diff options
Diffstat (limited to 'roles')
95 files changed, 993 insertions, 350 deletions
diff --git a/roles/cockpit/tasks/main.yml b/roles/cockpit/tasks/main.yml index 681029332..1975b92e6 100644 --- a/roles/cockpit/tasks/main.yml +++ b/roles/cockpit/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Install cockpit-ws - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" + package: name={{ item }} state=present with_items: - cockpit-ws - cockpit-shell diff --git a/roles/dns/tasks/main.yml b/roles/dns/tasks/main.yml index 57a7e6269..2abe0d9dd 100644 --- a/roles/dns/tasks/main.yml +++ b/roles/dns/tasks/main.yml @@ -1,5 +1,6 @@ +--- - name: Install Bind - action: "{{ ansible_pkg_mgr }} name=bind" + package: name=bind state=present when: not openshift.common.is_containerized | bool - name: Create docker build dir diff --git a/roles/docker/README.md b/roles/docker/README.md index 6b5ee4421..1f0d94da0 100644 --- a/roles/docker/README.md +++ b/roles/docker/README.md @@ -17,7 +17,7 @@ docker_udev_workaround: raises udevd timeout to 5 minutes (https://bugzilla.redh Dependencies ------------ -None +Depends on the os_firewall role. Example Playbook ---------------- diff --git a/roles/docker/meta/main.yml b/roles/docker/meta/main.yml index 6e2c98601..3d362158d 100644 --- a/roles/docker/meta/main.yml +++ b/roles/docker/meta/main.yml @@ -9,4 +9,6 @@ galaxy_info: - name: EL versions: - 7 -dependencies: [] +dependencies: + - role: os_firewall + os_firewall_use_firewalld: False diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 7147aa2d4..a2b18baa1 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -1,7 +1,4 @@ --- -- stat: path=/etc/sysconfig/docker-storage - register: docker_storage_check - - name: Get current installed Docker version command: "{{ repoquery_cmd }} --installed --qf '%{version}' docker" when: not openshift.common.is_atomic | bool @@ -43,18 +40,19 @@ # Make sure Docker is installed, but does not update a running version. # Docker upgrades are handled by a separate playbook. - name: Install Docker - action: "{{ ansible_pkg_mgr }} name=docker{{ '-' + docker_version if docker_version is defined else '' }} state=present" + package: name=docker{{ '-' + docker_version if docker_version is defined else '' }} state=present when: not openshift.common.is_atomic | bool -- name: Start the Docker service - service: - name: docker - enabled: yes - state: started - register: start_result +- name: Ensure docker.service.d directory exists + file: + path: "{{ docker_systemd_dir }}" + state: directory -- set_fact: - docker_service_status_changed: start_result | changed +# Extend the default Docker service unit file +- name: Configure Docker service unit file + template: + dest: "{{ docker_systemd_dir }}/custom.conf" + src: custom.conf.j2 - include: udev_workaround.yml when: docker_udev_workaround | default(False) | bool @@ -113,4 +111,15 @@ notify: - restart docker +- name: Start the Docker service + systemd: + name: docker + enabled: yes + state: started + daemon_reload: yes + register: start_result + +- set_fact: + docker_service_status_changed: start_result | changed + - meta: flush_handlers diff --git a/roles/docker/templates/custom.conf.j2 b/roles/docker/templates/custom.conf.j2 new file mode 100644 index 000000000..53ed56abc --- /dev/null +++ b/roles/docker/templates/custom.conf.j2 @@ -0,0 +1,5 @@ +# {{ ansible_managed }} + +[Unit] +Requires=iptables.service +After=iptables.service diff --git a/roles/docker/vars/main.yml b/roles/docker/vars/main.yml index f81f99e2b..5237ed8f2 100644 --- a/roles/docker/vars/main.yml +++ b/roles/docker/vars/main.yml @@ -1,2 +1,3 @@ --- udevw_udevd_dir: /etc/systemd/system/systemd-udevd.service.d +docker_systemd_dir: /etc/systemd/system/docker.service.d diff --git a/roles/etcd/etcdctl.sh b/roles/etcd/etcdctl.sh new file mode 100644 index 000000000..0e324a8a9 --- /dev/null +++ b/roles/etcd/etcdctl.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Sets up handy aliases for etcd, need etcdctl2 and etcdctl3 because +# command flags are different between the two. Should work on stand +# alone etcd hosts and master + etcd hosts too because we use the peer keys. +etcdctl2() { + /usr/bin/etcdctl --cert-file /etc/etcd/peer.crt --key-file /etc/etcd/peer.key --ca-file /etc/etcd/ca.crt -C https://`hostname`:2379 ${@} +} + +etcdctl3() { + ETCDCTL_API=3 /usr/bin/etcdctl --cert /etc/etcd/peer.crt --key /etc/etcd/peer.key --cacert /etc/etcd/ca.crt --endpoints https://`hostname`:2379 ${@} +} diff --git a/roles/etcd/files/etcdctl.sh b/roles/etcd/files/etcdctl.sh new file mode 100644 index 000000000..0e324a8a9 --- /dev/null +++ b/roles/etcd/files/etcdctl.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Sets up handy aliases for etcd, need etcdctl2 and etcdctl3 because +# command flags are different between the two. Should work on stand +# alone etcd hosts and master + etcd hosts too because we use the peer keys. +etcdctl2() { + /usr/bin/etcdctl --cert-file /etc/etcd/peer.crt --key-file /etc/etcd/peer.key --ca-file /etc/etcd/ca.crt -C https://`hostname`:2379 ${@} +} + +etcdctl3() { + ETCDCTL_API=3 /usr/bin/etcdctl --cert /etc/etcd/peer.crt --key /etc/etcd/peer.key --cacert /etc/etcd/ca.crt --endpoints https://`hostname`:2379 ${@} +} diff --git a/roles/etcd/tasks/etcdctl.yml b/roles/etcd/tasks/etcdctl.yml new file mode 100644 index 000000000..bb6fabf64 --- /dev/null +++ b/roles/etcd/tasks/etcdctl.yml @@ -0,0 +1,12 @@ +--- +- name: Install etcd for etcdctl + package: name=etcd state=present + when: not openshift.common.is_atomic | bool + +- name: Configure etcd profile.d alises + copy: + src: etcdctl.sh + dest: /etc/profile.d/etcdctl.sh + mode: 0755 + owner: root + group: root diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml index 2bc6a8678..7b61e9b73 100644 --- a/roles/etcd/tasks/main.yml +++ b/roles/etcd/tasks/main.yml @@ -7,7 +7,7 @@ etcd_ip: "{{ etcd_ip }}" - name: Install etcd - action: "{{ ansible_pkg_mgr }} name=etcd state=present" + package: name=etcd state=present when: not etcd_is_containerized | bool - name: Pull etcd container @@ -74,5 +74,8 @@ enabled: yes register: start_result +- include: etcdctl.yml + when: openshift_etcd_etcdctl_profile | default(true) | bool + - set_fact: etcd_service_status_changed: "{{ start_result | changed }}" diff --git a/roles/etcd_ca/tasks/main.yml b/roles/etcd_ca/tasks/main.yml index 4e68bc962..c4d5efa14 100644 --- a/roles/etcd_ca/tasks/main.yml +++ b/roles/etcd_ca/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Install openssl - action: "{{ ansible_pkg_mgr }} name=openssl state=present" + package: name=openssl state=present when: not etcd_is_atomic | bool delegate_to: "{{ etcd_ca_host }}" run_once: true diff --git a/roles/etcd_common/defaults/main.yml b/roles/etcd_common/defaults/main.yml index 1ff1d6ef8..93633e3e6 100644 --- a/roles/etcd_common/defaults/main.yml +++ b/roles/etcd_common/defaults/main.yml @@ -25,7 +25,7 @@ etcd_ca_new_certs_dir: "{{ etcd_ca_dir }}/certs" etcd_ca_db: "{{ etcd_ca_dir }}/index.txt" etcd_ca_serial: "{{ etcd_ca_dir }}/serial" etcd_ca_crl_number: "{{ etcd_ca_dir }}/crlnumber" -etcd_ca_default_days: 365 +etcd_ca_default_days: 1825 # etcd server & certificate vars etcd_hostname: "{{ inventory_hostname }}" diff --git a/roles/etcd_server_certificates/tasks/main.yml b/roles/etcd_server_certificates/tasks/main.yml index d66a0a7bf..b0fd117ed 100644 --- a/roles/etcd_server_certificates/tasks/main.yml +++ b/roles/etcd_server_certificates/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Install etcd - action: "{{ ansible_pkg_mgr }} name=etcd state=present" + package: name=etcd state=present when: not etcd_is_containerized | bool - name: Check status of etcd certificates diff --git a/roles/flannel/tasks/main.yml b/roles/flannel/tasks/main.yml index 6b6dfb423..a51455bae 100644 --- a/roles/flannel/tasks/main.yml +++ b/roles/flannel/tasks/main.yml @@ -1,24 +1,21 @@ --- - name: Install flannel become: yes - action: "{{ ansible_pkg_mgr }} name=flannel state=present" - when: not openshift.common.is_containerized | bool + package: name=flannel state=present + when: not openshift.common.is_atomic | bool -- name: Set flannel etcd url +- name: Set flannel etcd options become: yes lineinfile: dest: /etc/sysconfig/flanneld backrefs: yes - regexp: "^(FLANNEL_ETCD=)" - line: '\1{{ etcd_hosts|join(",") }}' - -- name: Set flannel etcd key - become: yes - lineinfile: - dest: /etc/sysconfig/flanneld - backrefs: yes - regexp: "^(FLANNEL_ETCD_KEY=)" - line: '\1{{ flannel_etcd_key }}' + regexp: "{{ item.regexp }}" + line: "{{ item.line }}" + with_items: + - { regexp: "^(FLANNEL_ETCD=)", line: '\1{{ etcd_hosts|join(",") }}' } + - { regexp: "^(FLANNEL_ETCD_ENDPOINTS=)", line: '\1{{ etcd_hosts|join(",") }}' } + - { regexp: "^(FLANNEL_ETCD_KEY=)", line: '\1{{ flannel_etcd_key }}' } + - { regexp: "^(FLANNEL_ETCD_PREFIX=)", line: '\1{{ flannel_etcd_key }}' } - name: Set flannel options become: yes diff --git a/roles/kube_nfs_volumes/tasks/main.yml b/roles/kube_nfs_volumes/tasks/main.yml index 5eff30f6f..67f709c8c 100644 --- a/roles/kube_nfs_volumes/tasks/main.yml +++ b/roles/kube_nfs_volumes/tasks/main.yml @@ -4,7 +4,10 @@ when: openshift.common.is_atomic | bool - name: Install pyparted (RedHat/Fedora) - action: "{{ ansible_pkg_mgr }} name=pyparted,python-httplib2 state=present" + package: name={{ item }} state=present + with_items: + - pyparted + - python-httplib2 when: not openshift.common.is_containerized | bool - name: partition the drives diff --git a/roles/kube_nfs_volumes/tasks/nfs.yml b/roles/kube_nfs_volumes/tasks/nfs.yml index 474ec69e5..ebd3d349a 100644 --- a/roles/kube_nfs_volumes/tasks/nfs.yml +++ b/roles/kube_nfs_volumes/tasks/nfs.yml @@ -1,6 +1,6 @@ --- - name: Install NFS server - action: "{{ ansible_pkg_mgr }} name=nfs-utils state=present" + package: name=nfs-utils state=present when: not openshift.common.is_containerized | bool - name: Start rpcbind on Fedora/Red Hat diff --git a/roles/nickhammond.logrotate/tasks/main.yml b/roles/nickhammond.logrotate/tasks/main.yml index 1979c851f..657cb10ec 100644 --- a/roles/nickhammond.logrotate/tasks/main.yml +++ b/roles/nickhammond.logrotate/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: nickhammond.logrotate | Install logrotate - action: "{{ ansible_pkg_mgr }} name=logrotate state=present" + package: name=logrotate state=present when: not openshift.common.is_atomic | bool - name: nickhammond.logrotate | Setup logrotate.d scripts diff --git a/roles/nuage_ca/tasks/main.yaml b/roles/nuage_ca/tasks/main.yaml index 9cfa40b8a..8d73e6840 100644 --- a/roles/nuage_ca/tasks/main.yaml +++ b/roles/nuage_ca/tasks/main.yaml @@ -1,6 +1,6 @@ --- - name: Install openssl - action: "{{ ansible_pkg_mgr }} name=openssl state=present" + package: name=openssl state=present when: not openshift.common.is_atomic | bool - name: Create CA directory @@ -41,6 +41,6 @@ delegate_to: "{{ nuage_ca_master }}" - name: Copy SSL config file - copy: src=openssl.cnf dest="{{ nuage_ca_dir }}/openssl.cnf" + copy: src=openssl.cnf dest="{{ nuage_ca_dir }}/openssl.cnf" run_once: true delegate_to: "{{ nuage_ca_master }}" diff --git a/roles/nuage_node/handlers/main.yaml b/roles/nuage_node/handlers/main.yaml index 5f2b97ae2..fd06d9025 100644 --- a/roles/nuage_node/handlers/main.yaml +++ b/roles/nuage_node/handlers/main.yaml @@ -6,3 +6,7 @@ - name: restart node become: yes service: name={{ openshift.common.service_type }}-node state=restarted + +- name: save iptable rules + become: yes + command: iptables-save diff --git a/roles/nuage_node/meta/main.yml b/roles/nuage_node/meta/main.yml index 9f84eacf6..a6fbcba61 100644 --- a/roles/nuage_node/meta/main.yml +++ b/roles/nuage_node/meta/main.yml @@ -13,8 +13,11 @@ galaxy_info: - cloud - system dependencies: -- role: nuage_ca -- role: os_firewall - os_firewall_allow: - - service: vxlan - port: 4789/udp + - role: nuage_common + - role: nuage_ca + - role: os_firewall + os_firewall_allow: + - service: vxlan + port: 4789/udp + - service: nuage-monitor + port: "{{ nuage_mon_rest_server_port }}/tcp" diff --git a/roles/nuage_node/tasks/iptables.yml b/roles/nuage_node/tasks/iptables.yml new file mode 100644 index 000000000..52935f075 --- /dev/null +++ b/roles/nuage_node/tasks/iptables.yml @@ -0,0 +1,17 @@ +--- +- name: IPtables | Get iptables rules + command: iptables -L --wait + register: iptablesrules + always_run: yes + +- name: Allow traffic from overlay to underlay + command: /sbin/iptables --wait -I FORWARD 1 -s {{ hostvars[groups.oo_first_master.0].openshift.master.sdn_cluster_network_cidr }} -j ACCEPT -m comment --comment "nuage-overlay-underlay" + when: "'nuage-overlay-underlay' not in iptablesrules.stdout" + notify: + - save iptable rules + +- name: Allow traffic from underlay to overlay + command: /sbin/iptables --wait -I FORWARD 1 -d {{ hostvars[groups.oo_first_master.0].openshift.master.sdn_cluster_network_cidr }} -j ACCEPT -m comment --comment "nuage-underlay-overlay" + when: "'nuage-underlay-overlay' not in iptablesrules.stdout" + notify: + - save iptable rules diff --git a/roles/nuage_node/tasks/main.yaml b/roles/nuage_node/tasks/main.yaml index 1146573d3..2ec4be2c2 100644 --- a/roles/nuage_node/tasks/main.yaml +++ b/roles/nuage_node/tasks/main.yaml @@ -37,3 +37,5 @@ notify: - restart vrs - restart node + +- include: iptables.yml diff --git a/roles/openshift_ca/tasks/main.yml b/roles/openshift_ca/tasks/main.yml index b6d403067..e2a12e5ff 100644 --- a/roles/openshift_ca/tasks/main.yml +++ b/roles/openshift_ca/tasks/main.yml @@ -8,7 +8,9 @@ when: openshift_master_ca_certificate is defined and ('certfile' not in openshift_master_ca_certificate or 'keyfile' not in openshift_master_ca_certificate) - name: Install the base package for admin tooling - action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }} state=present" + package: + name: "{{ openshift.common.service_type }}{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}" + state: present when: not openshift.common.is_containerized | bool register: install_result delegate_to: "{{ openshift_ca_host }}" diff --git a/roles/openshift_cli/tasks/main.yml b/roles/openshift_cli/tasks/main.yml index 11c73b25c..07a00189c 100644 --- a/roles/openshift_cli/tasks/main.yml +++ b/roles/openshift_cli/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Install clients - action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-clients state=present" + package: name={{ openshift.common.service_type }}-clients state=present when: not openshift.common.is_containerized | bool - name: Pull CLI Image @@ -20,5 +20,5 @@ openshift_facts: - name: Install bash completion for oc tools - action: "{{ ansible_pkg_mgr }} name=bash-completion state=present" + package: name=bash-completion state=present when: not openshift.common.is_containerized | bool diff --git a/roles/openshift_clock/tasks/main.yaml b/roles/openshift_clock/tasks/main.yaml index 5a8403f68..3911201ea 100644 --- a/roles/openshift_clock/tasks/main.yaml +++ b/roles/openshift_clock/tasks/main.yaml @@ -6,7 +6,7 @@ enabled: "{{ openshift_clock_enabled | default(None) }}" - name: Install ntp package - action: "{{ ansible_pkg_mgr }} name=ntp state=present" + package: name=ntp state=present when: openshift.clock.enabled | bool and not openshift.clock.chrony_installed | bool - name: Start and enable ntpd/chronyd diff --git a/roles/openshift_cloud_provider/tasks/aws.yml b/roles/openshift_cloud_provider/tasks/aws.yml index bf2abcbf5..127a5b392 100644 --- a/roles/openshift_cloud_provider/tasks/aws.yml +++ b/roles/openshift_cloud_provider/tasks/aws.yml @@ -1,4 +1,14 @@ -- name: Create cloud config +# Work around ini_file create option in 2.2 which defaults to no +- name: Create cloud config file + file: + dest: "{{ openshift.common.config_base }}/cloudprovider/aws.conf" + state: touch + mode: 0660 + owner: root + group: root + changed_when: false + +- name: Configure AWS cloud provider ini_file: dest: "{{ openshift.common.config_base }}/cloudprovider/aws.conf" section: Global diff --git a/roles/openshift_cloud_provider/tasks/gce.yml b/roles/openshift_cloud_provider/tasks/gce.yml new file mode 100644 index 000000000..14ad8ba94 --- /dev/null +++ b/roles/openshift_cloud_provider/tasks/gce.yml @@ -0,0 +1,16 @@ +# Work around ini_file create option in 2.2 which defaults to no +- name: Create cloud config file + file: + dest: "{{ openshift.common.config_base }}/cloudprovider/gce.conf" + state: touch + mode: 0660 + owner: root + group: root + changed_when: false + +- name: Configure GCE cloud provider + ini_file: + dest: "{{ openshift.common.config_base }}/cloudprovider/gce.conf" + section: Global + option: multizone + value: "true" diff --git a/roles/openshift_cloud_provider/tasks/main.yml b/roles/openshift_cloud_provider/tasks/main.yml index e217e37ea..ab3055c8b 100644 --- a/roles/openshift_cloud_provider/tasks/main.yml +++ b/roles/openshift_cloud_provider/tasks/main.yml @@ -16,3 +16,6 @@ - include: aws.yml when: cloudprovider_is_aws | bool + +- include: gce.yml + when: cloudprovider_is_gce | bool diff --git a/roles/openshift_cloud_provider/vars/main.yml b/roles/openshift_cloud_provider/vars/main.yml index 83bf6edc8..c9d953f58 100644 --- a/roles/openshift_cloud_provider/vars/main.yml +++ b/roles/openshift_cloud_provider/vars/main.yml @@ -2,3 +2,4 @@ has_cloudprovider: "{{ openshift_cloudprovider_kind | default(None) != None }}" cloudprovider_is_aws: "{{ has_cloudprovider | bool and openshift_cloudprovider_kind == 'aws' }}" cloudprovider_is_openstack: "{{ has_cloudprovider | bool and openshift_cloudprovider_kind == 'openstack' }}" +cloudprovider_is_gce: "{{ has_cloudprovider | bool and openshift_cloudprovider_kind == 'gce' }}" diff --git a/roles/openshift_common/tasks/main.yml b/roles/openshift_common/tasks/main.yml index 3f8ea5dce..c9a44b3f5 100644 --- a/roles/openshift_common/tasks/main.yml +++ b/roles/openshift_common/tasks/main.yml @@ -29,7 +29,9 @@ use_dnsmasq: "{{ openshift_use_dnsmasq | default(None) }}" - name: Install the base package for versioning - action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }} state=present" + package: + name: "{{ openshift.common.service_type }}{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}" + state: present when: not openshift.common.is_containerized | bool - name: Set version facts diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh index b176ce440..d8c45dbc6 100755 --- a/roles/openshift_examples/examples-sync.sh +++ b/roles/openshift_examples/examples-sync.sh @@ -9,7 +9,6 @@ XPAAS_VERSION=ose-v1.3.3 ORIGIN_VERSION=${1:-v1.4} EXAMPLES_BASE=$(pwd)/files/examples/${ORIGIN_VERSION} find ${EXAMPLES_BASE} -name '*.json' -delete -find ${EXAMPLES_BASE} -name '*.yaml' -delete -exclude registry-console.json TEMP=`mktemp -d` pushd $TEMP @@ -23,7 +22,7 @@ cp origin-master/examples/jenkins/jenkins-*template.json ${EXAMPLES_BASE}/quicks cp origin-master/examples/image-streams/* ${EXAMPLES_BASE}/image-streams/ mv application-templates-${XPAAS_VERSION}/jboss-image-streams.json ${EXAMPLES_BASE}/xpaas-streams/ find application-templates-${XPAAS_VERSION}/ -name '*.json' ! -wholename '*secret*' ! -wholename '*demo*' -exec mv {} ${EXAMPLES_BASE}/xpaas-templates/ \; -wget https://raw.githubusercontent.com/jboss-fuse/application-templates/master/fis-image-streams.json -O ${EXAMPLES_BASE}/xpaas-streams/fis-image-streams.json +wget https://raw.githubusercontent.com/jboss-fuse/application-templates/GA/fis-image-streams.json -O ${EXAMPLES_BASE}/xpaas-streams/fis-image-streams.json wget https://raw.githubusercontent.com/redhat-developer/s2i-dotnetcore/master/dotnet_imagestreams.json -O ${EXAMPLES_BASE}/image-streams/dotnet_imagestreams.json wget https://raw.githubusercontent.com/openshift/origin-metrics/master/metrics.yaml -O ${EXAMPLES_BASE}/infrastructure-templates/origin/metrics-deployer.yaml wget https://raw.githubusercontent.com/openshift/origin-metrics/enterprise/metrics.yaml -O ${EXAMPLES_BASE}/infrastructure-templates/enterprise/metrics-deployer.yaml diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json index 64b004ff4..8e43bfbc3 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json @@ -4,11 +4,16 @@ "metadata": { "name": "mariadb-ephemeral", "annotations": { - "description": "MariaDB database service, without persistent storage. WARNING: Any data stored will be lost upon pod destruction. Only use this template for testing", + "openshift.io/display-name": "MariaDB (Ephemeral)", + "description": "MariaDB database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing", "iconClass": "icon-mariadb", "tags": "database,mariadb" } }, + "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MYSQL_USER}\n Password: ${MYSQL_PASSWORD}\n Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.", + "labels": { + "template": "mariadb-persistent-template" + }, "objects": [ { "kind": "Service", @@ -177,8 +182,5 @@ "value": "sampledb", "required": true } - ], - "labels": { - "template": "mariadb-persistent-template" - } + ] } diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json index 0d5b39e81..bc85277a9 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json @@ -4,11 +4,16 @@ "metadata": { "name": "mariadb-persistent", "annotations": { - "description": "MariaDB database service, with persistent storage. Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.", + "openshift.io/display-name": "MariaDB (Persistent)", + "description": "MariaDB database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.", "iconClass": "icon-mariadb", "tags": "database,mariadb" } }, + "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MYSQL_USER}\n Password: ${MYSQL_PASSWORD}\n Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/blob/master/10.1/README.md.", + "labels": { + "template": "mariadb-persistent-template" + }, "objects": [ { "kind": "Service", @@ -201,8 +206,5 @@ "value": "1Gi", "required": true } - ], - "labels": { - "template": "mariadb-persistent-template" - } + ] } diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json index 5ed92b3ad..605601ef2 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json @@ -5,11 +5,16 @@ "name": "mongodb-ephemeral", "creationTimestamp": null, "annotations": { - "description": "MongoDB database service, without persistent storage. WARNING: Any data stored will be lost upon pod destruction. Only use this template for testing", + "openshift.io/display-name": "MongoDB (Ephemeral)", + "description": "MongoDB database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing", "iconClass": "icon-mongodb", "tags": "database,mongodb" } }, + "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MONGODB_USER}\n Password: ${MONGODB_PASSWORD}\n Database Name: ${MONGODB_DATABASE}\n Connection URL: mongodb://${MONGODB_USER}:${MONGODB_PASSWORD}@${DATABASE_SERVICE_NAME}/${MONGODB_DATABASE}\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.", + "labels": { + "template": "mongodb-ephemeral-template" + }, "objects": [ { "kind": "Service", @@ -217,9 +222,5 @@ "value": "3.2", "required": true } - ], - "labels": { - "template": "mongodb-ephemeral-template" - }, - "message": "You can connect to the database using MongoDB connection URL mongodb://${MONGODB_USER}:${MONGODB_PASSWORD}@${DATABASE_SERVICE_NAME}/${MONGODB_DATABASE}" + ] } diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json index 00d550d7d..d2a0d01f0 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json @@ -5,11 +5,16 @@ "name": "mongodb-persistent", "creationTimestamp": null, "annotations": { - "description": "MongoDB database service, with persistent storage. Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.", + "openshift.io/display-name": "MongoDB (Persistent)", + "description": "MongoDB database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.", "iconClass": "icon-mongodb", "tags": "database,mongodb" } }, + "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MONGODB_USER}\n Password: ${MONGODB_PASSWORD}\n Database Name: ${MONGODB_DATABASE}\n Connection URL: mongodb://${MONGODB_USER}:${MONGODB_PASSWORD}@${DATABASE_SERVICE_NAME}/${MONGODB_DATABASE}\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/blob/master/3.2/README.md.", + "labels": { + "template": "mongodb-persistent-template" + }, "objects": [ { "kind": "Service", @@ -241,9 +246,5 @@ "value": "3.2", "required": true } - ], - "labels": { - "template": "mongodb-persistent-template" - }, - "message": "You can connect to the database using MongoDB connection URL mongodb://${MONGODB_USER}:${MONGODB_PASSWORD}@${DATABASE_SERVICE_NAME}/${MONGODB_DATABASE}" + ] } diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json index a7c731243..0cea42f8b 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json @@ -4,11 +4,16 @@ "metadata": { "name": "mysql-ephemeral", "annotations": { - "description": "MySQL database service, without persistent storage. WARNING: Any data stored will be lost upon pod destruction. Only use this template for testing", + "openshift.io/display-name": "MySQL (Ephemeral)", + "description": "MySQL database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.6/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing", "iconClass": "icon-mysql-database", "tags": "database,mysql" } }, + "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MYSQL_USER}\n Password: ${MYSQL_PASSWORD}\n Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.6/README.md.", + "labels": { + "template": "mysql-ephemeral-template" + }, "objects": [ { "kind": "Service", @@ -205,8 +210,5 @@ "value": "5.6", "required": true } - ], - "labels": { - "template": "mysql-ephemeral-template" - } + ] } diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json index 05add25e2..fc7cd7d09 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json @@ -4,11 +4,16 @@ "metadata": { "name": "mysql-persistent", "annotations": { - "description": "MySQL database service, with persistent storage. Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.", + "openshift.io/display-name": "MySQL (Persistent)", + "description": "MySQL database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.6/README.md.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.", "iconClass": "icon-mysql-database", "tags": "database,mysql" } }, + "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${MYSQL_USER}\n Password: ${MYSQL_PASSWORD}\n Database Name: ${MYSQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:3306/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/mysql-container/blob/master/5.6/README.md.", + "labels": { + "template": "mysql-persistent-template" + }, "objects": [ { "kind": "Service", @@ -208,8 +213,5 @@ "value": "5.6", "required": true } - ], - "labels": { - "template": "mysql-persistent-template" - } + ] } diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json index 1562204e5..505224b62 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json @@ -5,11 +5,16 @@ "name": "postgresql-ephemeral", "creationTimestamp": null, "annotations": { - "description": "PostgreSQL database service, without persistent storage. WARNING: Any data stored will be lost upon pod destruction. Only use this template for testing", + "openshift.io/display-name": "PostgreSQL (Ephemeral)", + "description": "PostgreSQL database service, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing", "iconClass": "icon-postgresql", "tags": "database,postgresql" } }, + "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${POSTGRESQL_USER}\n Password: ${POSTGRESQL_PASSWORD}\n Database Name: ${POSTGRESQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:5432/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.", + "labels": { + "template": "postgresql-ephemeral-template" + }, "objects": [ { "kind": "Service", @@ -205,8 +210,5 @@ "value": "9.5", "required": true } - ], - "labels": { - "template": "postgresql-ephemeral-template" - } + ] } diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json index fd2b6a0fb..7ff49782b 100644 --- a/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json @@ -5,11 +5,16 @@ "name": "postgresql-persistent", "creationTimestamp": null, "annotations": { - "description": "PostgreSQL database service, with persistent storage. Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.", + "openshift.io/display-name": "PostgreSQL (Persistent)", + "description": "PostgreSQL database service, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.\n\nNOTE: Scaling to more than one replica is not supported. You must have persistent volumes available in your cluster to use this template.", "iconClass": "icon-postgresql", "tags": "database,postgresql" } }, + "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Username: ${POSTGRESQL_USER}\n Password: ${POSTGRESQL_PASSWORD}\n Database Name: ${POSTGRESQL_DATABASE}\n Connection URL: mysql://${DATABASE_SERVICE_NAME}:5432/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/blob/master/9.5.", + "labels": { + "template": "postgresql-persistent-template" + }, "objects": [ { "kind": "Service", @@ -229,8 +234,5 @@ "value": "9.5", "required": true } - ], - "labels": { - "template": "postgresql-persistent-template" - } + ] } diff --git a/roles/openshift_examples/files/examples/v1.4/image-streams/dotnet_imagestreams.json b/roles/openshift_examples/files/examples/v1.4/image-streams/dotnet_imagestreams.json index 6cbf81591..a65d35c2e 100644 --- a/roles/openshift_examples/files/examples/v1.4/image-streams/dotnet_imagestreams.json +++ b/roles/openshift_examples/files/examples/v1.4/image-streams/dotnet_imagestreams.json @@ -12,16 +12,20 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "dotnet" + "name": "dotnet", + "annotations": { + "openshift.io/display-name": ".NET Core" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": ".Net Core 1.0 S2I image.", + "openshift.io/display-name": ".NET Core (Latest)", + "description": "Build and run .NET Core applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/1.0/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of .NET Core available on OpenShift, including major versions updates.", "iconClass": "icon-dotnet", - "tags": "builder,.net,dotnet,dotnetcore,rh-dotnetcore10", + "tags": "builder,.net,dotnet,dotnetcore", "supports":"dotnet", "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore.git", "sampleContextDir": "1.0/test/asp-net-hello-world" @@ -34,7 +38,8 @@ { "name": "1.0", "annotations": { - "description": ".Net Core 1.0 S2I image.", + "openshift.io/display-name": ".NET Core 1.0", + "description": "Build and run .NET Core 1.0 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore/tree/master/1.0/README.md.", "iconClass": "icon-dotnet", "tags": "builder,.net,dotnet,dotnetcore,rh-dotnetcore10", "supports":"dotnet:1.0,dotnet", diff --git a/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-centos7.json index 386f16d26..a645de7e2 100644 --- a/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-centos7.json +++ b/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-centos7.json @@ -7,14 +7,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "ruby" + "name": "ruby", + "annotations": { + "openshift.io/display-name": "Ruby" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Build and run Ruby applications", + "openshift.io/display-name": "Ruby (Latest)", + "description": "Build and run Ruby applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.3/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Ruby available on OpenShift, including major versions updates.", "iconClass": "icon-ruby", "tags": "builder,ruby", "supports": "ruby", @@ -28,7 +32,8 @@ { "name": "2.0", "annotations": { - "description": "Build and run Ruby 2.0 applications", + "openshift.io/display-name": "Ruby 2.0", + "description": "Build and run Ruby 2.0 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.0/README.md.", "iconClass": "icon-ruby", "tags": "builder,ruby", "supports": "ruby:2.0,ruby", @@ -43,7 +48,8 @@ { "name": "2.2", "annotations": { - "description": "Build and run Ruby 2.2 applications", + "openshift.io/display-name": "Ruby 2.2", + "description": "Build and run Ruby 2.2 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.2/README.md.", "iconClass": "icon-ruby", "tags": "builder,ruby", "supports": "ruby:2.2,ruby", @@ -58,7 +64,8 @@ { "name": "2.3", "annotations": { - "description": "Build and run Ruby 2.3 applications", + "openshift.io/display-name": "Ruby 2.3", + "description": "Build and run Ruby 2.3 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/blob/master/2.3/README.md.", "iconClass": "icon-ruby", "tags": "builder,ruby", "supports": "ruby:2.3,ruby", @@ -77,14 +84,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "nodejs" + "name": "nodejs", + "annotations": { + "openshift.io/display-name": "Node.js" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Build and run NodeJS applications", + "openshift.io/display-name": "Node.js (Latest)", + "description": "Build and run Node.js applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Node.js available on OpenShift, including major versions updates.", "iconClass": "icon-nodejs", "tags": "builder,nodejs", "supports":"nodejs", @@ -98,7 +109,8 @@ { "name": "0.10", "annotations": { - "description": "Build and run NodeJS 0.10 applications", + "openshift.io/display-name": "Node.js 0.10", + "description": "Build and run Node.js 0.10 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/0.10/README.md.", "iconClass": "icon-nodejs", "tags": "builder,nodejs", "supports":"nodejs:0.10,nodejs:0.1,nodejs", @@ -113,7 +125,8 @@ { "name": "4", "annotations": { - "description": "Build and run NodeJS 4 applications", + "openshift.io/display-name": "Node.js 4", + "description": "Build and run Node.js 4 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/4/README.md.", "iconClass": "icon-nodejs", "tags": "builder,nodejs", "supports":"nodejs:4,nodejs", @@ -132,14 +145,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "perl" + "name": "perl", + "annotations": { + "openshift.io/display-name": "Perl" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Build and run Perl applications", + "openshift.io/display-name": "Perl (Latest)", + "description": "Build and run Perl applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.20/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Perl available on OpenShift, including major versions updates.", "iconClass": "icon-perl", "tags": "builder,perl", "supports":"perl", @@ -153,7 +170,8 @@ { "name": "5.16", "annotations": { - "description": "Build and run Perl 5.16 applications", + "openshift.io/display-name": "Perl 5.16", + "description": "Build and run Perl 5.16 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.16/README.md.", "iconClass": "icon-perl", "tags": "builder,perl", "supports":"perl:5.16,perl", @@ -168,7 +186,8 @@ { "name": "5.20", "annotations": { - "description": "Build and run Perl 5.20 applications", + "openshift.io/display-name": "Perl 5.20", + "description": "Build and run Perl 5.20 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.20/README.md.", "iconClass": "icon-perl", "tags": "builder,perl", "supports":"perl:5.20,perl", @@ -188,14 +207,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "php" + "name": "php", + "annotations": { + "openshift.io/display-name": "PHP" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Build and run PHP applications", + "openshift.io/display-name": "PHP (Latest)", + "description": "Build and run PHP applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.6/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of PHP available on OpenShift, including major versions updates.", "iconClass": "icon-php", "tags": "builder,php", "supports":"php", @@ -209,7 +232,8 @@ { "name": "5.5", "annotations": { - "description": "Build and run PHP 5.5 applications", + "openshift.io/display-name": "PHP 5.5", + "description": "Build and run PHP 5.5 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.5/README.md.", "iconClass": "icon-php", "tags": "builder,php", "supports":"php:5.5,php", @@ -224,7 +248,8 @@ { "name": "5.6", "annotations": { - "description": "Build and run PHP 5.6 applications", + "openshift.io/display-name": "PHP 5.6", + "description": "Build and run PHP 5.6 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.6/README.md.", "iconClass": "icon-php", "tags": "builder,php", "supports":"php:5.6,php", @@ -243,14 +268,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "python" + "name": "python", + "annotations": { + "openshift.io/display-name": "Python" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Build and run Python applications", + "openshift.io/display-name": "Python (Latest)", + "description": "Build and run Python applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.5/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Python available on OpenShift, including major versions updates.", "iconClass": "icon-python", "tags": "builder,python", "supports":"python", @@ -264,7 +293,8 @@ { "name": "3.3", "annotations": { - "description": "Build and run Python 3.3 applications", + "openshift.io/display-name": "Python 3.3", + "description": "Build and run Python 3.3 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.3/README.md.", "iconClass": "icon-python", "tags": "builder,python", "supports":"python:3.3,python", @@ -279,7 +309,8 @@ { "name": "2.7", "annotations": { - "description": "Build and run Python 2.7 applications", + "openshift.io/display-name": "Python 2.7", + "description": "Build and run Python 2.7 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/2.7/README.md.", "iconClass": "icon-python", "tags": "builder,python", "supports":"python:2.7,python", @@ -294,7 +325,8 @@ { "name": "3.4", "annotations": { - "description": "Build and run Python 3.4 applications", + "openshift.io/display-name": "Python 3.4", + "description": "Build and run Python 3.4 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.4/README.md.", "iconClass": "icon-python", "tags": "builder,python", "supports":"python:3.4,python", @@ -309,7 +341,8 @@ { "name": "3.5", "annotations": { - "description": "Build and run Python 3.5 applications", + "openshift.io/display-name": "Python 3.5", + "description": "Build and run Python 3.5 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.5/README.md.", "iconClass": "icon-python", "tags": "builder,python", "supports":"python:3.5,python", @@ -328,14 +361,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "wildfly" + "name": "wildfly", + "annotations": { + "openshift.io/display-name": "WildFly" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Build and run Java applications on Wildfly", + "openshift.io/display-name": "WildFly (Latest)", + "description": "Build and run WildFly applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/openshift-s2i/s2i-wildfly/blob/master/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of WildFly available on OpenShift, including major versions updates.", "iconClass": "icon-wildfly", "tags": "builder,wildfly,java", "supports":"jee,java", @@ -349,7 +386,8 @@ { "name": "8.1", "annotations": { - "description": "Build and run Java applications on Wildfly 8.1", + "openshift.io/display-name": "WildFly 8.1", + "description": "Build and run WildFly 8.1 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/openshift-s2i/s2i-wildfly/blob/master/README.md.", "iconClass": "icon-wildfly", "tags": "builder,wildfly,java", "supports":"wildfly:8.1,jee,java", @@ -364,7 +402,8 @@ { "name": "9.0", "annotations": { - "description": "Build and run Java applications on Wildfly 9.0", + "openshift.io/display-name": "WildFly 9.0", + "description": "Build and run WildFly 9.0 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/openshift-s2i/s2i-wildfly/blob/master/README.md.", "iconClass": "icon-wildfly", "tags": "builder,wildfly,java", "supports":"wildfly:9.0,jee,java", @@ -379,7 +418,8 @@ { "name": "10.0", "annotations": { - "description": "Build and run Java applications on Wildfly 10.0", + "openshift.io/display-name": "WildFly 10.0", + "description": "Build and run WildFly 10.0 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/openshift-s2i/s2i-wildfly/blob/master/README.md.", "iconClass": "icon-wildfly", "tags": "builder,wildfly,java", "supports":"wildfly:10.0,jee,java", @@ -394,7 +434,8 @@ { "name": "10.1", "annotations": { - "description": "Build and run Java applications on Wildfly 10.1", + "openshift.io/display-name": "WildFly 10.1", + "description": "Build and run WildFly 10.1 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/openshift-s2i/s2i-wildfly/blob/master/README.md.", "iconClass": "icon-wildfly", "tags": "builder,wildfly,java", "supports":"wildfly:10.1,jee,java", @@ -413,14 +454,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "mysql" + "name": "mysql", + "annotations": { + "openshift.io/display-name": "MySQL" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Provides a MySQL database", + "openshift.io/display-name": "MySQL (Latest)", + "description": "Provides a MySQL database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.6/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MySQL available on OpenShift, including major versions updates.", "iconClass": "icon-mysql-database", "tags": "mysql" }, @@ -432,7 +477,8 @@ { "name": "5.5", "annotations": { - "description": "Provides a MySQL v5.5 database", + "openshift.io/display-name": "MySQL 5.5", + "description": "Provides a MySQL 5.5 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.5/README.md.", "iconClass": "icon-mysql-database", "tags": "mysql", "version": "5.5" @@ -445,7 +491,8 @@ { "name": "5.6", "annotations": { - "description": "Provides a MySQL v5.6 database", + "openshift.io/display-name": "MySQL 5.6", + "description": "Provides a MySQL 5.6 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.6/README.md.", "iconClass": "icon-mysql-database", "tags": "mysql", "version": "5.6" @@ -462,14 +509,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "mariadb" + "name": "mariadb", + "annotations": { + "openshift.io/display-name": "MariaDB" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Provides a MariaDB database", + "openshift.io/display-name": "MariaDB (Latest)", + "description": "Provides a MariaDB database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.1/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MariaDB available on OpenShift, including major versions updates.", "iconClass": "icon-mariadb", "tags": "mariadb" }, @@ -481,7 +532,8 @@ { "name": "10.1", "annotations": { - "description": "Provides a MariaDB v10.1 database", + "openshift.io/display-name": "MariaDB 10.1", + "description": "Provides a MariaDB 10.1 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.1/README.md.", "iconClass": "icon-mariadb", "tags": "mariadb", "version": "10.1" @@ -498,14 +550,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "postgresql" + "name": "postgresql", + "annotations": { + "openshift.io/display-name": "PostgreSQL" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Provides a PostgreSQL database", + "openshift.io/display-name": "PostgreSQL (Latest)", + "description": "Provides a PostgreSQL database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.5.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of PostgreSQL available on OpenShift, including major versions updates.", "iconClass": "icon-postgresql", "tags": "postgresql" }, @@ -517,7 +573,8 @@ { "name": "9.2", "annotations": { - "description": "Provides a PostgreSQL v9.2 database", + "openshift.io/display-name": "PostgreSQL 9.2", + "description": "Provides a PostgreSQL 9.2 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.2.", "iconClass": "icon-postgresql", "tags": "postgresql", "version": "9.2" @@ -530,7 +587,8 @@ { "name": "9.4", "annotations": { - "description": "Provides a PostgreSQL v9.4 database", + "openshift.io/display-name": "PostgreSQL 9.4", + "description": "Provides a PostgreSQL 9.4 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.4.", "iconClass": "icon-postgresql", "tags": "postgresql", "version": "9.4" @@ -543,7 +601,8 @@ { "name": "9.5", "annotations": { - "description": "Provides a PostgreSQL v9.5 database", + "openshift.io/display-name": "PostgreSQL 9.5", + "description": "Provides a PostgreSQL 9.5 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.5.", "iconClass": "icon-postgresql", "tags": "postgresql", "version": "9.5" @@ -560,14 +619,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "mongodb" + "name": "mongodb", + "annotations": { + "openshift.io/display-name": "MongoDB" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Provides a MongoDB database", + "openshift.io/display-name": "MongoDB (Latest)", + "description": "Provides a MongoDB database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/3.2/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MongoDB available on OpenShift, including major versions updates.", "iconClass": "icon-mongodb", "tags": "mongodb" }, @@ -579,7 +642,8 @@ { "name": "2.4", "annotations": { - "description": "Provides a MongoDB v2.4 database", + "openshift.io/display-name": "MongoDB 2.4", + "description": "Provides a MongoDB 2.4 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/2.4/README.md.", "iconClass": "icon-mongodb", "tags": "mongodb", "version": "2.4" @@ -592,7 +656,8 @@ { "name": "2.6", "annotations": { - "description": "Provides a MongoDB v2.6 database", + "openshift.io/display-name": "MongoDB 2.6", + "description": "Provides a MongoDB 2.6 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/2.6/README.md.", "iconClass": "icon-mongodb", "tags": "mongodb", "version": "2.6" @@ -605,7 +670,8 @@ { "name": "3.2", "annotations": { - "description": "Provides a MongoDB v3.2 database", + "openshift.io/display-name": "MongoDB 3.2", + "description": "Provides a MongoDB 3.2 database on CentOS 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/3.2/README.md.", "iconClass": "icon-mongodb", "tags": "mongodb", "version": "3.2" @@ -622,26 +688,31 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "jenkins" + "name": "jenkins", + "annotations": { + "openshift.io/display-name": "Jenkins" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Provides a Jenkins server", + "openshift.io/display-name": "Jenkins (Latest)", + "description": "Provides a Jenkins server on CentOS 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Jenkins available on OpenShift, including major versions updates.", "iconClass": "icon-jenkins", "tags": "jenkins" }, "from": { "kind": "ImageStreamTag", - "name": "1" + "name": "2" } }, { "name": "1", "annotations": { - "description": "Provides a Jenkins server", + "openshift.io/display-name": "Jenkins 1.X", + "description": "Provides a Jenkins 1.X server on CentOS 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.", "iconClass": "icon-jenkins", "tags": "jenkins", "version": "1.x" @@ -650,6 +721,20 @@ "kind": "DockerImage", "name": "openshift/jenkins-1-centos7:latest" } + }, + { + "name": "2", + "annotations": { + "openshift.io/display-name": "Jenkins 2.X", + "description": "Provides a Jenkins v2.x server on CentOS 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.", + "iconClass": "icon-jenkins", + "tags": "jenkins", + "version": "2.x" + }, + "from": { + "kind": "DockerImage", + "name": "openshift/jenkins-2-centos7:latest" + } } ] } diff --git a/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json index 56c63263b..9b9cd236f 100644 --- a/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json +++ b/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json @@ -7,14 +7,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "ruby" + "name": "ruby", + "annotations": { + "openshift.io/display-name": "Ruby" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Build and run Ruby applications", + "openshift.io/display-name": "Ruby (Latest)", + "description": "Build and run Ruby applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.3/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Ruby available on OpenShift, including major versions updates.", "iconClass": "icon-ruby", "tags": "builder,ruby", "supports": "ruby", @@ -28,7 +32,8 @@ { "name": "2.0", "annotations": { - "description": "Build and run Ruby 2.0 applications", + "openshift.io/display-name": "Ruby 2.0", + "description": "Build and run Ruby 2.0 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.0/README.md.", "iconClass": "icon-ruby", "tags": "builder,ruby", "supports": "ruby:2.0,ruby", @@ -43,7 +48,8 @@ { "name": "2.2", "annotations": { - "description": "Build and run Ruby 2.2 applications", + "openshift.io/display-name": "Ruby 2.2", + "description": "Build and run Ruby 2.2 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/tree/master/2.2/README.md.", "iconClass": "icon-ruby", "tags": "builder,ruby", "supports": "ruby:2.2,ruby", @@ -58,7 +64,8 @@ { "name": "2.3", "annotations": { - "description": "Build and run Ruby 2.3 applications", + "openshift.io/display-name": "Ruby 2.3", + "description": "Build and run Ruby 2.3 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-ruby-container/blob/master/2.3/README.md.", "iconClass": "icon-ruby", "tags": "builder,ruby", "supports": "ruby:2.3,ruby", @@ -77,14 +84,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "nodejs" + "name": "nodejs", + "annotations": { + "openshift.io/display-name": "Node.js" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Build and run NodeJS applications", + "openshift.io/display-name": "Node.js (Latest)", + "description": "Build and run Node.js applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Node.js available on OpenShift, including major versions updates.", "iconClass": "icon-nodejs", "tags": "builder,nodejs", "supports":"nodejs", @@ -98,7 +109,8 @@ { "name": "0.10", "annotations": { - "description": "Build and run NodeJS 0.10 applications", + "openshift.io/display-name": "Node.js 0.10", + "description": "Build and run Node.js 0.10 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/0.10/README.md.", "iconClass": "icon-nodejs", "tags": "builder,nodejs", "supports":"nodejs:0.10,nodejs:0.1,nodejs", @@ -113,7 +125,8 @@ { "name": "4", "annotations": { - "description": "Build and run NodeJS 4.x applications", + "openshift.io/display-name": "Node.js 4", + "description": "Build and run Node.js 4 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/4/README.md.", "iconClass": "icon-nodejs", "tags": "builder,nodejs", "supports":"nodejs:4,nodejs", @@ -132,14 +145,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "perl" + "name": "perl", + "annotations": { + "openshift.io/display-name": "Perl" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Build and run Perl applications", + "openshift.io/display-name": "Perl (Latest)", + "description": "Build and run Perl applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.20/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Perl available on OpenShift, including major versions updates.", "iconClass": "icon-perl", "tags": "builder,perl", "supports":"perl", @@ -153,7 +170,8 @@ { "name": "5.16", "annotations": { - "description": "Build and run Perl 5.16 applications", + "openshift.io/display-name": "Perl 5.16", + "description": "Build and run Perl 5.16 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.16/README.md.", "iconClass": "icon-perl", "tags": "builder,perl", "supports":"perl:5.16,perl", @@ -168,7 +186,8 @@ { "name": "5.20", "annotations": { - "description": "Build and run Perl 5.20 applications", + "openshift.io/display-name": "Perl 5.20", + "description": "Build and run Perl 5.20 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-perl-container/blob/master/5.20/README.md.", "iconClass": "icon-perl", "tags": "builder,perl", "supports":"perl:5.20,perl", @@ -188,14 +207,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "php" + "name": "php", + "annotations": { + "openshift.io/display-name": "PHP" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Build and run PHP applications", + "openshift.io/display-name": "PHP (Latest)", + "description": "Build and run PHP applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.6/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of PHP available on OpenShift, including major versions updates.", "iconClass": "icon-php", "tags": "builder,php", "supports":"php", @@ -209,7 +232,8 @@ { "name": "5.5", "annotations": { - "description": "Build and run PHP 5.5 applications", + "openshift.io/display-name": "PHP 5.5", + "description": "Build and run PHP 5.5 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.5/README.md.", "iconClass": "icon-php", "tags": "builder,php", "supports":"php:5.5,php", @@ -224,7 +248,8 @@ { "name": "5.6", "annotations": { - "description": "Build and run PHP 5.6 applications", + "openshift.io/display-name": "PHP 5.6", + "description": "Build and run PHP 5.6 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-php-container/blob/master/5.6/README.md.", "iconClass": "icon-php", "tags": "builder,php", "supports":"php:5.6,php", @@ -243,14 +268,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "python" + "name": "python", + "annotations": { + "openshift.io/display-name": "Python" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Build and run Python applications", + "openshift.io/display-name": "Python (Latest)", + "description": "Build and run Python applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.5/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Python available on OpenShift, including major versions updates.", "iconClass": "icon-python", "tags": "builder,python", "supports":"python", @@ -264,7 +293,8 @@ { "name": "3.3", "annotations": { - "description": "Build and run Python 3.3 applications", + "openshift.io/display-name": "Python 3.3", + "description": "Build and run Python 3.3 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.3/README.md.", "iconClass": "icon-python", "tags": "builder,python", "supports":"python:3.3,python", @@ -279,7 +309,8 @@ { "name": "2.7", "annotations": { - "description": "Build and run Python 2.7 applications", + "openshift.io/display-name": "Python 2.7", + "description": "Build and run Python 2.7 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/2.7/README.md.", "iconClass": "icon-python", "tags": "builder,python", "supports":"python:2.7,python", @@ -294,7 +325,8 @@ { "name": "3.4", "annotations": { - "description": "Build and run Python 3.4 applications", + "openshift.io/display-name": "Python 3.4", + "description": "Build and run Python 3.4 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.4/README.md.", "iconClass": "icon-python", "tags": "builder,python", "supports":"python:3.4,python", @@ -309,7 +341,8 @@ { "name": "3.5", "annotations": { - "description": "Build and run Python 3.5 applications", + "openshift.io/display-name": "Python 3.5", + "description": "Build and run Python 3.5 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-python-container/blob/master/3.5/README.md.", "iconClass": "icon-python", "tags": "builder,python", "supports":"python:3.5,python", @@ -328,14 +361,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "mysql" + "name": "mysql", + "annotations": { + "openshift.io/display-name": "MySQL" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Provides a MySQL database", + "openshift.io/display-name": "MySQL (Latest)", + "description": "Provides a MySQL database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.6/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MySQL available on OpenShift, including major versions updates.", "iconClass": "icon-mysql-database", "tags": "mysql" }, @@ -347,7 +384,8 @@ { "name": "5.5", "annotations": { - "description": "Provides a MySQL v5.5 database", + "openshift.io/display-name": "MySQL 5.5", + "description": "Provides a MySQL 5.5 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.5/README.md.", "iconClass": "icon-mysql-database", "tags": "mysql", "version": "5.5" @@ -360,7 +398,8 @@ { "name": "5.6", "annotations": { - "description": "Provides a MySQL v5.6 database", + "openshift.io/display-name": "MySQL 5.6", + "description": "Provides a MySQL 5.6 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.6/README.md.", "iconClass": "icon-mysql-database", "tags": "mysql", "version": "5.6" @@ -377,14 +416,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "mariadb" + "name": "mariadb", + "annotations": { + "openshift.io/display-name": "MariaDB" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Provides a MariaDB database", + "openshift.io/display-name": "MariaDB (Latest)", + "description": "Provides a MariaDB database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.1/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MariaDB available on OpenShift, including major versions updates.", "iconClass": "icon-mariadb", "tags": "mariadb" }, @@ -396,7 +439,8 @@ { "name": "10.1", "annotations": { - "description": "Provides a MariaDB v10.1 database", + "openshift.io/display-name": "MariaDB 10.1", + "description": "Provides a MariaDB 10.1 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.1/README.md.", "iconClass": "icon-mariadb", "tags": "mariadb", "version": "10.1" @@ -413,14 +457,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "postgresql" + "name": "postgresql", + "annotations": { + "openshift.io/display-name": "PostgreSQL" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Provides a PostgreSQL database", + "openshift.io/display-name": "PostgreSQL (Latest)", + "description": "Provides a PostgreSQL database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.5.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of PostgreSQL available on OpenShift, including major versions updates.", "iconClass": "icon-postgresql", "tags": "postgresql" }, @@ -432,7 +480,8 @@ { "name": "9.2", "annotations": { - "description": "Provides a PostgreSQL v9.2 database", + "openshift.io/display-name": "PostgreSQL 9.2", + "description": "Provides a PostgreSQL 9.2 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.2.", "iconClass": "icon-postgresql", "tags": "postgresql", "version": "9.2" @@ -445,7 +494,8 @@ { "name": "9.4", "annotations": { - "description": "Provides a PostgreSQL v9.4 database", + "openshift.io/display-name": "PostgreSQL 9.4", + "description": "Provides a PostgreSQL 9.4 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.4.", "iconClass": "icon-postgresql", "tags": "postgresql", "version": "9.4" @@ -458,7 +508,8 @@ { "name": "9.5", "annotations": { - "description": "Provides a PostgreSQL v9.5 database", + "openshift.io/display-name": "PostgreSQL 9.5", + "description": "Provides a PostgreSQL 9.5 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/postgresql-container/tree/master/9.5.", "iconClass": "icon-postgresql", "tags": "postgresql", "version": "9.5" @@ -475,14 +526,18 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "mongodb" + "name": "mongodb", + "annotations": { + "openshift.io/display-name": "MongoDB" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Provides a MongoDB database", + "openshift.io/display-name": "MongoDB (Latest)", + "description": "Provides a MongoDB database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/3.2/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of MongoDB available on OpenShift, including major versions updates.", "iconClass": "icon-mongodb", "tags": "mongodb" }, @@ -494,7 +549,8 @@ { "name": "2.4", "annotations": { - "description": "Provides a MongoDB v2.4 database", + "openshift.io/display-name": "MongoDB 2.4", + "description": "Provides a MongoDB 2.4 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/2.4/README.md.", "iconClass": "icon-mongodb", "tags": "mongodb", "version": "2.4" @@ -507,7 +563,8 @@ { "name": "2.6", "annotations": { - "description": "Provides a MongoDB v2.6 database", + "openshift.io/display-name": "MongoDB 2.6", + "description": "Provides a MongoDB 2.6 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/2.6/README.md.", "iconClass": "icon-mongodb", "tags": "mongodb", "version": "2.6" @@ -520,7 +577,8 @@ { "name": "3.2", "annotations": { - "description": "Provides a MongoDB v3.2 database", + "openshift.io/display-name": "MongoDB 3.2", + "description": "Provides a MongoDB 3.2 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mongodb-container/tree/master/3.2/README.md.", "iconClass": "icon-mongodb", "tags": "mongodb", "version": "3.2" @@ -537,26 +595,31 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "jenkins" + "name": "jenkins", + "annotations": { + "openshift.io/display-name": "Jenkins" + } }, "spec": { "tags": [ { "name": "latest", "annotations": { - "description": "Provides a Jenkins server", + "openshift.io/display-name": "Jenkins (Latest)", + "description": "Provides a Jenkins server on RHEL 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Jenkins available on OpenShift, including major versions updates.", "iconClass": "icon-jenkins", "tags": "jenkins" }, "from": { "kind": "ImageStreamTag", - "name": "1" + "name": "2" } }, { "name": "1", "annotations": { - "description": "Provides a Jenkins server", + "openshift.io/display-name": "Jenkins 1.X", + "description": "Provides a Jenkins 1.X server on RHEL 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.", "iconClass": "icon-jenkins", "tags": "jenkins", "version": "1.x" @@ -565,6 +628,20 @@ "kind": "DockerImage", "name": "registry.access.redhat.com/openshift3/jenkins-1-rhel7:latest" } + }, + { + "name": "2", + "annotations": { + "openshift.io/display-name": "Jenkins 2.X", + "description": "Provides a Jenkins 2.X server on RHEL 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.", + "iconClass": "icon-jenkins", + "tags": "jenkins", + "version": "2.x" + }, + "from": { + "kind": "DockerImage", + "name": "registry.access.redhat.com/openshift3/jenkins-2-rhel7:latest" + } } ] } diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json index ab4982690..354978891 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json @@ -4,11 +4,13 @@ "metadata": { "name": "cakephp-mysql-example", "annotations": { - "description": "An example CakePHP application with a MySQL database", - "tags": "quickstart,php,cakephp,mysql", + "openshift.io/display-name": "CakePHP + MySQL (Ephemeral)", + "description": "An example CakePHP application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/cakephp-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.", + "tags": "quickstart,php,cakephp", "iconClass": "icon-php" } }, + "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/cake-ex/blob/master/README.md.", "labels": { "template": "cakephp-mysql-example" }, @@ -19,7 +21,8 @@ "metadata": { "name": "${NAME}", "annotations": { - "description": "Exposes and load balances the application pods" + "description": "Exposes and load balances the application pods", + "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]" } }, "spec": { diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json index cc7920b7d..9fc5be5e0 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json @@ -4,11 +4,13 @@ "metadata": { "name": "dancer-mysql-example", "annotations": { - "description": "An example Dancer application with a MySQL database", - "tags": "quickstart,perl,dancer,mysql", + "openshift.io/display-name": "Dancer + MySQL (Ephemeral)", + "description": "An example Dancer application with a MySQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.", + "tags": "quickstart,perl,dancer", "iconClass": "icon-perl" } }, + "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/dancer-ex/blob/master/README.md.", "labels": { "template": "dancer-mysql-example" }, @@ -19,7 +21,8 @@ "metadata": { "name": "${NAME}", "annotations": { - "description": "Exposes and load balances the application pods" + "description": "Exposes and load balances the application pods", + "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]" } }, "spec": { diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json index 7d1dea11b..590d5fd4f 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json @@ -4,11 +4,13 @@ "metadata": { "name": "django-psql-example", "annotations": { - "description": "An example Django application with a PostgreSQL database", - "tags": "quickstart,python,django,postgresql", + "openshift.io/display-name": "Django + PostgreSQL (Ephemeral)", + "description": "An example Django application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.", + "tags": "quickstart,python,django", "iconClass": "icon-python" } }, + "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/django-ex/blob/master/README.md.", "labels": { "template": "django-psql-example" }, @@ -19,7 +21,8 @@ "metadata": { "name": "${NAME}", "annotations": { - "description": "Exposes and load balances the application pods" + "description": "Exposes and load balances the application pods", + "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]" } }, "spec": { diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json index 880f0b34e..fc7423840 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json @@ -5,12 +5,13 @@ "name": "jenkins-ephemeral", "creationTimestamp": null, "annotations": { - "description": "Jenkins service, without persistent storage.\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing", + "openshift.io/display-name": "Jenkins (Ephemeral)", + "description": "Jenkins service, without persistent storage.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.", "iconClass": "icon-jenkins", "tags": "instant-app,jenkins" } }, - "message": "A Jenkins service has been created in your project. The username/password are admin/${JENKINS_PASSWORD}. The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template.", + "message": "A Jenkins service has been created in your project. Log into Jenkins with your OpenShift account. The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template.", "objects": [ { "kind": "Route", @@ -89,6 +90,7 @@ "livenessProbe": { "timeoutSeconds": 3, "initialDelaySeconds": 120, + "failureThreshold" : 30, "httpGet": { "path": "/login", "port": 8080 @@ -96,8 +98,12 @@ }, "env": [ { - "name": "JENKINS_PASSWORD", - "value": "${JENKINS_PASSWORD}" + "name": "OPENSHIFT_ENABLE_OAUTH", + "value": "${ENABLE_OAUTH}" + }, + { + "name": "OPENSHIFT_ENABLE_REDIRECT_PROMPT", + "value": "true" }, { "name": "KUBERNETES_MASTER", @@ -150,7 +156,10 @@ "kind": "ServiceAccount", "apiVersion": "v1", "metadata": { - "name": "${JENKINS_SERVICE_NAME}" + "name": "${JENKINS_SERVICE_NAME}", + "annotations": { + "serviceaccounts.openshift.io/oauth-redirectreference.jenkins": "{\"kind\":\"OAuthRedirectReference\",\"apiVersion\":\"v1\",\"reference\":{\"kind\":\"Route\",\"name\":\"${JENKINS_SERVICE_NAME}\"}}" + } } }, { @@ -236,12 +245,10 @@ "value": "jenkins-jnlp" }, { - "name": "JENKINS_PASSWORD", - "displayName": "Jenkins Password", - "description": "Password for the Jenkins 'admin' user.", - "generate": "expression", - "from": "[a-zA-Z0-9]{16}", - "required": true + "name": "ENABLE_OAUTH", + "displayName": "Enable OAuth in Jenkins", + "description": "Whether to enable OAuth OpenShift integration. If false, the static account 'admin' will be initialized with the password 'password'.", + "value": "true" }, { "name": "MEMORY_LIMIT", diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json index 3291f3594..acf59ee94 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json @@ -5,12 +5,13 @@ "name": "jenkins-persistent", "creationTimestamp": null, "annotations": { - "description": "Jenkins service, with persistent storage.\nYou must have persistent volumes available in your cluster to use this template.", + "openshift.io/display-name": "Jenkins (Persistent)", + "description": "Jenkins service, with persistent storage.\n\nNOTE: You must have persistent volumes available in your cluster to use this template.", "iconClass": "icon-jenkins", "tags": "instant-app,jenkins" } }, - "message": "A Jenkins service has been created in your project. The username/password are admin/${JENKINS_PASSWORD}. The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template.", + "message": "A Jenkins service has been created in your project. Log into Jenkins with your OpenShift account. The tutorial at https://github.com/openshift/origin/blob/master/examples/jenkins/README.md contains more information about using this template.", "objects": [ { "kind": "Route", @@ -106,6 +107,7 @@ "livenessProbe": { "timeoutSeconds": 3, "initialDelaySeconds": 120, + "failureThreshold" : 30, "httpGet": { "path": "/login", "port": 8080 @@ -113,8 +115,12 @@ }, "env": [ { - "name": "JENKINS_PASSWORD", - "value": "${JENKINS_PASSWORD}" + "name": "OPENSHIFT_ENABLE_OAUTH", + "value": "${ENABLE_OAUTH}" + }, + { + "name": "OPENSHIFT_ENABLE_REDIRECT_PROMPT", + "value": "true" }, { "name": "KUBERNETES_MASTER", @@ -167,7 +173,10 @@ "kind": "ServiceAccount", "apiVersion": "v1", "metadata": { - "name": "${JENKINS_SERVICE_NAME}" + "name": "${JENKINS_SERVICE_NAME}", + "annotations": { + "serviceaccounts.openshift.io/oauth-redirectreference.jenkins": "{\"kind\":\"OAuthRedirectReference\",\"apiVersion\":\"v1\",\"reference\":{\"kind\":\"Route\",\"name\":\"${JENKINS_SERVICE_NAME}\"}}" + } } }, { @@ -253,12 +262,10 @@ "value": "jenkins-jnlp" }, { - "name": "JENKINS_PASSWORD", - "displayName": "Jenkins Password", - "description": "Password for the Jenkins 'admin' user.", - "generate": "expression", - "from": "[a-zA-Z0-9]{16}", - "required": true + "name": "ENABLE_OAUTH", + "displayName": "Enable OAuth in Jenkins", + "description": "Whether to enable OAuth OpenShift integration. If false, the static account 'admin' will be initialized with the password 'password'.", + "value": "true" }, { "name": "MEMORY_LIMIT", diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json index 6ab4a1781..d4b4add18 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json @@ -4,11 +4,13 @@ "metadata": { "name": "nodejs-mongodb-example", "annotations": { - "description": "An example Node.js application with a MongoDB database", - "tags": "quickstart,nodejs,mongodb", + "openshift.io/display-name": "Node.js + MongoDB (Ephemeral)", + "description": "An example Node.js application with a MongoDB database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.", + "tags": "quickstart,nodejs", "iconClass": "icon-nodejs" } }, + "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/nodejs-ex/blob/master/README.md.", "labels": { "template": "nodejs-mongodb-example" }, @@ -19,7 +21,8 @@ "metadata": { "name": "${NAME}", "annotations": { - "description": "Exposes and load balances the application pods" + "description": "Exposes and load balances the application pods", + "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]" } }, "spec": { diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json index 50d60f2bb..baed15d8a 100644 --- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json +++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json @@ -4,11 +4,13 @@ "metadata": { "name": "rails-postgresql-example", "annotations": { - "description": "An example Rails application with a PostgreSQL database", - "tags": "quickstart,ruby,rails,postgresql", + "openshift.io/display-name": "Rails + PostgreSQL (Ephemeral)", + "description": "An example Rails application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing.", + "tags": "quickstart,ruby,rails", "iconClass": "icon-ruby" } }, + "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/rails-ex/blob/master/README.md.", "labels": { "template": "rails-postgresql-example" }, @@ -19,7 +21,8 @@ "metadata": { "name": "${NAME}", "annotations": { - "description": "Exposes and load balances the application pods" + "description": "Exposes and load balances the application pods", + "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]" } }, "spec": { diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-streams/fis-image-streams.json b/roles/openshift_examples/files/examples/v1.4/xpaas-streams/fis-image-streams.json index 65060cc2c..ed0e94bed 100644 --- a/roles/openshift_examples/files/examples/v1.4/xpaas-streams/fis-image-streams.json +++ b/roles/openshift_examples/files/examples/v1.4/xpaas-streams/fis-image-streams.json @@ -20,23 +20,13 @@ { "name": "1.0", "annotations": { - "description": "JBoss Fuse Integration Services 1.0 Java S2I images.", + "description": "JBoss Fuse Integration Services 6.2.1 Java S2I images.", "iconClass": "icon-jboss", "tags": "builder,jboss-fuse,java,xpaas", "supports":"jboss-fuse:6.2.1,java:8,xpaas:1.2", "version": "1.0" } - }, - { - "name": "2.0", - "annotations": { - "description": "JBoss Fuse Integration Services 2.0 Java S2I images.", - "iconClass": "icon-jboss", - "tags": "builder,jboss-fuse,java,xpaas", - "supports":"jboss-fuse:6.3.0,java:8,xpaas:1.2", - "version": "2.0" - } - } + } ] } }, @@ -52,23 +42,13 @@ { "name": "1.0", "annotations": { - "description": "JBoss Fuse Integration Services 1.0 Karaf S2I images.", + "description": "JBoss Fuse Integration Services 6.2.1 Karaf S2I images.", "iconClass": "icon-jboss", "tags": "builder,jboss-fuse,java,karaf,xpaas", "supports":"jboss-fuse:6.2.1,java:8,xpaas:1.2", "version": "1.0" } - }, - { - "name": "2.0", - "annotations": { - "description": "JBoss Fuse Integration Services 2.0 Karaf S2I images.", - "iconClass": "icon-jboss", - "tags": "builder,jboss-fuse,java,karaf,xpaas", - "supports":"jboss-fuse:6.3.0,java:8,xpaas:1.2", - "version": "2.0" - } - } + } ] } } diff --git a/roles/openshift_expand_partition/tasks/main.yml b/roles/openshift_expand_partition/tasks/main.yml index cdd813e6a..00603f4fa 100644 --- a/roles/openshift_expand_partition/tasks/main.yml +++ b/roles/openshift_expand_partition/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Ensure growpart is installed - action: "{{ ansible_pkg_mgr }} name=cloud-utils-growpart state=present" + package: name=cloud-utils-growpart state=present when: not openshift.common.is_containerized | bool - name: Determine if growpart is installed diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 0a783b164..d797eb4d3 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -7,7 +7,13 @@ """Ansible module for retrieving and setting openshift related facts""" -import ConfigParser +try: + # python2 + import ConfigParser +except ImportError: + # python3 + import configparser as ConfigParser + import copy import io import os @@ -202,9 +208,9 @@ def query_metadata(metadata_url, headers=None, expect_json=False): if info['status'] != 200: raise OpenShiftFactsMetadataUnavailableError("Metadata unavailable") if expect_json: - return module.from_json(result.read()) + return module.from_json(to_native(result.read())) else: - return [line.strip() for line in result.readlines()] + return [to_native(line.strip()) for line in result.readlines()] def walk_metadata(metadata_url, headers=None, expect_json=False): @@ -312,7 +318,7 @@ def normalize_aws_facts(metadata, facts): ): int_info = dict() var_map = {'ips': 'local-ipv4s', 'public_ips': 'public-ipv4s'} - for ips_var, int_var in var_map.iteritems(): + for ips_var, int_var in iteritems(var_map): ips = interface.get(int_var) if isinstance(ips, basestring): int_info[ips_var] = [ips] @@ -832,23 +838,29 @@ def set_version_facts_if_unset(facts): version_gte_3_1_1_or_1_1_1 = LooseVersion(version) >= LooseVersion('1.1.1') version_gte_3_2_or_1_2 = LooseVersion(version) >= LooseVersion('1.2.0') version_gte_3_3_or_1_3 = LooseVersion(version) >= LooseVersion('1.3.0') + version_gte_3_4_or_1_4 = LooseVersion(version) >= LooseVersion('1.4.0') else: version_gte_3_1_or_1_1 = LooseVersion(version) >= LooseVersion('3.0.2.905') version_gte_3_1_1_or_1_1_1 = LooseVersion(version) >= LooseVersion('3.1.1') version_gte_3_2_or_1_2 = LooseVersion(version) >= LooseVersion('3.1.1.901') version_gte_3_3_or_1_3 = LooseVersion(version) >= LooseVersion('3.3.0') + version_gte_3_4_or_1_4 = LooseVersion(version) >= LooseVersion('3.4.0') else: version_gte_3_1_or_1_1 = True version_gte_3_1_1_or_1_1_1 = True version_gte_3_2_or_1_2 = True - version_gte_3_3_or_1_3 = False + version_gte_3_3_or_1_3 = True + version_gte_3_4_or_1_4 = False facts['common']['version_gte_3_1_or_1_1'] = version_gte_3_1_or_1_1 facts['common']['version_gte_3_1_1_or_1_1_1'] = version_gte_3_1_1_or_1_1_1 facts['common']['version_gte_3_2_or_1_2'] = version_gte_3_2_or_1_2 facts['common']['version_gte_3_3_or_1_3'] = version_gte_3_3_or_1_3 + facts['common']['version_gte_3_4_or_1_4'] = version_gte_3_4_or_1_4 - if version_gte_3_3_or_1_3: + if version_gte_3_4_or_1_4: + examples_content_version = 'v1.4' + elif version_gte_3_3_or_1_3: examples_content_version = 'v1.3' elif version_gte_3_2_or_1_2: examples_content_version = 'v1.2' @@ -901,10 +913,29 @@ def set_sdn_facts_if_unset(facts, system_facts): facts['common']['sdn_network_plugin_name'] = plugin if 'master' in facts: + # set defaults for sdn_cluster_network_cidr and sdn_host_subnet_length + # these might be overridden if they exist in the master config file + sdn_cluster_network_cidr = '10.128.0.0/14' + sdn_host_subnet_length = '9' + + master_cfg_path = os.path.join(facts['common']['config_base'], + 'master/master-config.yaml') + if os.path.isfile(master_cfg_path): + with open(master_cfg_path, 'r') as master_cfg_f: + config = yaml.safe_load(master_cfg_f.read()) + + if 'networkConfig' in config: + if 'clusterNetworkCIDR' in config['networkConfig']: + sdn_cluster_network_cidr = \ + config['networkConfig']['clusterNetworkCIDR'] + if 'hostSubnetLength' in config['networkConfig']: + sdn_host_subnet_length = \ + config['networkConfig']['hostSubnetLength'] + if 'sdn_cluster_network_cidr' not in facts['master']: - facts['master']['sdn_cluster_network_cidr'] = '10.1.0.0/16' + facts['master']['sdn_cluster_network_cidr'] = sdn_cluster_network_cidr if 'sdn_host_subnet_length' not in facts['master']: - facts['master']['sdn_host_subnet_length'] = '8' + facts['master']['sdn_host_subnet_length'] = sdn_host_subnet_length if 'node' in facts and 'sdn_mtu' not in facts['node']: node_ip = facts['common']['ip'] @@ -912,7 +943,7 @@ def set_sdn_facts_if_unset(facts, system_facts): # default MTU if interface MTU cannot be detected facts['node']['sdn_mtu'] = '1450' - for val in system_facts.itervalues(): + for val in itervalues(system_facts): if isinstance(val, dict) and 'mtu' in val: mtu = val['mtu'] @@ -1060,6 +1091,7 @@ values provided as a list. Hence the gratuitous use of ['foo'] below. kubelet_args['cloud-config'] = [cloud_cfg_path + '/openstack.conf'] if facts['cloudprovider']['kind'] == 'gce': kubelet_args['cloud-provider'] = ['gce'] + kubelet_args['cloud-config'] = [cloud_cfg_path + '/gce.conf'] # Automatically add node-labels to the kubeletArguments # parameter. See BZ1359848 for additional details. @@ -1102,6 +1134,7 @@ def build_controller_args(facts): controller_args['cloud-config'] = [cloud_cfg_path + '/openstack.conf'] if facts['cloudprovider']['kind'] == 'gce': controller_args['cloud-provider'] = ['gce'] + controller_args['cloud-config'] = [cloud_cfg_path + '/gce.conf'] if controller_args != {}: facts = merge_facts({'master': {'controller_args': controller_args}}, facts, [], []) return facts @@ -1122,6 +1155,7 @@ def build_api_server_args(facts): api_server_args['cloud-config'] = [cloud_cfg_path + '/openstack.conf'] if facts['cloudprovider']['kind'] == 'gce': api_server_args['cloud-provider'] = ['gce'] + api_server_args['cloud-config'] = [cloud_cfg_path + '/gce.conf'] if api_server_args != {}: facts = merge_facts({'master': {'api_server_args': api_server_args}}, facts, [], []) return facts @@ -1206,7 +1240,7 @@ def get_openshift_version(facts): # version if 'common' in facts: if 'version' in facts['common'] and facts['common']['version'] is not None: - return facts['common']['version'] + return chomp_commit_offset(facts['common']['version']) if os.path.isfile('/usr/bin/openshift'): _, output, _ = module.run_command(['/usr/bin/openshift', 'version']) @@ -1221,7 +1255,27 @@ def get_openshift_version(facts): _, output, _ = module.run_command(['/usr/local/bin/openshift', 'version']) version = parse_openshift_version(output) - return version + return chomp_commit_offset(version) + + +def chomp_commit_offset(version): + """Chomp any "+git.foo" commit offset string from the given `version` + and return the modified version string. + +Ex: +- chomp_commit_offset(None) => None +- chomp_commit_offset(1337) => "1337" +- chomp_commit_offset("v3.4.0.15+git.derp") => "v3.4.0.15" +- chomp_commit_offset("v3.4.0.15") => "v3.4.0.15" +- chomp_commit_offset("v1.3.0+52492b4") => "v1.3.0" + """ + if version is None: + return version + else: + # Stringify, just in case it's a Number type. Split by '+' and + # return the first split. No concerns about strings without a + # '+', .split() returns an array of the original string. + return str(version).split('+')[0] def get_container_openshift_version(facts): @@ -1316,7 +1370,7 @@ def merge_facts(orig, new, additive_facts_to_overwrite, protected_facts_to_overw 'image_policy_config'] facts = dict() - for key, value in orig.iteritems(): + for key, value in iteritems(orig): # Key exists in both old and new facts. if key in new: if key in inventory_json_facts: @@ -1490,8 +1544,8 @@ def set_proxy_facts(facts): safe_get_bool(common['generate_no_proxy_hosts']): if 'no_proxy_internal_hostnames' in common: common['no_proxy'].extend(common['no_proxy_internal_hostnames'].split(',')) - common['no_proxy'].append('.' + common['dns_domain']) - # We always add ourselves no matter what + # We always add local dns domain and ourselves no matter what + common['no_proxy'].append('.' + common['dns_domain']) common['no_proxy'].append(common['hostname']) common['no_proxy'] = sort_unique(common['no_proxy']) facts['common'] = common @@ -1541,7 +1595,7 @@ def set_container_facts_if_unset(facts): cli_image = master_image node_image = 'openshift3/node' ovs_image = 'openshift3/openvswitch' - etcd_image = 'registry.access.redhat.com/rhel7/etcd' + etcd_image = 'registry.access.redhat.com/rhel7/etcd3' pod_image = 'openshift3/ose-pod' router_image = 'openshift3/ose-haproxy-router' registry_image = 'openshift3/ose-docker-registry' @@ -1551,7 +1605,7 @@ def set_container_facts_if_unset(facts): cli_image = master_image node_image = 'aep3_beta/node' ovs_image = 'aep3_beta/openvswitch' - etcd_image = 'registry.access.redhat.com/rhel7/etcd' + etcd_image = 'registry.access.redhat.com/rhel7/etcd3' pod_image = 'aep3_beta/aep-pod' router_image = 'aep3_beta/aep-haproxy-router' registry_image = 'aep3_beta/aep-docker-registry' @@ -1561,7 +1615,7 @@ def set_container_facts_if_unset(facts): cli_image = master_image node_image = 'openshift/node' ovs_image = 'openshift/openvswitch' - etcd_image = 'registry.access.redhat.com/rhel7/etcd' + etcd_image = 'registry.access.redhat.com/rhel7/etcd3' pod_image = 'openshift/origin-pod' router_image = 'openshift/origin-haproxy-router' registry_image = 'openshift/origin-docker-registry' @@ -1751,8 +1805,8 @@ class OpenShiftFacts(object): facts = set_node_schedulability(facts) facts = set_selectors(facts) facts = set_identity_providers_if_unset(facts) - facts = set_sdn_facts_if_unset(facts, self.system_facts) facts = set_deployment_facts_if_unset(facts) + facts = set_sdn_facts_if_unset(facts, self.system_facts) facts = set_container_facts_if_unset(facts) facts = build_kubelet_args(facts) facts = build_controller_args(facts) @@ -2070,7 +2124,7 @@ class OpenShiftFacts(object): facts_to_set[self.role] = facts if openshift_env != {} and openshift_env != None: - for fact, value in openshift_env.iteritems(): + for fact, value in iteritems(openshift_env): oo_env_facts = dict() current_level = oo_env_facts keys = self.split_openshift_env_fact_keys(fact, openshift_env_structures)[1:] @@ -2128,7 +2182,7 @@ class OpenShiftFacts(object): facts (dict): facts to clean """ facts_to_remove = [] - for fact, value in facts.iteritems(): + for fact, value in iteritems(facts): if isinstance(facts[fact], dict): facts[fact] = self.remove_empty_facts(facts[fact]) else: @@ -2259,6 +2313,9 @@ def main(): from ansible.module_utils.basic import * from ansible.module_utils.facts import * from ansible.module_utils.urls import * +from ansible.module_utils.six import iteritems, itervalues +from ansible.module_utils._text import to_native +from ansible.module_utils.six import b if __name__ == '__main__': main() diff --git a/roles/openshift_facts/tasks/main.yml b/roles/openshift_facts/tasks/main.yml index b0785a9e4..70cf49dd4 100644 --- a/roles/openshift_facts/tasks/main.yml +++ b/roles/openshift_facts/tasks/main.yml @@ -10,12 +10,11 @@ - set_fact: l_is_containerized: "{{ (l_is_atomic | bool) or (containerized | default(false) | bool) }}" -- name: Ensure PyYaml is installed - action: "{{ ansible_pkg_mgr }} name=PyYAML state=present" - when: not l_is_atomic | bool - -- name: Ensure yum-utils is installed - action: "{{ ansible_pkg_mgr }} name=yum-utils state=present" +- name: Ensure PyYaml and yum-utils are installed + package: name={{ item }} state=present + with_items: + - PyYAML + - yum-utils when: not l_is_atomic | bool - name: Gather Cluster facts and set is_containerized if needed @@ -38,6 +37,8 @@ no_proxy: "{{ openshift_no_proxy | default(None) }}" generate_no_proxy_hosts: "{{ openshift_generate_no_proxy_hosts | default(True) }}" no_proxy_internal_hostnames: "{{ openshift_no_proxy_internal_hostnames | default(None) }}" + sdn_network_plugin_name: "{{ os_sdn_network_plugin_name | default(None) }}" + use_openshift_sdn: "{{ openshift_use_openshift_sdn | default(None) }}" - name: Set repoquery command set_fact: diff --git a/roles/openshift_hosted_logging/tasks/deploy_logging.yaml b/roles/openshift_hosted_logging/tasks/deploy_logging.yaml index 0162d1fb0..625af9acd 100644 --- a/roles/openshift_hosted_logging/tasks/deploy_logging.yaml +++ b/roles/openshift_hosted_logging/tasks/deploy_logging.yaml @@ -40,7 +40,7 @@ - name: "Create templates for logging accounts and the deployer" command: > - {{ openshift.common.client_binary }} create + {{ openshift.common.client_binary }} create --config={{ mktemp.stdout }}/admin.kubeconfig -f {{ hosted_base }}/logging-deployer.yaml --config={{ mktemp.stdout }}/admin.kubeconfig -n logging @@ -49,28 +49,41 @@ changed_when: "'created' in logging_import_template.stdout" - name: "Process the logging accounts template" - shell: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig process logging-deployer-account-template | {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig create -f -" + shell: > + {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig + process logging-deployer-account-template | {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig create -f - register: process_deployer_accounts failed_when: process_deployer_accounts.rc == 1 and 'already exists' not in process_deployer_accounts.stderr - name: "Set permissions for logging-deployer service account" command: > - {{ openshift.common.client_binary }} adm --config={{ mktemp.stdout }}/admin.kubeconfig policy add-cluster-role-to-user oauth-editor system:serviceaccount:logging:logging-deployer + {{ openshift.common.client_binary }} adm --config={{ mktemp.stdout }}/admin.kubeconfig + policy add-cluster-role-to-user oauth-editor system:serviceaccount:logging:logging-deployer register: permiss_output failed_when: "permiss_output.rc == 1 and 'exists' not in permiss_output.stderr" - name: "Set permissions for fluentd" command: > - {{ openshift.common.client_binary }} adm policy add-scc-to-user privileged system:serviceaccount:logging:aggregated-logging-fluentd + {{ openshift.common.client_binary }} adm --config={{ mktemp.stdout }}/admin.kubeconfig + policy add-scc-to-user privileged system:serviceaccount:logging:aggregated-logging-fluentd register: fluentd_output failed_when: "fluentd_output.rc == 1 and 'exists' not in fluentd_output.stderr" - name: "Set additional permissions for fluentd" command: > - {{ openshift.common.client_binary }} adm policy add-cluster-role-to-user cluster-reader system:serviceaccount:logging:aggregated-logging-fluentd + {{ openshift.common.client_binary }} adm policy --config={{ mktemp.stdout }}/admin.kubeconfig + add-cluster-role-to-user cluster-reader system:serviceaccount:logging:aggregated-logging-fluentd register: fluentd2_output failed_when: "fluentd2_output.rc == 1 and 'exists' not in fluentd2_output.stderr" + - name: "Add rolebinding-reader to aggregated-logging-elasticsearch" + command: > + {{ openshift.common.client_binary }} adm --config={{ mktemp.stdout }}/admin.kubeconfig + policy add-cluster-role-to-user rolebinding-reader \ + system:serviceaccount:logging:aggregated-logging-elasticsearch + register: rolebinding_reader_output + failed_when: "rolebinding_reader_output == 1 and 'exists' not in rolebinding_reader_output.stderr" + - name: "Create ConfigMap for deployer parameters" command: > {{ openshift.common.client_binary}} --config={{ mktemp.stdout }}/admin.kubeconfig create configmap logging-deployer {{ deployer_cmap_params }} diff --git a/roles/openshift_hosted_templates/files/v1.4/enterprise/logging-deployer.yaml b/roles/openshift_hosted_templates/files/v1.4/enterprise/logging-deployer.yaml index 9cff9daca..ddfda1272 100644 --- a/roles/openshift_hosted_templates/files/v1.4/enterprise/logging-deployer.yaml +++ b/roles/openshift_hosted_templates/files/v1.4/enterprise/logging-deployer.yaml @@ -66,6 +66,15 @@ items: - watch - delete - update + - apiVersion: v1 + kind: ClusterRole + metadata: + name: rolebinding-reader + rules: + - resources: + - clusterrolebindings + verbs: + - get - apiVersion: v1 kind: RoleBinding @@ -88,6 +97,17 @@ items: subjects: - kind: ServiceAccount name: logging-deployer + - + apiVersion: v1 + kind: RoleBinding + metadata: + name: logging-elasticsearch-view-role + roleRef: + kind: ClusterRole + name: view + subjects: + - kind: ServiceAccount + name: aggregated-logging-elasticsearch - apiVersion: "v1" kind: "Template" diff --git a/roles/openshift_hosted_templates/files/v1.4/enterprise/metrics-deployer.yaml b/roles/openshift_hosted_templates/files/v1.4/enterprise/metrics-deployer.yaml index 1b46d6ac7..66051755c 100644 --- a/roles/openshift_hosted_templates/files/v1.4/enterprise/metrics-deployer.yaml +++ b/roles/openshift_hosted_templates/files/v1.4/enterprise/metrics-deployer.yaml @@ -62,6 +62,8 @@ objects: value: ${MASTER_URL} - name: MODE value: ${MODE} + - name: CONTINUE_ON_ERROR + value: ${CONTINUE_ON_ERROR} - name: REDEPLOY value: ${REDEPLOY} - name: IGNORE_PREFLIGHT @@ -84,6 +86,8 @@ objects: value: ${HEAPSTER_NODE_ID} - name: METRIC_RESOLUTION value: ${METRIC_RESOLUTION} + - name: STARTUP_TIMEOUT + value: ${STARTUP_TIMEOUT} dnsPolicy: ClusterFirst restartPolicy: Never serviceAccount: metrics-deployer @@ -114,6 +118,10 @@ parameters: description: "Can be set to: 'preflight' to perform validation before a deployment; 'deploy' to perform an initial deployment; 'refresh' to delete and redeploy all components but to keep persisted data and routes; 'redeploy' to delete and redeploy everything (losing all data in the process); 'validate' to re-run validations after a deployment" name: MODE value: "deploy" +- + description: "Set to true to continue even if the deployer runs into an error." + name: CONTINUE_ON_ERROR + value: "false" - description: "(Deprecated) Turns 'deploy' mode into 'redeploy' mode, deleting and redeploying everything (losing all data in the process)" name: REDEPLOY @@ -154,3 +162,7 @@ parameters: description: "How often metrics should be gathered. Defaults value of '15s' for 15 seconds" name: METRIC_RESOLUTION value: "15s" +- + description: "How long in seconds we should wait until Hawkular Metrics and Heapster starts up before attempting a restart" + name: STARTUP_TIMEOUT + value: "500" diff --git a/roles/openshift_hosted_templates/files/v1.4/origin/logging-deployer.yaml b/roles/openshift_hosted_templates/files/v1.4/origin/logging-deployer.yaml index 8b28f872f..bc8c79ca1 100644 --- a/roles/openshift_hosted_templates/files/v1.4/origin/logging-deployer.yaml +++ b/roles/openshift_hosted_templates/files/v1.4/origin/logging-deployer.yaml @@ -66,6 +66,15 @@ items: - watch - delete - update + - apiVersion: v1 + kind: ClusterRole + metadata: + name: rolebinding-reader + rules: + - resources: + - clusterrolebindings + verbs: + - get - apiVersion: v1 kind: RoleBinding @@ -88,6 +97,17 @@ items: subjects: - kind: ServiceAccount name: logging-deployer + - + apiVersion: v1 + kind: RoleBinding + metadata: + name: logging-elasticsearch-view-role + roleRef: + kind: ClusterRole + name: view + subjects: + - kind: ServiceAccount + name: aggregated-logging-elasticsearch - apiVersion: "v1" kind: "Template" diff --git a/roles/openshift_hosted_templates/files/v1.4/origin/metrics-deployer.yaml b/roles/openshift_hosted_templates/files/v1.4/origin/metrics-deployer.yaml index 5f2290419..54691572a 100644 --- a/roles/openshift_hosted_templates/files/v1.4/origin/metrics-deployer.yaml +++ b/roles/openshift_hosted_templates/files/v1.4/origin/metrics-deployer.yaml @@ -86,6 +86,8 @@ objects: value: ${HEAPSTER_NODE_ID} - name: METRIC_RESOLUTION value: ${METRIC_RESOLUTION} + - name: STARTUP_TIMEOUT + value: ${STARTUP_TIMEOUT} dnsPolicy: ClusterFirst restartPolicy: Never serviceAccount: metrics-deployer @@ -160,3 +162,7 @@ parameters: description: "How often metrics should be gathered. Defaults value of '15s' for 15 seconds" name: METRIC_RESOLUTION value: "15s" +- + description: "How long in seconds we should wait until Hawkular Metrics and Heapster starts up before attempting a restart" + name: STARTUP_TIMEOUT + value: "500" diff --git a/roles/openshift_hosted_templates/sync-templates.sh b/roles/openshift_hosted_templates/sync-templates.sh new file mode 100755 index 000000000..1188bc440 --- /dev/null +++ b/roles/openshift_hosted_templates/sync-templates.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +# Utility script to update the ansible repo with the latest templates for +# metrics and logging +# +# This script should be run from +# openshift-ansible/roles/openshift_hosted_templates + +ORIGIN_VERSION=v1.4 +EXAMPLES_BASE=$(pwd)/files/${ORIGIN_VERSION} +find ${EXAMPLES_BASE} -name '*.json' -delete +TEMP=`mktemp -d` +pushd $TEMP + +wget https://raw.githubusercontent.com/openshift/origin-metrics/master/metrics.yaml -O ${EXAMPLES_BASE}/origin/metrics-deployer.yaml +wget https://raw.githubusercontent.com/openshift/origin-metrics/enterprise/metrics.yaml -O ${EXAMPLES_BASE}/enterprise/metrics-deployer.yaml +wget https://raw.githubusercontent.com/openshift/origin-aggregated-logging/master/deployer/deployer.yaml -O ${EXAMPLES_BASE}/origin/logging-deployer.yaml +wget https://raw.githubusercontent.com/openshift/origin-aggregated-logging/enterprise/deployment/deployer.yaml -O ${EXAMPLES_BASE}/enterprise/logging-deployer.yaml + +popd +git diff files diff --git a/roles/openshift_loadbalancer/meta/main.yml b/roles/openshift_loadbalancer/meta/main.yml index e1d78cfd0..0b29df2a0 100644 --- a/roles/openshift_loadbalancer/meta/main.yml +++ b/roles/openshift_loadbalancer/meta/main.yml @@ -17,4 +17,9 @@ dependencies: port: "9000/tcp" - service: haproxy balance port: "{{ openshift_master_api_port | default(8443) }}/tcp" +- role: os_firewall + os_firewall_allow: + - service: nuage mon + port: "{{ nuage_mon_rest_server_port | default(9443) }}/tcp" + when: openshift_use_nuage | default(false) | bool - role: openshift_repos diff --git a/roles/openshift_loadbalancer/tasks/main.yml b/roles/openshift_loadbalancer/tasks/main.yml index b8e6a7da2..1d2804279 100644 --- a/roles/openshift_loadbalancer/tasks/main.yml +++ b/roles/openshift_loadbalancer/tasks/main.yml @@ -3,13 +3,23 @@ when: openshift.common.is_containerized | bool - name: Install haproxy - action: "{{ ansible_pkg_mgr }} name=haproxy state=present" + package: name=haproxy state=present - name: Configure systemd service directory for haproxy file: path: /etc/systemd/system/haproxy.service.d state: directory +# Work around ini_file create option in 2.2 which defaults to no +- name: Create limits.conf file + file: + dest: /etc/systemd/system/haproxy.service.d/limits.conf + state: touch + mode: 0660 + owner: root + group: root + changed_when: false + - name: Configure the nofile limits for haproxy ini_file: dest: /etc/systemd/system/haproxy.service.d/limits.conf diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index 28e4e46e9..88cdd2d89 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -3,18 +3,51 @@ command: mktemp -d /tmp/openshift-ansible-XXXXXX register: mktemp changed_when: False + delegate_to: "{{ openshift_master_host }}" + run_once: true - set_fact: openshift_manage_node_kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig" + delegate_to: "{{ openshift_master_host }}" + run_once: true - name: Copy the admin client config(s) command: > cp {{ openshift.common.config_base }}/master/admin.kubeconfig {{ openshift_manage_node_kubeconfig }} changed_when: False + delegate_to: "{{ openshift_master_host }}" + run_once: true + +# Necessary because when you're on a node that's also a master the master will be +# restarted after the node restarts docker and it will take up to 60 seconds for +# systemd to start the master again +- name: Wait for master API to become available before proceeding + # Using curl here since the uri module requires python-httplib2 and + # wait_for port doesn't provide health information. + command: > + curl --silent --tlsv1.2 + {% if openshift.common.version_gte_3_2_or_1_2 | bool %} + --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt + {% else %} + --cacert {{ openshift.common.config_base }}/master/ca.crt + {% endif %} + {{ openshift_node_master_api_url }}/healthz/ready + args: + # Disables the following warning: + # Consider using get_url or uri module rather than running curl + warn: no + register: api_available_output + until: api_available_output.stdout == 'ok' + retries: 120 + delay: 1 + changed_when: false + when: openshift.common.is_containerized | bool + delegate_to: "{{ openshift_master_host }}" + run_once: true - name: Wait for Node Registration command: > - {{ openshift.common.client_binary }} get node {{ hostvars[item].openshift.node.nodename }} + {{ openshift.common.client_binary }} get node {{ openshift.node.nodename }} --config={{ openshift_manage_node_kubeconfig }} -n default register: omd_get_node @@ -22,26 +55,29 @@ retries: 50 delay: 5 changed_when: false - with_items: "{{ openshift_nodes }}" + when: "'nodename' in openshift.node" + delegate_to: "{{ openshift_master_host }}" - name: Set node schedulability command: > - {{ openshift.common.client_binary }} adm manage-node {{ hostvars[item].openshift.node.nodename }} --schedulable={{ 'true' if hostvars[item].openshift.node.schedulable | bool else 'false' }} + {{ openshift.common.client_binary }} adm manage-node {{ openshift.node.nodename }} --schedulable={{ 'true' if openshift.node.schedulable | bool else 'false' }} --config={{ openshift_manage_node_kubeconfig }} -n default - with_items: "{{ openshift_nodes }}" - when: hostvars[item].openshift.node.nodename is defined + when: "'nodename' in openshift.node" + delegate_to: "{{ openshift_master_host }}" - name: Label nodes command: > - {{ openshift.common.client_binary }} label --overwrite node {{ hostvars[item].openshift.node.nodename }} {{ hostvars[item].openshift.node.labels | oo_combine_dict }} + {{ openshift.common.client_binary }} label --overwrite node {{ openshift.node.nodename }} {{ openshift.node.labels | oo_combine_dict }} --config={{ openshift_manage_node_kubeconfig }} -n default - with_items: "{{ openshift_nodes }}" - when: hostvars[item].openshift.node.nodename is defined and 'labels' in hostvars[item].openshift.node and hostvars[item].openshift.node.labels != {} + when: "'nodename' in openshift.node and 'labels' in openshift.node and openshift.node.labels != {}" + delegate_to: "{{ openshift_master_host }}" - name: Delete temp directory file: name: "{{ mktemp.stdout }}" state: absent changed_when: False + delegate_to: "{{ openshift_master_host }}" + run_once: true diff --git a/roles/openshift_manageiq/tasks/main.yaml b/roles/openshift_manageiq/tasks/main.yaml index bdaf64b3f..a7214482f 100644 --- a/roles/openshift_manageiq/tasks/main.yaml +++ b/roles/openshift_manageiq/tasks/main.yaml @@ -50,6 +50,16 @@ failed_when: "'already exists' not in osmiq_create_cluster_role.stderr and osmiq_create_cluster_role.rc != 0" changed_when: osmiq_create_cluster_role.rc == 0 +- name: Create Hawkular Metrics Admin Cluster Role + shell: > + echo {{ manageiq_metrics_admin_clusterrole | to_json | quote }} | + {{ openshift.common.client_binary }} + --config={{manage_iq_tmp_conf}} + create -f - + register: oshawkular_create_cluster_role + failed_when: "'already exists' not in oshawkular_create_cluster_role.stderr and oshawkular_create_cluster_role.rc != 0" + changed_when: oshawkular_create_cluster_role.rc == 0 + - name: Configure role/user permissions command: > {{ openshift.common.client_binary }} adm {{item}} diff --git a/roles/openshift_manageiq/vars/main.yml b/roles/openshift_manageiq/vars/main.yml index 6a0c5b41b..37d4679ef 100644 --- a/roles/openshift_manageiq/vars/main.yml +++ b/roles/openshift_manageiq/vars/main.yml @@ -9,6 +9,20 @@ manageiq_cluster_role: verbs: - '*' +manageiq_metrics_admin_clusterrole: + apiVersion: v1 + kind: ClusterRole + metadata: + name: hawkular-metrics-admin + rules: + - apiGroups: + - "" + resources: + - hawkular-metrics + - hawkular-alerts + verbs: + - '*' + manageiq_service_account: apiVersion: v1 kind: ServiceAccount @@ -31,6 +45,7 @@ manage_iq_tasks: - policy add-cluster-role-to-user system:image-puller system:serviceaccount:management-infra:inspector-admin - policy add-scc-to-user privileged system:serviceaccount:management-infra:inspector-admin - policy add-cluster-role-to-user self-provisioner system:serviceaccount:management-infra:management-admin + - policy add-cluster-role-to-user hawkular-metrics-admin system:serviceaccount:management-infra:management-admin manage_iq_openshift_3_2_tasks: - policy add-cluster-role-to-user system:image-auditor system:serviceaccount:management-infra:management-admin diff --git a/roles/openshift_master/handlers/main.yml b/roles/openshift_master/handlers/main.yml index 913f3b0ae..e119db1a2 100644 --- a/roles/openshift_master/handlers/main.yml +++ b/roles/openshift_master/handlers/main.yml @@ -17,7 +17,7 @@ # Using curl here since the uri module requires python-httplib2 and # wait_for port doesn't provide health information. command: > - curl --silent + curl --silent --tlsv1.2 {% if openshift.common.version_gte_3_2_or_1_2 | bool %} --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt {% else %} diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 1d6758c4a..79c62e985 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -24,7 +24,9 @@ when: openshift_master_ha | bool and openshift_master_cluster_method == "pacemaker" and openshift.common.is_containerized | bool - name: Install Master package - action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-master{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }} state=present" + package: + name: "{{ openshift.common.service_type }}-master{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}" + state: present when: not openshift.common.is_containerized | bool - name: Pull master image @@ -77,7 +79,7 @@ - restart master controllers - name: Install httpd-tools if needed - action: "{{ ansible_pkg_mgr }} name=httpd-tools state=present" + package: name=httpd-tools state=present when: (item.kind == 'HTPasswdPasswordIdentityProvider') and not openshift.common.is_atomic | bool with_items: "{{ openshift.master.identity_providers }}" @@ -292,7 +294,7 @@ when: openshift_master_ha | bool and openshift.master.cluster_method == 'native' - name: Install cluster packages - action: "{{ ansible_pkg_mgr }} name=pcs state=present" + package: name=pcs state=present when: openshift_master_ha | bool and openshift.master.cluster_method == 'pacemaker' and not openshift.common.is_containerized | bool register: install_result diff --git a/roles/openshift_master/tasks/systemd_units.yml b/roles/openshift_master/tasks/systemd_units.yml index 56110c28f..11e010716 100644 --- a/roles/openshift_master/tasks/systemd_units.yml +++ b/roles/openshift_master/tasks/systemd_units.yml @@ -127,16 +127,22 @@ - name: Preserve Master Proxy Config options command: grep PROXY /etc/sysconfig/{{ openshift.common.service_type }}-master - register: master_proxy + register: master_proxy_result failed_when: false changed_when: false +- set_fact: + master_proxy: "{{ master_proxy_result.stdout_lines | default([]) }}" + - name: Preserve Master AWS options command: grep AWS_ /etc/sysconfig/{{ openshift.common.service_type }}-master - register: master_aws + register: master_aws_result failed_when: false changed_when: false +- set_fact: + master_aws: "{{ master_aws_result.stdout_lines | default([]) }}" + - name: Create the master service env file template: src: "atomic-openshift-master.j2" @@ -144,17 +150,3 @@ backup: true notify: - restart master - -- name: Restore Master Proxy Config Options - lineinfile: - dest: /etc/sysconfig/{{ openshift.common.service_type }}-master - line: "{{ item }}" - with_items: "{{ master_proxy.stdout_lines | default([]) }}" - when: master_proxy.rc == 0 and 'http_proxy' not in openshift.common and 'https_proxy' not in openshift.common - -- name: Restore Master AWS Options - lineinfile: - dest: /etc/sysconfig/{{ openshift.common.service_type }}-master - line: "{{ item }}" - with_items: "{{ master_aws.stdout_lines | default([]) }}" - when: master_aws.rc == 0 and not (openshift_cloudprovider_kind is defined and openshift_cloudprovider_kind == 'aws' and openshift_cloudprovider_aws_access_key is defined and openshift_cloudprovider_aws_secret_key is defined) diff --git a/roles/openshift_master/templates/atomic-openshift-master.j2 b/roles/openshift_master/templates/atomic-openshift-master.j2 index 26f0240ec..7aea89578 100644 --- a/roles/openshift_master/templates/atomic-openshift-master.j2 +++ b/roles/openshift_master/templates/atomic-openshift-master.j2 @@ -8,6 +8,11 @@ IMAGE_VERSION={{ openshift_image_tag }} AWS_ACCESS_KEY_ID={{ openshift_cloudprovider_aws_access_key }} AWS_SECRET_ACCESS_KEY={{ openshift_cloudprovider_aws_secret_key }} {% endif %} +{% if not (openshift_cloudprovider_kind is defined and openshift_cloudprovider_kind == 'aws' and openshift_cloudprovider_aws_access_key is defined and openshift_cloudprovider_aws_secret_key is defined) %} +{% for item in master_aws %} +{{ item }} +{% endfor %} +{% endif %} {% if 'api_env_vars' in openshift.master or 'controllers_env_vars' in openshift.master -%} {% for key, value in openshift.master.api_env_vars.items() | default([]) | union(openshift.master.controllers_env_vars.items() | default([])) -%} @@ -26,3 +31,8 @@ HTTPS_PROXY={{ openshift.common.https_proxy | default('')}} {% if 'no_proxy' in openshift.common %} NO_PROXY={{ openshift.common.no_proxy | default('') | join(',') }},{{ openshift.common.portal_net }},{{ openshift.master.sdn_cluster_network_cidr }} {% endif %} +{% if not ('https_proxy' in openshift.common or 'https_proxy' in openshift.common or 'no_proxy' in openshift.common) %} +{% for item in master_proxy %} +{{ item }} +{% endfor %} +{% endif %} diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 4d45e8591..a52ae578c 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -131,6 +131,7 @@ kubernetesMasterConfig: proxyClientInfo: certFile: master.proxy-client.crt keyFile: master.proxy-client.key + schedulerArguments: {{ openshift_master_scheduler_args | default(None) | to_padded_yaml( level=3 ) }} schedulerConfigFile: {{ openshift_master_scheduler_conf }} servicesNodePortRange: "" servicesSubnet: {{ openshift.common.portal_net }} @@ -158,7 +159,7 @@ masterPublicURL: {{ openshift.master.public_api_url }} networkConfig: clusterNetworkCIDR: {{ openshift.master.sdn_cluster_network_cidr }} hostSubnetLength: {{ openshift.master.sdn_host_subnet_length }} -{% if openshift.common.use_openshift_sdn or openshift.common.use_nuage %} +{% if openshift.common.use_openshift_sdn or openshift.common.use_nuage or openshift.common.sdn_network_plugin_name == 'cni' %} networkPluginName: {{ openshift.common.sdn_network_plugin_name }} {% endif %} # serviceNetworkCIDR must match kubernetesMasterConfig.servicesSubnet diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 index 1f50fdce1..0e78d2d23 100644 --- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 +++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 @@ -15,6 +15,7 @@ LimitNOFILE=131072 LimitCORE=infinity WorkingDirectory={{ openshift.common.data_dir }} SyslogIdentifier=atomic-openshift-master-api +Restart=always RestartSec=5s [Install] diff --git a/roles/openshift_master_facts/tasks/main.yml b/roles/openshift_master_facts/tasks/main.yml index e0c0fc644..62ac1aef5 100644 --- a/roles/openshift_master_facts/tasks/main.yml +++ b/roles/openshift_master_facts/tasks/main.yml @@ -80,3 +80,4 @@ controllers_env_vars: "{{ openshift_master_controllers_env_vars | default(None) }}" audit_config: "{{ openshift_master_audit_config | default(None) }}" metrics_public_url: "{% if openshift_hosted_metrics_deploy | default(false) %}https://{{ metrics_hostname }}/hawkular/metrics{% endif %}" + scheduler_args: "{{ openshift_master_scheduler_args | default(None) }}" diff --git a/roles/openshift_metrics/handlers/main.yml b/roles/openshift_metrics/handlers/main.yml index 913f3b0ae..e119db1a2 100644 --- a/roles/openshift_metrics/handlers/main.yml +++ b/roles/openshift_metrics/handlers/main.yml @@ -17,7 +17,7 @@ # Using curl here since the uri module requires python-httplib2 and # wait_for port doesn't provide health information. command: > - curl --silent + curl --silent --tlsv1.2 {% if openshift.common.version_gte_3_2_or_1_2 | bool %} --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt {% else %} diff --git a/roles/openshift_metrics/tasks/install.yml b/roles/openshift_metrics/tasks/install.yml index 4976c7153..98e21375a 100644 --- a/roles/openshift_metrics/tasks/install.yml +++ b/roles/openshift_metrics/tasks/install.yml @@ -37,6 +37,24 @@ system:serviceaccount:openshift-infra:metrics-deployer when: "'system:serviceaccount:openshift-infra:metrics-deployer' not in edit_rolebindings.stdout" +- name: Test hawkular view permissions + command: > + {{ openshift.common.client_binary }} + --config={{ openshift_metrics_kubeconfig }} + --namespace openshift-infra + get rolebindings -o jsonpath='{.items[?(@.metadata.name == "view")].userNames}' + register: view_rolebindings + changed_when: false + +- name: Add view permissions to hawkular SA + command: > + {{ openshift.common.client_binary }} adm + --config={{ openshift_metrics_kubeconfig }} + --namespace openshift-infra + policy add-role-to-user view + system:serviceaccount:openshift-infra:hawkular + when: "'system:serviceaccount:openshift-infra:hawkular' not in view_rolebindings" + - name: Test cluster-reader permissions command: > {{ openshift.common.client_binary }} @@ -71,7 +89,14 @@ set_fact: deployer_cmd: "{{ openshift.common.client_binary }} process -f \ {{ hosted_base }}/metrics-deployer.yaml -v \ - HAWKULAR_METRICS_HOSTNAME={{ metrics_hostname }},USE_PERSISTENT_STORAGE={{metrics_persistence | string | lower }},DYNAMICALLY_PROVISION_STORAGE={{metrics_dynamic_vol | string | lower }},METRIC_DURATION={{ openshift.hosted.metrics.duration }},METRIC_RESOLUTION={{ openshift.hosted.metrics.resolution }}{{ image_prefix }}{{ image_version }},MODE={{ deployment_mode }} \ + HAWKULAR_METRICS_HOSTNAME={{ metrics_hostname }} \ + -v USE_PERSISTENT_STORAGE={{metrics_persistence | string | lower }} \ + -v DYNAMICALLY_PROVISION_STORAGE={{metrics_dynamic_vol | string | lower }} \ + -v METRIC_DURATION={{ openshift.hosted.metrics.duration }} \ + -v METRIC_RESOLUTION={{ openshift.hosted.metrics.resolution }} + {{ image_prefix }} \ + {{ image_version }} \ + -v MODE={{ deployment_mode }} \ | {{ openshift.common.client_binary }} --namespace openshift-infra \ --config={{ openshift_metrics_kubeconfig }} \ create -o name -f -" diff --git a/roles/openshift_metrics/tasks/main.yaml b/roles/openshift_metrics/tasks/main.yaml index 88432a9f8..26af279b1 100644 --- a/roles/openshift_metrics/tasks/main.yaml +++ b/roles/openshift_metrics/tasks/main.yaml @@ -36,10 +36,8 @@ metrics_persistence: "{{ openshift.hosted.metrics.storage_kind | default(none) is not none }}" metrics_dynamic_vol: "{{ openshift.hosted.metrics.storage_kind | default(none) == 'dynamic' }}" metrics_template_dir: "{{ openshift.common.config_base if openshift.common.is_containerized | bool else '/usr/share/openshift' }}/examples/infrastructure-templates/{{ 'origin' if deployment_type == 'origin' else 'enterprise' }}" - cassandra_nodes: "{{ ',CASSANDRA_NODES=' ~ openshift.hosted.metrics.cassandra_nodes if 'cassandra' in openshift.hosted.metrics else '' }}" - cassandra_pv_size: "{{ ',CASSANDRA_PV_SIZE=' ~ openshift.hosted.metrics.storage_volume_size if openshift.hosted.metrics.storage_volume_size | default(none) is not none else '' }}" - image_prefix: "{{ ',IMAGE_PREFIX=' ~ openshift.hosted.metrics.deployer_prefix if 'deployer_prefix' in openshift.hosted.metrics else '' }}" - image_version: "{{ ',IMAGE_VERSION=' ~ openshift.hosted.metrics.deployer_version if 'deployer_version' in openshift.hosted.metrics else '' }}" + image_prefix: "{{ '-v IMAGE_PREFIX=' ~ openshift.hosted.metrics.deployer.prefix if 'prefix' in openshift.hosted.metrics.deployer else '' }}" + image_version: "{{ '-v IMAGE_VERSION=' ~ openshift.hosted.metrics.deployer.version if 'version' in openshift.hosted.metrics.deployer else '' }}" - name: Check for existing metrics pods diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 8b3145785..612cc0e20 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -35,15 +35,25 @@ # We have to add tuned-profiles in the same transaction otherwise we run into depsolving # problems because the rpms don't pin the version properly. This was fixed in 3.1 packaging. - name: Install Node package - action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-node{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }},tuned-profiles-{{ openshift.common.service_type }}-node{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }} state=present" + package: + name: "{{ openshift.common.service_type }}-node{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }},tuned-profiles-{{ openshift.common.service_type }}-node{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}" + state: present when: not openshift.common.is_containerized | bool +- name: Check for tuned package + command: rpm -q tuned + register: tuned_installed + changed_when: false + failed_when: false + - name: Set atomic-guest tuned profile command: "tuned-adm profile atomic-guest" - when: openshift.common.is_atomic | bool + when: tuned_installed.rc == 0 and openshift.common.is_atomic | bool - name: Install sdn-ovs package - action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-sdn-ovs{{ openshift_pkg_version | oo_image_tag_to_rpm_version(include_dash=True) }} state=present" + package: + name: "{{ openshift.common.service_type }}-sdn-ovs{{ openshift_pkg_version | oo_image_tag_to_rpm_version(include_dash=True) }}" + state: present when: openshift.common.use_openshift_sdn and not openshift.common.is_containerized | bool - name: Pull node image @@ -77,6 +87,11 @@ - set_fact: ovs_service_status_changed: "{{ ovs_start_result | changed }}" +- file: + dest: "{{ (openshift_node_kubelet_args|default({'config':None})).config}}" + state: directory + when: openshift_node_kubelet_args is defined and 'config' in openshift_node_kubelet_args + # TODO: add the validate parameter when there is a validation command to run - name: Create the Node config template: @@ -100,6 +115,7 @@ line: "AWS_ACCESS_KEY_ID={{ openshift_cloudprovider_aws_access_key | default('') }}" - regex: '^AWS_SECRET_ACCESS_KEY=' line: "AWS_SECRET_ACCESS_KEY={{ openshift_cloudprovider_aws_secret_key | default('') }}" + no_log: True when: "openshift_cloudprovider_kind is defined and openshift_cloudprovider_kind == 'aws' and openshift_cloudprovider_aws_access_key is defined and openshift_cloudprovider_aws_secret_key is defined" notify: - restart node diff --git a/roles/openshift_node/tasks/storage_plugins/ceph.yml b/roles/openshift_node/tasks/storage_plugins/ceph.yml index eed3c99a3..037efe81a 100644 --- a/roles/openshift_node/tasks/storage_plugins/ceph.yml +++ b/roles/openshift_node/tasks/storage_plugins/ceph.yml @@ -1,4 +1,4 @@ --- - name: Install Ceph storage plugin dependencies - action: "{{ ansible_pkg_mgr }} name=ceph-common state=present" - when: not openshift.common.is_atomic | bool
\ No newline at end of file + package: name=ceph-common state=present + when: not openshift.common.is_atomic | bool diff --git a/roles/openshift_node/tasks/storage_plugins/glusterfs.yml b/roles/openshift_node/tasks/storage_plugins/glusterfs.yml index 4fd9cd10b..7d8c42ee2 100644 --- a/roles/openshift_node/tasks/storage_plugins/glusterfs.yml +++ b/roles/openshift_node/tasks/storage_plugins/glusterfs.yml @@ -1,6 +1,6 @@ --- - name: Install GlusterFS storage plugin dependencies - action: "{{ ansible_pkg_mgr }} name=glusterfs-fuse state=present" + package: name=glusterfs-fuse state=present when: not openshift.common.is_atomic | bool - name: Check for existence of virt_use_fusefs seboolean diff --git a/roles/openshift_node/tasks/storage_plugins/iscsi.yml b/roles/openshift_node/tasks/storage_plugins/iscsi.yml index d6684b34a..1c5478c55 100644 --- a/roles/openshift_node/tasks/storage_plugins/iscsi.yml +++ b/roles/openshift_node/tasks/storage_plugins/iscsi.yml @@ -1,4 +1,4 @@ --- - name: Install iSCSI storage plugin dependencies - action: "{{ ansible_pkg_mgr }} name=iscsi-initiator-utils state=present" + package: name=iscsi-initiator-utils state=present when: not openshift.common.is_atomic | bool diff --git a/roles/openshift_node/tasks/storage_plugins/nfs.yml b/roles/openshift_node/tasks/storage_plugins/nfs.yml index 5f99f129c..d40ae66cb 100644 --- a/roles/openshift_node/tasks/storage_plugins/nfs.yml +++ b/roles/openshift_node/tasks/storage_plugins/nfs.yml @@ -1,6 +1,6 @@ --- - name: Install NFS storage plugin dependencies - action: "{{ ansible_pkg_mgr }} name=nfs-utils state=present" + package: name=nfs-utils state=present when: not openshift.common.is_atomic | bool - name: Check for existence of seboolean diff --git a/roles/openshift_node/tasks/systemd_units.yml b/roles/openshift_node/tasks/systemd_units.yml index 27c9b48f0..f722a6e69 100644 --- a/roles/openshift_node/tasks/systemd_units.yml +++ b/roles/openshift_node/tasks/systemd_units.yml @@ -24,11 +24,26 @@ notify: - restart openvswitch +# May be a temporary workaround. +# https://bugzilla.redhat.com/show_bug.cgi?id=1331590 +- name: Create OpenvSwitch service.d directory + file: path=/etc/systemd/system/openvswitch.service.d/ state=directory + when: openshift.common.use_openshift_sdn | default(true) | bool + +- name: Install OpenvSwitch service OOM fix + template: + dest: "/etc/systemd/system/openvswitch.service.d/01-avoid-oom.conf" + src: openvswitch-avoid-oom.conf + when: openshift.common.use_openshift_sdn | default(true) | bool + register: install_oom_fix_result + notify: + - restart openvswitch + - name: Install OpenvSwitch docker service file template: dest: "/etc/systemd/system/openvswitch.service" src: openvswitch.docker.service - when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool + when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | default(true) | bool notify: - restart openvswitch @@ -67,6 +82,6 @@ - name: Reload systemd units command: systemctl daemon-reload - when: openshift.common.is_containerized | bool and (install_node_result | changed or install_ovs_sysconfig | changed or install_node_dep_result | changed) + when: (openshift.common.is_containerized | bool and (install_node_result | changed or install_ovs_sysconfig | changed or install_node_dep_result | changed)) or install_oom_fix_result | changed notify: - restart node diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index 9bcaf4d84..55ae4bf54 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -27,7 +27,7 @@ networkPluginName: {{ openshift.common.sdn_network_plugin_name }} # deprecates networkPluginName above. The two should match. networkConfig: mtu: {{ openshift.node.sdn_mtu }} -{% if openshift.common.use_openshift_sdn | bool or openshift.common.use_nuage | bool %} +{% if openshift.common.use_openshift_sdn | bool or openshift.common.use_nuage | bool or openshift.common.sdn_network_plugin_name == 'cni' %} networkPluginName: {{ openshift.common.sdn_network_plugin_name }} {% endif %} {% if openshift.node.set_node_ip | bool %} diff --git a/roles/openshift_node/templates/openvswitch-avoid-oom.conf b/roles/openshift_node/templates/openvswitch-avoid-oom.conf new file mode 100644 index 000000000..3229bc56b --- /dev/null +++ b/roles/openshift_node/templates/openvswitch-avoid-oom.conf @@ -0,0 +1,3 @@ +# Avoid the OOM killer for openvswitch and it's children: +[Service] +OOMScoreAdjust=-1000 diff --git a/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh b/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh index 5a187710b..c3d5efb9e 100755 --- a/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh +++ b/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh @@ -1,4 +1,5 @@ #!/bin/bash -x +# -*- mode: sh; sh-indentation: 2 -*- # This NetworkManager dispatcher script replicates the functionality of # NetworkManager's dns=dnsmasq however, rather than hardcoding the listening @@ -28,7 +29,17 @@ cd /etc/sysconfig/network-scripts [ -f ../network ] && . ../network if [[ $2 =~ ^(up|dhcp4-change)$ ]]; then - # couldn't find an existing method to determine if the interface owns the + # If the origin-upstream-dns config file changed we need to restart + NEEDS_RESTART=0 + UPSTREAM_DNS='/etc/dnsmasq.d/origin-upstream-dns.conf' + # We'll regenerate the dnsmasq origin config in a temp file first + UPSTREAM_DNS_TMP=`mktemp` + UPSTREAM_DNS_TMP_SORTED=`mktemp` + CURRENT_UPSTREAM_DNS_SORTED=`mktemp` + NEW_RESOLV_CONF=`mktemp` + + ###################################################################### + # couldn't find an existing method to determine if the interface owns the # default route def_route=$(/sbin/ip route list match 0.0.0.0/0 | awk '{print $3 }') def_route_int=$(/sbin/ip route get to ${def_route} | awk '{print $3}') @@ -43,20 +54,49 @@ domain-needed server=/cluster.local/172.30.0.1 server=/30.172.in-addr.arpa/172.30.0.1 EOF + # New config file, must restart + NEEDS_RESTART=1 fi - # zero out our upstream servers list and feed it into dnsmasq - echo -n > /etc/dnsmasq.d/origin-upstream-dns.conf + + ###################################################################### + # Generate a new origin dns config file for ns in ${IP4_NAMESERVERS}; do if [[ ! -z $ns ]]; then - echo "server=${ns}" >> /etc/dnsmasq.d/origin-upstream-dns.conf + echo "server=${ns}" fi - done - systemctl restart dnsmasq + done > $UPSTREAM_DNS_TMP + + # Sort it in case DNS servers arrived in a different order + sort $UPSTREAM_DNS_TMP > $UPSTREAM_DNS_TMP_SORTED + sort $UPSTREAM_DNS > $CURRENT_UPSTREAM_DNS_SORTED - sed -i '0,/^nameserver/ s/^nameserver.*$/nameserver '"${def_route_ip}"'/g' /etc/resolv.conf + # Compare to the current config file (sorted) + NEW_DNS_SUM=`md5sum ${UPSTREAM_DNS_TMP_SORTED} | awk '{print $1}'` + CURRENT_DNS_SUM=`md5sum ${CURRENT_UPSTREAM_DNS_SORTED} | awk '{print $1}'` + + if [ "${NEW_DNS_SUM}" != "${CURRENT_DNS_SUM}" ]; then + # DNS has changed, copy the temp file to the proper location (-Z + # sets default selinux context) and set the restart flag + cp -Z $UPSTREAM_DNS_TMP $UPSTREAM_DNS + NEEDS_RESTART=1 + fi - if ! grep -q '99-origin-dns.sh' /etc/resolv.conf; then - echo "# nameserver updated by /etc/NetworkManager/dispatcher.d/99-origin-dns.sh" >> /etc/resolv.conf + ###################################################################### + if [ "${NEEDS_RESTART}" -eq "1" ]; then + systemctl restart dnsmasq + fi + + # Only if dnsmasq is running properly make it our only nameserver + if `systemctl -q is-active dnsmasq.service`; then + sed -e '/^nameserver.*$/d' /etc/resolv.conf > ${NEW_RESOLV_CONF} + echo "nameserver "${def_route_ip}"" >> ${NEW_RESOLV_CONF} + if ! grep -q '99-origin-dns.sh' ${NEW_RESOLV_CONF}; then + echo "# nameserver updated by /etc/NetworkManager/dispatcher.d/99-origin-dns.sh" >> ${NEW_RESOLV_CONF} + fi + cp -Z ${NEW_RESOLV_CONF} /etc/resolv.conf fi fi + + # Clean up after yourself + rm -f $UPSTREAM_DNS_TMP $UPSTREAM_DNS_TMP_SORTED $CURRENT_UPSTREAM_DNS_SORTED $NEW_RESOLV_CONF fi diff --git a/roles/openshift_node_dnsmasq/tasks/main.yml b/roles/openshift_node_dnsmasq/tasks/main.yml index 396c27295..0167b02b1 100644 --- a/roles/openshift_node_dnsmasq/tasks/main.yml +++ b/roles/openshift_node_dnsmasq/tasks/main.yml @@ -4,13 +4,14 @@ systemctl show NetworkManager register: nm_show changed_when: false + ignore_errors: True - name: Set fact using_network_manager set_fact: network_manager_active: "{{ True if 'ActiveState=active' in nm_show.stdout else False }}" - name: Install dnsmasq - action: "{{ ansible_pkg_mgr }} name=dnsmasq state=installed" + package: name=dnsmasq state=installed when: not openshift.common.is_atomic | bool - name: Install dnsmasq configuration diff --git a/roles/openshift_repos/tasks/main.yaml b/roles/openshift_repos/tasks/main.yaml index 9be168611..d5ed9c09d 100644 --- a/roles/openshift_repos/tasks/main.yaml +++ b/roles/openshift_repos/tasks/main.yaml @@ -12,7 +12,7 @@ when: not openshift.common.is_containerized | bool - name: Ensure libselinux-python is installed - action: "{{ ansible_pkg_mgr }} name=libselinux-python state=present" + package: name=libselinux-python state=present when: not openshift.common.is_containerized | bool - name: Create any additional repos that are defined @@ -37,6 +37,7 @@ when: ansible_os_family == "RedHat" and ansible_distribution != "Fedora" and openshift_deployment_type == 'origin' and not openshift.common.is_containerized | bool + and openshift_enable_origin_repo | default(true) - name: Configure origin yum repositories RHEL/CentOS copy: @@ -46,3 +47,4 @@ when: ansible_os_family == "RedHat" and ansible_distribution != "Fedora" and openshift_deployment_type == 'origin' and not openshift.common.is_containerized | bool + and openshift_enable_origin_repo | default(true) diff --git a/roles/openshift_storage_nfs/tasks/main.yml b/roles/openshift_storage_nfs/tasks/main.yml index 4716c77ae..ecc52e4af 100644 --- a/roles/openshift_storage_nfs/tasks/main.yml +++ b/roles/openshift_storage_nfs/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Install nfs-utils - action: "{{ ansible_pkg_mgr }} name=nfs-utils state=present" + package: name=nfs-utils state=present - name: Configure NFS lineinfile: diff --git a/roles/openshift_storage_nfs_lvm/tasks/nfs.yml b/roles/openshift_storage_nfs_lvm/tasks/nfs.yml index fc8de1cb5..e0be9f0b7 100644 --- a/roles/openshift_storage_nfs_lvm/tasks/nfs.yml +++ b/roles/openshift_storage_nfs_lvm/tasks/nfs.yml @@ -1,8 +1,8 @@ --- - name: Install NFS server - action: "{{ ansible_pkg_mgr }} name=nfs-utils state=present" + package: name=nfs-utils state=present when: not openshift.common.is_containerized | bool - + - name: Start rpcbind service: name=rpcbind state=started enabled=yes diff --git a/roles/openshift_storage_nfs_lvm/templates/nfs.json.j2 b/roles/openshift_storage_nfs_lvm/templates/nfs.json.j2 index 0f3d84e75..3c4d2f56c 100644 --- a/roles/openshift_storage_nfs_lvm/templates/nfs.json.j2 +++ b/roles/openshift_storage_nfs_lvm/templates/nfs.json.j2 @@ -11,7 +11,7 @@ "capacity": { "storage": "{{ osnl_volume_size }}Gi" }, - "accessModes": [ "ReadWriteMany" ], + "accessModes": [ "ReadWriteOnce", "ReadWriteMany" ], "persistentVolumeReclaimPolicy": "Recycle", "nfs": { "Server": "{{ inventory_hostname }}", diff --git a/roles/openshift_version/tasks/set_version_containerized.yml b/roles/openshift_version/tasks/set_version_containerized.yml index 8e2702391..718537287 100644 --- a/roles/openshift_version/tasks/set_version_containerized.yml +++ b/roles/openshift_version/tasks/set_version_containerized.yml @@ -37,3 +37,8 @@ openshift_version: "{{ cli_image_version.stdout_lines[0].split(' ')[1].split('-')[0:2][1:] | join('-') if openshift.common.deployment_type == 'origin' else cli_image_version.stdout_lines[0].split(' ')[1].split('-')[0][1:] }}" when: openshift_version is defined and openshift_version.split('.') | length == 2 +# We finally have the specific version. Now we clean up any strange +# dangly +c0mm1t-offset tags in the version. See also, +# openshift_facts.py +- set_fact: + openshift_version: "{{ openshift_version | oo_chomp_commit_offset }}" diff --git a/roles/os_firewall/README.md b/roles/os_firewall/README.md index 187d74b06..c6c70b81d 100644 --- a/roles/os_firewall/README.md +++ b/roles/os_firewall/README.md @@ -14,7 +14,7 @@ Role Variables | Name | Default | | |---------------------------|---------|----------------------------------------| -| os_firewall_use_firewalld | True | If false, use iptables | +| os_firewall_use_firewalld | False | If false, use iptables | | os_firewall_allow | [] | List of service,port mappings to allow | | os_firewall_deny | [] | List of service, port mappings to deny | diff --git a/roles/os_firewall/meta/main.yml b/roles/os_firewall/meta/main.yml index c93335b7b..6df7c9f2b 100644 --- a/roles/os_firewall/meta/main.yml +++ b/roles/os_firewall/meta/main.yml @@ -11,5 +11,6 @@ galaxy_info: - 7 categories: - system +allow_duplicates: yes dependencies: - { role: openshift_facts } diff --git a/roles/os_firewall/tasks/firewall/firewalld.yml b/roles/os_firewall/tasks/firewall/firewalld.yml index 5ddca1fc0..a5b733cb7 100644 --- a/roles/os_firewall/tasks/firewall/firewalld.yml +++ b/roles/os_firewall/tasks/firewall/firewalld.yml @@ -1,6 +1,6 @@ --- - name: Install firewalld packages - action: "{{ ansible_pkg_mgr }} name=firewalld state=present" + package: name=firewalld state=present when: not openshift.common.is_containerized | bool register: install_result diff --git a/roles/os_firewall/tasks/firewall/iptables.yml b/roles/os_firewall/tasks/firewall/iptables.yml index 470d4f4f9..366ede8fd 100644 --- a/roles/os_firewall/tasks/firewall/iptables.yml +++ b/roles/os_firewall/tasks/firewall/iptables.yml @@ -25,7 +25,7 @@ ignore_errors: yes - name: Install iptables packages - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" + package: name={{ item }} state=present with_items: - iptables - iptables-services diff --git a/roles/os_update_latest/tasks/main.yml b/roles/os_update_latest/tasks/main.yml index ff2b52275..6b5fd0106 100644 --- a/roles/os_update_latest/tasks/main.yml +++ b/roles/os_update_latest/tasks/main.yml @@ -1,3 +1,3 @@ --- - name: Update all packages - action: "{{ ansible_pkg_mgr }} name=* state=latest" + package: name=* state=latest |