summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Ansible version check updateTim Bielawa2016-11-291-3/+3
| | | | | We require ansible >= 2.2.0 now. Updating version checking playbook to reflect this change.
* Merge pull request #2880 from mtnbikenc/docker-dupJason DeTiberus2016-11-291-1/+0
|\ | | | | Remove duplicate when key
| * Remove duplicate when keyRussell Teague2016-11-291-1/+0
| |
* | Merge pull request #2831 from dgoodwin/upgrade-orderingScott Dodson2016-11-292-4/+4
|\ \ | | | | | | Fix rare failure to deploy new registry/router after upgrade.
| * | Fix rare failure to deploy new registry/router after upgrade.Devan Goodwin2016-11-212-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Router/registry update and re-deploy was recently reordered to immediately follow control plane upgrade, right before we proceed to node upgrade. In some situations (small or single host clusters) it appears possible that the deployer pods are running when the node in question is evacuated for upgrade. When the deployer pod dies the deployment is failed and the router/registry continue running the old version, despite the deployment config being updated correctly. This change re-orderes the router/registry upgrade to follow node upgrade. However for separate control plane upgrade, the router/registry still occurs at the end. This is because router/registry seems like they should logically be included in a control plane upgrade, and presumably the user will not manually launch node upgrade so quickly as to trigger an evac on the node in question. Workaround for this problem when it does occur is simply to: oc deploy docker-registry --latest
* | | Merge pull request #2853 from alexcern/dhcpv6Scott Dodson2016-11-291-1/+1
|\ \ \ | | | | | | | | Set nameservers on DHCPv6 event
| * | | Set nameservers on DHCPv6 eventAlex Lossent2016-11-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | A dhcp6-change event may happen on nodes running dual stack IPv4/IPv6 and DHCP, even if Openshift itself doesn't use IPv6. /etc/resolv.conf needs be adjusted as well in this case.
* | | | Merge pull request #2876 from dustymabe/dusty-fix-etcd-selinuxScott Dodson2016-11-291-1/+1
|\ \ \ \ | |_|_|/ |/| | | fix selinux issues with etcd container
| * | | fix selinux issues with etcd containerDusty Mabe2016-11-281-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make it so that we don't relabel /etc/etcd/ (via `:z`) on every run. Doing this causes systemd to fail accessing /etc/etcd/etcd.conf when trying to run the systemd unit file on the next run. Convert it from `:z` to `:ro` since we only need read-only access to the files. Fixes #2811
* | | | Merge pull request #2868 from mtnbikenc/systemd-refactorJason DeTiberus2016-11-2956-189/+230
|\ \ \ \ | | | | | | | | | | Refactored to use Ansible systemd module
| * | | | Refactored to use Ansible systemd moduleRussell Teague2016-11-2856-189/+230
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Ansible systemd module used in place of service module * Refactored command tasks which are no longer necessary * Applying rules from openshift-ansible Best Practices Guide
* | | | | Merge pull request #2870 from mscherer/fix_2869Jason DeTiberus2016-11-291-1/+11
|\ \ \ \ \ | | | | | | | | | | | | Gracefully handle OpenSSL module absence
| * | | | | Gracefully handle OpenSSL module absenceMichael Scherer2016-11-281-1/+11
| | | | | | | | | | | | | | | | | | | | | | | | Should fix #2869
* | | | | | Merge pull request #2874 from sdodson/etcd_embedded_upgradeScott Dodson2016-11-291-0/+3
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | etcd upgrade playbook is not currently applicable to embedded etcd in…
| * | | | | etcd upgrade playbook is not currently applicable to embedded etcd installsScott Dodson2016-11-281-0/+3
|/ / / / / | | | | | | | | | | | | | | | Fixes Bug 1395945
* | | | | Merge pull request #2872 from dgoodwin/etcd-embedded-backupScott Dodson2016-11-281-1/+1
|\ \ \ \ \ | |/ / / / |/| | | | Fix invalid embedded etcd fact in etcd upgrade playbook.
| * | | | Fix invalid embedded etcd fact in etcd upgrade playbook.Devan Goodwin2016-11-281-1/+1
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1398549 Was getting a different failure here complaining that openshift was not in the facts, as we had not loaded facts for the first master during playbook run. However this check was used recently in upgrade_control_plane and should be more reliable.
* | | | Merge pull request #2858 from ↵Jason DeTiberus2016-11-282-0/+13
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | lhuard1A/fix_list_after_create_on_libvirt_and_openstack Fix the list done after cluster creation on libvirt and OpenStack
| * | | Fix the list done after cluster creation on libvirt and OpenStackLénaïc Huard2016-11-242-0/+13
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `list.yml` playbooks are using cloud provider specific variables to find the IPs of the VMs since 82449c6. Those “cloud provider specific” variables are the ones provided by the dynamic inventories. But there was a problem when the `list.yml` playbooks are invoked from the `launch.yml` ones because, in that case, the inventory is not coming from the dynamic inventory scripts, but from the `add_host` done inside `launch_instances.yml`. Whereas the GCE and AWS `launch_instances.yml` were correctly adding in the `add_host` the variables used by `list.yml`, libvirt and OpenStack were missing that. Fixes #2856
* | | Merge pull request #2865 from mtnbikenc/ansible-2.2-docsScott Dodson2016-11-285-5/+5
|\ \ \ | | | | | | | | Updating docs for Ansible 2.2 requirements
| * | | Updating docs for Ansible 2.2 requirementsRussell Teague2016-11-285-5/+5
| |/ /
* | | Merge pull request #2842 from mscherer/check_dbus_moduleScott Dodson2016-11-281-2/+10
|\ \ \ | | | | | | | | Verify the presence of dbus python binding
| * | | Verify the presence of dbus python bindingMichael Scherer2016-11-231-2/+10
| | | | | | | | | | | | | | | | | | | | | | | | While the proper fix is to have it installed by default, this commit will also permit to have a better error message in the case the module is not present (as running on python 3)
* | | | Merge pull request #2836 from abutcher/BZ1393645Scott Dodson2016-11-287-26/+66
|\ \ \ \ | |_|/ / |/| | | Merge admission plugin configs
| * | | Merge kube_admission_plugin_config with admission_plugin_configSamuel Munilla2016-11-227-26/+66
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Move the values in kube_admission_plugin_config up one level per the new format from 1.3: "The kubernetesMasterConfig.admissionConfig.pluginConfig should be moved and merged into admissionConfig.pluginConfig."
* | | | Merge pull request #2851 from mtnbikenc/os_firewall-fixJason DeTiberus2016-11-232-2/+2
|\ \ \ \ | | | | | | | | | | Systemd `systemctl show` workaround
| * | | | Systemd `systemctl show` workaroundRussell Teague2016-11-232-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `systemctl show` would exit with RC=1 for non-existent services in v231. This caused the Ansible systemd module to exit with a failure of running the `systemctl show` command instead of exiting stating the service was not found. This change catches both failures on either older or newer versions of systemd. The change in systemd exit status could be resolved in systemd v232. https://github.com/systemd/systemd/commit/3dced37b7c2c9a5c733817569d2bbbaa397adaf7
* | | | | Merge pull request #2846 from jfchevrette/patch-1Jason DeTiberus2016-11-221-1/+3
|\ \ \ \ \ | |/ / / / |/| | | | Update README.md
| * | | | Update README.mdJean-Francois Chevrette2016-11-221-1/+3
|/ / / / | | | | | | | | add missing dependencies
* | | | Merge pull request #2845 from abutcher/fix-mixed-envJason DeTiberus2016-11-223-9/+9
|\ \ \ \ | | | | | | | | | | Fix issues encountered in mixed environments
| * | | | Reference master binaries when delegating from node hosts which may be ↵Andrew Butcher2016-11-223-9/+9
| | | | | | | | | | | | | | | | | | | | containerized.
* | | | | Merge pull request #2838 from mscherer/port_py3Jason DeTiberus2016-11-221-1/+2
|\ \ \ \ \ | |/ / / / |/| | | | Make os_firewall_manage_iptables run on python3
| * | | | Make os_firewall_manage_iptables run on python3Michael Scherer2016-11-221-1/+2
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It fail with that traceback: Traceback (most recent call last): File \"/tmp/ansible_ib5gpbsp/ansible_module_os_firewall_manage_iptables.py\", line 273, in <module> main() File \"/tmp/ansible_ib5gpbsp/ansible_module_os_firewall_manage_iptables.py\", line 257, in main iptables_manager.add_rule(port, protocol) File \"/tmp/ansible_ib5gpbsp/ansible_module_os_firewall_manage_iptables.py\", line 87, in add_rule self.verify_chain() File \"/tmp/ansible_ib5gpbsp/ansible_module_os_firewall_manage_iptables.py\", line 82, in verify_chain self.create_jump() File \"/tmp/ansible_ib5gpbsp/ansible_module_os_firewall_manage_iptables.py\", line 142, in create_jump input_rules = [s.split() for s in output.split('\\n')]
* | | | Merge pull request #2817 from mtnbikenc/os_firewall-refactorJason DeTiberus2016-11-224-105/+26
|\ \ \ \ | | | | | | | | | | Refactor os_firewall role
| * | | | Refactor os_firewall roleRussell Teague2016-11-214-105/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Remove unneeded tasks duplicated by new module functionality * Ansible systemd module has 'masked' and 'daemon_reload' options * Ansible firewalld module has 'immediate' option
* | | | | Merge pull request #2837 from vishpat/service-accountJason DeTiberus2016-11-221-1/+1
|\ \ \ \ \ | | | | | | | | | | | | Modified the error message being checked for
| * | | | | Modified the error message being checked forVishal Patil2016-11-211-1/+1
| | | | | |
* | | | | | Merge pull request #2771 from stevekuznetsov/skuznets/network-managerScott Dodson2016-11-221-0/+36
|\ \ \ \ \ \ | | | | | | | | | | | | | | Added a BYO playbook for configuring NetworkManager on nodes
| * | | | | | Added a BYO playbook for configuring NetworkManager on nodesSteve Kuznetsov2016-11-221-0/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In order to do a full install of OpenShfit using the byo/config.yml playbook, it is currently required that NetworkManager be installed and configured on the nodes prior to the installation. This playbook introduces a very simple default configuration that can be used to install, configure and enable NetworkManager on their nodes. Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>
* | | | | | | Merge pull request #2711 from simon3z/hawkular-cluster-roleScott Dodson2016-11-222-0/+25
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Add hawkular admin cluster role to management admin
| * | | | | | | Add hawkular admin cluster role to management adminFederico Simoncelli2016-11-032-0/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
* | | | | | | | Merge pull request #2840 from mscherer/fix_f25Scott Dodson2016-11-221-0/+1
|\ \ \ \ \ \ \ \ | |_|_|_|_|/ / / |/| | | | | | | Make the role work on F25 Cloud
| * | | | | | | Make the role work on F25 CloudMichael Scherer2016-11-221-0/+1
|/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On F24 and earlier, systemctl show always returned 0. On F25, it return 1 when a service do not exist, and thus the role fail on Fedora 25 cloud edition.
* | | | | | | Merge pull request #2818 from mtnbikenc/package-refactorScott Dodson2016-11-2138-77/+84
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Refactor to use Ansible package module
| * | | | | | | Refactor to use Ansible package moduleRussell Teague2016-11-1738-77/+84
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Ansible package module will call the correct package manager for the underlying OS.
* | | | | | | | Merge pull request #2833 from dustymabe/dusty-tunedJason DeTiberus2016-11-211-1/+7
|\ \ \ \ \ \ \ \ | |_|_|_|_|_|/ / |/| | | | | | | Only run tuned-adm if tuned exists.
| * | | | | | | Only run tuned-adm if tuned exists.Dusty Mabe2016-11-211-1/+7
| | |_|_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fedora Atomic Host does not have tuned installed. Fixes #2809
* | | | | | | Merge pull request #2827 from abutcher/BZ1377619Jason DeTiberus2016-11-213-41/+51
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | Allow ansible to continue when a node is unaccessible or fails.
| * | | | | | Delegate openshift_manage_node tasks to master host.Andrew Butcher2016-11-212-41/+46
| | | | | | |
| * | | | | | Allow ansible to continue when a node is unaccessible or fails.Andrew Butcher2016-11-182-1/+6
| | | | | | |