summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #5740 from ↵OpenShift Merge Robot2017-10-121-1/+9
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | mgugino-upstream-stage/ensure_docker_containerized_lb Automatic merge from submit-queue. Ensure docker is installed for containerized load balancers Currently, containerized load balancers may not have docker configured by openshift-ansible. This commit ensures that containerized load balancers have the openshift_docker role applied. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1496756
| * Ensure docker is installed for containerized load balancersMichael Gugino2017-10-121-1/+9
| | | | | | | | | | | | | | | | | | | | Currently, containerized load balancers may not have docker configured by openshift-ansible. This commit ensures that containerized load balancers have the openshift_docker role applied. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1496756
* | Merge pull request #5741 from mtnbikenc/fix-1484324OpenShift Merge Robot2017-10-121-2/+4
|\ \ | |/ |/| | | | | | | | | | | | | Automatic merge from submit-queue. 1484324 Ensure upgrade playbook exits on health check failures Adds `any_errors_fatal: true` https://bugzilla.redhat.com/show_bug.cgi?id=1484324
| * Ensure upgrade playbook exits on health check failuresRussell Teague2017-10-121-2/+4
| | | | | | | | https://bugzilla.redhat.com/show_bug.cgi?id=1484324
* | Merge pull request #5690 from mgugino-upstream-stage/provisioning-docsOpenShift Merge Robot2017-10-129-183/+284
|\ \ | |/ |/| | | | | | | | | | | | | | | Automatic merge from submit-queue. Provisioning Documentation Updates Updating provisioning documents. Also moved some steps from build_ami.yml to a new play for better reusability.
| * Provisioning Documentation UpdatesMichael Gugino2017-10-119-183/+284
| | | | | | | | | | | | | | Updating provisioning documents. Also moved some steps from build_ami.yml to a new play for better reusability.
* | Automatic commit of package [openshift-ansible] release [3.7.0-0.149.0].Jenkins CD Merge Bot2017-10-122-2/+12
| | | | | | | | | | | | Created by command: /usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
* | Merge pull request #5727 from mtnbikenc/fix-1499254OpenShift Merge Robot2017-10-111-0/+1
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. 1499254 Ensure host was reached for proper conditional validation If a host was unreachable during module setup, facts will not be initialized properly and will result in later failures when stepping through host groups. Verification that 'openshift' is defined will skip any hosts which were previously unreachable and did not have facts initialized. Fixes 1499254 https://bugzilla.redhat.com/show_bug.cgi?id=1499254
| * | Ensure host was reached for proper conditional validationRussell Teague2017-10-111-0/+1
| |/ | | | | | | | | | | | | | | | | | | | | | | If a host was unreachable during module setup, facts will not be initialized properly and will result in later failures when stepping through host groups. Verification that 'openshift' is defined will skip any hosts which were previously unreachable and did not have facts initialized. Fixes 1499254 https://bugzilla.redhat.com/show_bug.cgi?id=1499254
* | Merge pull request #5672 from ingvagabund/migrate-embedded-etcdOpenShift Merge Robot2017-10-1128-63/+376
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Migrate embedded etcd to external etcd Trello card: https://trello.com/c/9fnBfkT5/528-migrate-embedded-etcd-hosts-to-external-process?menu=filter&filter=label:committed-3.7 Tested on: - [x] embedded etcd -> external rpm etcd - [x] embedded etcd -> external docker etcd One needs to set the `openshift_image_tag` before running the migration to containerized docker etcd.
| * | Remove etcd health checkScott Dodson2017-10-101-20/+4
| | |
| * | migrate embedded etcd to external etcdJan Chaloupka2017-10-0628-63/+392
| | |
* | | Merge pull request #5716 from mgugino-upstream-stage/fix-debug_levelScott Dodson2017-10-1117-48/+58
|\ \ \ | | | | | | | | Fix broken debug_level
| * | | Fix broken debug_levelMichael Gugino2017-10-1117-48/+58
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, debug_level is documented as a way to change the debug output level for both masters and nodes. debug_level does not currently have any effect. This commit removes debug_level from openshift_facts and properly sets openshift_master_debug_level and openshift_node_debug_level to the value of debug_level specified in the inventory. This commit also reorganizes some set_fact tasks needed during master upgrades to put all work-around set-facts for undefined variables in one place, allowing for easier cleanup in the future. This includes an entry for openshift_master_debug_level. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1500164
* | | Merge pull request #5721 from mgugino-upstream-stage/fix-docker-iptablesScott Dodson2017-10-111-1/+8
|\ \ \ | | | | | | | | Ensure docker service status actually changes
| * | | Ensure docker service status actually changesMichael Gugino2017-10-111-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, docker is started during the docker role. If docker is started during the run of the role, the handler to restart docker is not triggered to prevent excess restarts of the docker service. The systemd docker that starts the docker service may report the result of the task as 'changed' even though docker is already running and the state of the service itself does not change. This commit checks the status of the docker service before starting it to ensure that docker was not in an 'active' state according to systemd. If the docker service is already in the 'active' state, the restart handler will trigger and restart docker at the end of the run of the role. Fixes: https://github.com/openshift/origin/issues/16709
* | | | Merge pull request #5617 from simo5/up36roleOpenShift Merge Robot2017-10-113-11/+90
|\ \ \ \ | |_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Force reconciliation of role for 3.6 This is needed because in 3.6 we cannot reconcile non-cluster roles in the bootstrap reconciliation code. In 3.7 this is taken care of in code.
| * | | Display warnings at the end of the control plane upgradeScott Dodson2017-10-101-11/+14
| | | |
| * | | Force reconciliation of role for 3.6Simo Sorce2017-10-102-0/+76
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is needed because in 3.6 we cannot reconcile non-cluster roles in the bootstrap reconciliation code. In 3.7 this is taken care of in code. Signed-off-by: Simo Sorce <simo@redhat.com>
* | | | Automatic commit of package [openshift-ansible] release [3.7.0-0.148.0].Jenkins CD Merge Bot2017-10-112-2/+14
| | | | | | | | | | | | | | | | | | | | | | | | Created by command: /usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
* | | | Merge pull request #5659 from mtnbikenc/fix-checkpointingOpenShift Merge Robot2017-10-1013-50/+25
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Allow checkpoint status to work across all groups Conditionals placed in inventories were not being applied to localhost causing the checkpoint status to not be updated properly. Moving to the `oo_all_hosts` group will correctly pick up the conditional and apply regardless of which group (or host) may have that conditional set.
| * | | | Allow checkpoint status to work across all groupsRussell Teague2017-10-0413-50/+25
| | | | |
* | | | | Merge pull request #5129 from maxamillion/fedora-compatOpenShift Merge Robot2017-10-102-3/+39
|\ \ \ \ \ | |_|_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Fedora compat fixes for package version checks and dnf bug workaround Fix a couple things that don't work with Fedora: - Don't attempt to version check components, they aren't going to match the hard coded RHEL package versions. - Work around a [bug in dnf](https://bugzilla.redhat.com/show_bug.cgi?id=1199432)'s python API that throws an error when a package spec has a `*` character in the Release field Once we're done with review, I'll squash commits.
| * | | | rebase on masterAdam Miller2017-10-061-1/+1
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Adam Miller <maxamillion@fedoraproject.org>
| * | | | Add fedora compatibilityAdam Miller2017-10-062-4/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - don't check pkg versions on Fedora, it won't work; they move faster than RHEL and it's not realistic to maintain that package list. - handle differences between yum and dnf pkgspec for excluder - work-around for a bug in dnf https://bugzilla.redhat.com/show_bug.cgi?id=1199432 - make requirement verify one play, don't run unnecessary checks on Fedora
* | | | | Merge pull request #5693 from nhosoi/bz1490647OpenShift Merge Robot2017-10-101-3/+9
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Bug 1490647 - logging-fluentd deployed with openshift_logging_use_mux=false fails to start due to missing If openshift_logging_use_mux=False and openshift_logging_mux_allow_external=False, then all other mux related parameters should be set to False (if boolean) or removed (e.g. openshift_logging_mux_client_mode should be undefined).
| * | | | | Bug 1490647 - logging-fluentd deployed with openshift_logging_use_mux=false ↵Noriko Hosoi2017-10-101-3/+9
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fails to start due to missing If openshift_logging_use_mux=False and openshift_logging_mux_allow_external=False, then all other mux related parameters should be set to False (if boolean) or removed (e.g. openshift_logging_mux_client_mode should be undefined).
* | | | | Merge pull request #5645 from jmencak/tuned-role-lbOpenShift Merge Robot2017-10-1011-9/+25
|\ \ \ \ \ | |/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Separate tuned daemon setup into a role. Also adding support for the loadbalancer. It is important to raise ARP cache limits on HA setups with loadbalancers serving 1k+ nodes.
| * | | | Separate tuned daemon setup into a role.Jiri Mencak2017-10-1011-9/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, profiles for the tuned daemon are set only for OpenShift node(s). This excludes the OpenShift loadbalancer. As a result, ARP cache limits on loadbalancers are not raised. This causes problems with HA setups where loadbalancers serve 1k+ OpenShift nodes. This commit ensures the openshift-control-plane role is applied to loadbalancers, masters and OpenShift infra nodes. Regular OpenShift worker nodes get the openshift-node profile. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1498213
* | | | | Merge pull request #5585 from nak3/bz#1496593OpenShift Merge Robot2017-10-101-3/+3
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Add valid search when search does not exist on resolv.conf Current fix https://github.com/openshift/openshift-ansible/pull/5433 still misses to add `search cluster.local`. The logic needs to be: 1. When `search` does not exist, adds `search cluster.local`. 2. When `search.*.cluster.local` does not exist, adds(sed) `cluster.local`. in this order. cc @sdodson @caruccio
| * | | | | Add valid search when search does not exist on resolv.confKenjiro Nakayama2017-09-291-3/+3
| | | | | |
* | | | | | Merge pull request #5711 from ↵Scott Dodson2017-10-102-2/+2
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | giuseppe/docker-crio-expect-openshiftrelease-with-v crio, docker: expect openshift_release to have 'v'
| * | | | | | crio, docker: expect openshift_release to have 'v'Giuseppe Scrivano2017-10-102-2/+2
| | |/ / / / | |/| | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #5713 from mtnbikenc/fix-inventoryScott Dodson2017-10-101-2/+2
|\ \ \ \ \ \ | |/ / / / / |/| | | | | Fix typo in inventory example
| * | | | | Fix typo in inventory exampleRussell Teague2017-10-101-2/+2
|/ / / / /
* | | | | Automatic commit of package [openshift-ansible] release [3.7.0-0.147.0].Jenkins CD Merge Bot2017-10-102-2/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Created by command: /usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
* | | | | Merge pull request #5695 from giuseppe/image_tag_default_to_releaseOpenShift Merge Robot2017-10-093-13/+35
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. docker, CRI-O: openshift_image_tag defaults to openshift_release Replace: commit c2c4ba7ec62d4dfd87d746d20991e10f2bd1bddf Author: Giuseppe Scrivano <gscrivan@redhat.com> Date: Tue Sep 26 09:01:59 2017 +0200 Require openshift_image_tag in the inventory with openshift-enterprise Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> with using openshift_release for openshift_image_tag so we don't require users to include both in their inventory. Probably it is only a temporary solution until the openshift_image_tag vs openshift_release when using Docker/CRI-O is sorted out. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1493376
| * | | | | crio, docker: use openshift_release when openshift_image_tag is not usedGiuseppe Scrivano2017-10-093-12/+34
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | crio: fix typoGiuseppe Scrivano2017-10-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #5698 from abutcher/servinginfo-client-caOpenShift Merge Robot2017-10-092-6/+2
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Bug 1493276: Setting servingInfo.clientCA to ca-bundle.crt can cause unwanted client cert popups in browser when hitting console https://bugzilla.redhat.com/show_bug.cgi?id=1493276
| * | | | | | Ensure servingInfo.clientCA is set as ca.crt rather than ca-bundle.crt.Andrew Butcher2017-10-092-6/+2
| | | | | | |
* | | | | | | Merge pull request #5368 from jianlinliu/bz1490738Scott Dodson2017-10-091-2/+2
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Update registry_config.j2 to fix BZ#1490738
| * | | | | | | Update registry_config.j2Jianlin Liu2017-09-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | setting openshift_hosted_registry_storage_gcs_rootdirectory default value
| * | | | | | | Update registry_config.j2Jianlin Liu2017-09-121-1/+1
| | | | | | | |
* | | | | | | | Merge pull request #5705 from mgugino-upstream-stage/docker-partof-iptablesScott Dodson2017-10-091-0/+6
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Add PartOf to docker systemd service unit.
| * | | | | | | | Add PartOf to docker systemd service unit.Michael Gugino2017-10-091-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, if iptables service is restarted, existing iptables rules are removed. Docker adds iptables rules dyanmically upon startup and container creation. Restarting the iptables service results in a loss of these needed iptables rules. This commit ensures that if iptables service is restarted by anisble or the user, docker is also restarted. This ensures the proper dynamic iptables rules are in place for docker. Fixes: openshift/origin#16709
* | | | | | | | | Merge pull request #5699 from giuseppe/crio-use-systemdOpenShift Merge Robot2017-10-091-1/+1
|\ \ \ \ \ \ \ \ \ | |/ / / / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. crio: use systemd manager fix a regression introduced last week. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | | | | crio: use systemd managerGiuseppe Scrivano2017-10-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | | | | Automatic commit of package [openshift-ansible] release [3.7.0-0.146.0].Jenkins CD Merge Bot2017-10-092-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Created by command: /usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
* | | | | | | | | Merge pull request #5650 from mgugino-upstream-stage/skopeo-auth-credsOpenShift Merge Robot2017-10-093-83/+76
|\ \ \ \ \ \ \ \ \ | |/ / / / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Add authentication credentials to skopeo for image check Currently, docker_image_availability health_check does not support authenticated registries. This commit adds the '--creds=' option to skopeo if needed to support authentication credentials. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341