summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Fix flat sec group and infra/dns sec rulesBogdan Dobrelya2017-06-232-59/+44
| | | | | | | | | | Make flat sec group to only merge node/master/etcd sec rules. Add basic dns/ssh sec group and assign it to all but dns node groups. Assign only dns sec group for dns nodes. Assign only infra (and basic) sec groups for ingra nodes. Add security notes for openstack provider. Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* Finish crs (#462)Davis Phillips2017-06-200-0/+0
| | | | | | | | | | * adding crs finished and heketi customizations * removing some duplicate haproxy files * fix lint CI issues * fix more lint CI issues
* Add profiling and skippy stdout (#470)Bogdan Dobrelya2017-06-201-0/+2
| | | | | | | Tune an example ansible.cfg to include tasks profiling info and improve displaying of skipped tasks. Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* call deployment-manager deployments update when config yaml is updated (#464)Brad Durrow2017-06-180-0/+0
|
* Merge pull request #466 from tomassedovic/openstack-providerRyan Cook2017-06-1638-0/+2950
|\ | | | | Openstack provider
| * Fix flake8 errors with the openstack inventoryTomas Sedovic2017-06-161-5/+5
| |
| * Remove the extraneous DNS directoryTomas Sedovic2017-06-160-0/+0
| | | | | | | | | | It's a CASL-specific helper, not necessary for the provisioning playbooks.
| * Fix yamllint errorsTomas Sedovic2017-06-1613-65/+38
| |
| * Update sample inventory with the latest changesTomas Sedovic2017-06-163-16/+31
| |
| * Gather facts for provision playbookBogdan Dobrelya2017-06-151-0/+1
| | | | | | | | | | | | | | | | | | Provision tasks use facts like ansible_hostname and few others. W/o gathering facts, those expire, and the provision playbook cannot be reapplied in order to update the existing heat stack. Refresh the facts cache by specifying gather_facts: true. Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
| * Drop atomic-openshift-utils, update docs for originBogdan Dobrelya2017-06-152-3/+11
| | | | | | | | | | | | | | | | TODO use with when: ansible_distribution == 'CentOS' Also update docs for origin Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
| * Add ansible.cfg for openstack providerBogdan Dobrelya2017-06-152-0/+23
| | | | | | | | Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
| * Add a flat sec group for openstack providerBogdan Dobrelya2017-06-154-14/+140
| | | | | | | | | | | | | | | | | | | | Add a openstack_flat_secgroup, defaults to False. When set, merges sec rules for master, node, etcd, infra nodes into a single group. Less secure, but might help to mitigate quota limitations. Update docs. Use timeout 30s to mitigate the error: Timeout (12s) waiting for privilege escalation prompt. Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
| * Always let the openshift nodes access the DNSTomas Sedovic2017-06-151-0/+15
| | | | | | | | | | | | | | | | | | When `node_ingress_cidr` to limit the IP range for the DNS server, this can prevent the actual openshift nodes from accessing it as well. This commit makes the access from the `openstack_subnet_prefix` always pass through and uses `node_ingress_cidr` for additional access control.
| * Fix privileges in the pre-install playbookTomas Sedovic2017-06-152-11/+12
| |
| * Add default values to provision-openstack.ymlTomas Sedovic2017-06-141-8/+8
| |
| * Move pre_tasks from to the openstack provisionerTomas Sedovic2017-06-141-0/+1
| | | | | | | | | | We should probably not pollute the role namespace with a name as common as "common". Moving the pre_task.yml to provisioners/openstack instead.
| * Add readmeTomas Sedovic2017-06-141-0/+113
| |
| * Add license for openstack.py in inventoryTomas Sedovic2017-06-141-0/+674
| | | | | | | | It's under the GPLv3+ while the rest of the repo is Apache 2.
| * Add a sample inventory for openstack provisioningTomas Sedovic2017-06-145-0/+350
| |
| * Symlink roles to provisioning/openstack/rolesTomas Sedovic2017-06-141-0/+1
| |
| * Add a single provisioning playbookTomas Sedovic2017-06-141-0/+4
| |
| * Move the openstack provisioning playbooksTomas Sedovic2017-06-145-0/+227
| | | | | | | | They'll live in playbooks/provisioning/openstack from now on.
| * Merge redhat-cop/casl-ansible into openstack-providerTomas Sedovic2017-06-1423-0/+1418
| |\ | | | | | | | | | | | | | | | | | | | | | This imports the openstack provisioning bits of: https://github.com/redhat-cop/casl-ansible taking care to preserve the original history of those files.
| | * Update CASL to use nsupdate for DNS records (#48)Øystein Bedin2017-06-135-9/+50
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Updated to use nsupdate for DNS records * Updated formatting of dict * Updating descriptive text * Support for external DNS config * Upgrading jinja2 to work correctly with latest templates * Latest update for nsupdate * Updated to use nsupdate for DNS records * Updated formatting of dict * Updating descriptive text * Support for external DNS config * Latest update for nsupdate * Updated to support external public/private DNS server(s) * Updated DNS server handling * Updated DNS server handling * Updated DNS server handling * Eliminated the from the sample inventories * Updated sample inventory to point to 2 separate DNS servers for private/public * Playbook clean-up * Adding 'python-dns' * splitting subscription manager calls to allow for a clean pre-install playbook
| | * Update README.mdØystein Bedin2017-06-060-0/+0
| | |
| | * Conditionally set the openshift_master_default_subdomain to avoid overriding ↵Øystein Bedin2017-06-051-0/+2
| | | | | | | | | | | | it unecessary (#47)
| | * Fix rpm deps (#46)Øystein Bedin2017-05-260-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Upgrading jinja2 to work correctly with latest templates * Updated to solve rpm deps + other version issues * Clean-up * Updating control-host settings and env * Updating control-host settings and env * Updating README and names to align across all components * Setting the TERM var for better shell experience
| | * Upgrading jinja2 to work correctly with latest templates (#45)Øystein Bedin2017-05-250-0/+0
| | |
| | * Use the correct variable name in create_users (#43)Tomas Sedovic2017-05-170-0/+0
| | | | | | | | | | | | | | | The user creation was failing, because it was looking for the `demo_users` variable while the samples put the data under `create_users`.
| | * Updating to OSP ocata repo, as there are some bugs with newton's channel (#44)Eric Sauer2017-05-170-0/+0
| | |
| | * Correcting the sample inventory for an HA cluster (#40)Eric Sauer2017-05-170-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | * Correcting the sample inventory for an HA cluster * Adding node label mapping * Updating to mre generic IPs
| | * Some fixes (#41)Tomas Sedovic2017-05-090-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix the sample inventory The `openstack_nameservers` variable needs to be a list of strings, we need to set the Openshift labels in OSv3.yml and we show an example of using the username/password/poll for RHEL subscriptions. * Update the READMEs This fixes some of the paths, explains that we need to pass `openstack_ssh_public_key` to the end-to-end playbook and includes the full Docker command since there is no `run.sh` script. Oh and Heat is not an acronym :). * Fixes to the readme and inventory * Use docker-compose
| | * First attempt at a simple multi-master support (#39)Eric Sauer2017-04-272-0/+71
| | | | | | | | | | | | | | | | | | | | | | | | * First attempt at a simple multi-master support * Removing unneeded inventory * adding default number of masters and lower number of nodes
| | * Stack refactor (#38)Eric Sauer2017-04-255-286/+184
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Refactored openstack-stack role to: - Convert static heat template files to ansible templates - Include native ansible groups via openstack metadata. This removes the need for a playbook to map host groups - Some code cleanup * Deleting commentd out code and irrelevant plays * Refactored openstack-stack role to: - Convert static heat template files to ansible templates - Include native ansible groups via openstack metadata. This removes the need for a playbook to map host groups - Some code cleanup * Deleting commentd out code and irrelevant plays * Replacing stack parameters with jinja expressions * Updating sample inventory to work with latest dynamic inventory changes * updating inventory with host group mapping. making sync keys optional * Missing cluster_hosts group * Updating to add infra_hosts * Updating inventory per comments from oybed and sabre1041
| | * Updating client image to lock it to ansible 2.3 and install some addi… (#32)Eric Sauer2017-04-200-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | * Updating client image to lock it to ansible 2.3 and install some additional dependencies * First attempt at a docker-compose based solution * Renaming image
| | * Fixing awk check (#34)Øystein Bedin2017-04-080-0/+0
| | |
| | * Added quotes where needed and fixed some other minor bugs (#33)Øystein Bedin2017-04-070-0/+0
| | |
| | * Workaround for Ansible 2.3 breakage (#31)Øystein Bedin2017-04-050-0/+0
| | |
| | * Updating to development release of ansible 2.3.0 to pull down bug fixes in ↵Eric Sauer2017-03-300-0/+0
| | | | | | | | | | | | HEAT module (#21)
| | * Created initial CHANGELOG.mdØystein Bedin2017-03-300-0/+0
| | |
| | * Openshift mgmt (#30)Øystein Bedin2017-03-260-0/+0
| | | | | | | | | Added prune_projects to the openshift-management role along with Ansible tower support
| | * Dns selinux (#28)Øystein Bedin2017-03-040-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | * Updated DNS server role + example playbook * Updated DNS server role + example playbook * Updated for SELinux boolean
| | * Updated DNS server role + example playbook (#27)Øystein Bedin2017-03-020-0/+0
| | | | | | | | | | | | | | | | | | * Updated DNS server role + example playbook * Updated DNS server role + example playbook
| | * Ensure DNS configuration has wildcards set for infra nodes (#24)Øystein Bedin2017-02-201-0/+10
| | | | | | | | | | | | | | | | | | * Ensure DNS configuration has wildcards set for infra nodes * Updated to include all cluster hosts for DNS entries
| | * Readme (#26)Øystein Bedin2017-02-200-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Updated documentation and example inventory * Update README.md Added "hint" * Update README.md Fix numbering in the markdown * Update README.md * Added docker_volume_size to the sample inventory * Added rhsm_pool to the sample inventory * Updated README per comments
| | * DNS server should NOT run docker (#25)Øystein Bedin2017-02-160-0/+0
| | |
| | * Nagios (#11)Øystein Bedin2017-02-110-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * First cut at the nagios work * Added NRPE service enabled * Updated implementation to be a bit more flexible * Updated logic to include checks for services * Added support for DNS and NFS checks * Updated templates and config files * Updated check_service script to simplify and avoid false negatives * Added support for OpenShift checks * Added README for the playbook * Updated README
| | * Defaulting the DNS instance to a small flavor (#20)Øystein Bedin2017-02-110-0/+0
| | |
| | * Renaming openstack images to align with CoP naming (#18)Eric Sauer2017-02-080-0/+0
| | |
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-03 03:38:54 +0000