The atomic-openshift-node service will set this parameter on +# startup, but if the network service is restarted this setting is +# lost. Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1372388 +- name: Persist net.ipv4.ip_forward sysctl entry + sysctl: name="net.ipv4.ip_forward" value=1 sysctl_set=yes state=present reload=yes - name: Start and enable openvswitch docker service service: name=openvswitch.service enabled=yes state=started @@ -89,10 +89,10 @@ create: true with_items: - regex: '^AWS_ACCESS_KEY_ID=' - line: "AWS_ACCESS_KEY_ID={{ openshift.cloudprovider.aws.access_key }}" + line: "AWS_ACCESS_KEY_ID={{ openshift_cloudprovider_aws_access_key }}" - regex: '^AWS_SECRET_ACCESS_KEY=' - line: "AWS_SECRET_ACCESS_KEY={{ openshift.cloudprovider.aws.secret_key }}" - when: "'cloudprovider' in openshift and 'aws' in openshift.cloudprovider and 'kind' in openshift.cloudprovider and openshift.cloudprovider.kind == 'aws' and 'access_key' in openshift.cloudprovider.aws and 'secret_key' in openshift.cloudprovider.aws" + line: "AWS_SECRET_ACCESS_KEY={{ openshift_cloudprovider_aws_secret_key }}" + when: "openshift_cloudprovider_kind is defined and openshift_cloudprovider_kind == 'aws' and openshift_cloudprovider_aws_access_key is defined and openshift_cloudprovider_aws_secret_key is defined" notify: - restart node diff --git a/roles/openshift_node/tasks/storage_plugins/nfs.yml b/roles/openshift_node/tasks/storage_plugins/nfs.yml index e384c1bd7..22b539d16 100644 --- a/roles/openshift_node/tasks/storage_plugins/nfs.yml +++ b/roles/openshift_node/tasks/storage_plugins/nfs.yml @@ -17,16 +17,16 @@ persistent: yes when: ansible_selinux and ansible_selinux.status == "enabled" and virt_use_nfs_output.rc == 0 -- name: Check for existence of virt_sandbox_use_nfs seboolean +- name: Check for existence of virt_sandbox_use_nfs seboolean (RHEL) command: getsebool virt_sandbox_use_nfs register: virt_sandbox_use_nfs_output - when: ansible_selinux and ansible_selinux.status == "enabled" + when: ansible_distribution != "Fedora" and ansible_selinux and ansible_selinux.status == "enabled" failed_when: false changed_when: false -- name: Set seboolean to allow nfs storage plugin access from containers(sandbox) +- name: Set seboolean to allow nfs storage plugin access from containers(sandbox) (RHEL) seboolean: name: virt_sandbox_use_nfs state: yes persistent: yes - when: ansible_selinux and ansible_selinux.status == "enabled" and virt_sandbox_use_nfs_output.rc == 0 + when: ansible_distribution != "Fedora" and ansible_selinux and ansible_selinux.status == "enabled" and virt_sandbox_use_nfs_output.rc == 0 diff --git a/roles/openshift_node/tasks/systemd_units.yml b/roles/openshift_node/tasks/systemd_units.yml index 39e5386d4..38dc98c07 100644 --- a/roles/openshift_node/tasks/systemd_units.yml +++ b/roles/openshift_node/tasks/systemd_units.yml @@ -47,3 +47,26 @@ line: "IMAGE_VERSION={{ openshift_image_tag }}" notify: - restart node + +- name: Configure Proxy Settings + lineinfile: + dest: /etc/sysconfig/{{ openshift.common.service_type }}-node + regexp: "{{ item.regex }}" + line: "{{ item.line }}" + create: true + with_items: + - regex: '^HTTP_PROXY=' + line: "HTTP_PROXY={{ openshift.common.http_proxy }}" + - regex: '^HTTPS_PROXY=' + line: "HTTPS_PROXY={{ openshift.common.https_proxy }}" + - regex: '^NO_PROXY=' + line: "NO_PROXY={{ openshift.common.no_proxy | join(',') }}" + when: "{{ openshift.common.http_proxy is defined and openshift.common.http_proxy != '' }}" + notify: + - restart node + +- name: Reload systemd units + command: systemctl daemon-reload + when: openshift.common.is_containerized | bool and (install_node_result | changed or install_ovs_sysconfig | changed or install_node_dep_result | changed) + notify: + - restart node |