| Age | Commit message (Collapse) | Author |
|---|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
Automatic merge from submit-queue.
Add enclosing <store> tags to sample secure-forward.conf files
This fixes [BZ#1498398](https://bugzilla.redhat.com/show_bug.cgi?id=1498398)
The examples provided in the documentation to configure the secure forward mention the configuration must be enclosed between the <store> tag. For that I think the examples should include it as well.
See [3.6 Documentation](https://docs.openshift.com/container-platform/3.6/install_config/aggregate_logging.html#aggregated-fluentd)
~~~
<store>
@type secure_forward
self_hostname pod-${HOSTNAME}
shared_key thisisasharedkey
secure yes
enable_strict_verification yes
ca_cert_path /etc/fluent/keys/your_ca_cert
ca_private_key_path /etc/fluent/keys/your_private_key
ca_private_key_passphrase passphrase
<server>
host ose1.example.com
port 24284
</server>
<server>
host ose2.example.com
port 24284
standby
</server>
<server>
host ose3.example.com
port 24284
standby
</server>
</store>
~~~
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
Automatic merge from submit-queue.
Playbook Consolidation - openshift-checks
- Create playbooks/openshift-checks directory
- Move everything from playbooks/byo/openshift-checks to playbooks/openshift-checks
- Move everything from playbooks/common/openshift-checks to playbooks/openshift-checks/private
- Fix all include path references throughout playbooks/
Trello: https://trello.com/c/2Rx1uvjz/547-2-playbook-consolidation-openshift-checks
|
|
GlusterFS: Add configuration for auto creating block-hosting volumes
|
|
papr: auto-detect image tag to use and bump to f27
|
|
Current PAPR tests are failing because we're using an outdated image
tag. Switch to auto-magically determining which image tag to use based
on the branch the PR we're running in is targeting, which lets us not
have to worry about the tag version becoming stale again. This is
similar to what the containerized tests from `aos-cd-jobs` are doing
(i.e. use `git describe --abbrev=0` in the target branch to determine
the image tag to use).
Also bump to the brand new f27 release, which allows us to drop the
temporary workaround for the glibc/libsolv bug.
|
|
Automatic merge from submit-queue.
Updating mtu value to int
|
|
Automatic merge from submit-queue.
fix the logging-es-prometheus selector
This PR fixes the the service selector for the prometheus service
|
|
|
|
Automatic merge from submit-queue.
Combine openshift_node and openshift_node_upgrade
Currently, having openshift_node and openshift_node_upgrade
as two distinct roles has created a duplication across
handlers, templates, and some tasks.
This commit combines the roles to reduce duplication
and bugs encountered by not putting code in both places.
|
|
Automatic merge from submit-queue.
registry-console tech debt
Followup to https://github.com/openshift/openshift-ansible/pull/5829
Replaces https://github.com/openshift/openshift-ansible/pull/6093
Fixes the construction and checking of registry-console images to be as similar as it can get to those constructed from the traditional `oreg_url` without tacking on `ose-` or `origin-` to the base name.
I did not see a reason for having `registry.access.redhat.com/` as a hardcoded enterprise default so I took it out. Someone say something if there was a good reason for this.
|
|
|
|
Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
|
|
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
Automatic merge from submit-queue.
logging with static pvc: allow specifying the storage class name
See https://github.com/openshift/openshift-ansible/issues/6028 for more info and motivation.
|
|
Initial Kuryr Ports Pool Support
|
|
Fix openstack init
|
|
|
|
Currently, having openshift_node and openshift_node_upgrade
as two distinct roles has created a duplication across
handlers, templates, and some tasks.
This commit combines the roles to reduce duplication
and bugs encountered by not putting code in both places.
|
|
Add the OpenStack provider
|
|
Playbook Consolidation - Initialization
|
|
Automatic merge from submit-queue.
Bug 1510496 - logging: honor ES PVC size
fix for https://bugzilla.redhat.com/show_bug.cgi?id=1510496
|
|
Automatic merge from submit-queue.
Adding support for cluster-autoscaler.
This is the kubernetes cluster-autoscaler role.
Features:
- Updated lib_openshift to handle --role-namespace when modifying/creating rolebindings for specific namespaced role objects
- openshift_cluster_autoscaler role to deploy the autoscaler
|
|
Automatic merge from submit-queue.
Ensure node service is started.
When bootstrapping nodes we need to restart networkmanager so that the /etc/resolv.conf is properly populated. We also restart the node service after making changes to the unit files.
|
|
Automatic merge from submit-queue.
Add role to configure project request template
The OpenShift master role already supports changing the master
configuration to refer to a project template, but there's no way to
manage that template directly. This role adds the necessary code to
generate a default template and to apply customizations using the
"yedit" module.
We need to configure custom services and endpoints in every project. The project request template enables us to do that automatically in every project and we'd like to manage the template using Ansible.
|
|
Automatic merge from submit-queue.
Minor tweaks to ansible.cfg and example inventory
- Adds reference to plugins and library path to support removal of symlinks
- Removes references to old example inventories
- Corrects deprecated ansible_ssh_user
- Adds [nfs] group for proper parsing of the example inventory
|
|
Automatic merge from submit-queue.
Updating logging components image defaulting pattern
Matches openshift_logging pattern and pattern used by other ansible components
Addresses:
https://bugzilla.redhat.com/show_bug.cgi?id=1505681
|
|
Automatic merge from submit-queue.
Create prometheus configmaps before statefulset
Originally statefulset was created before configmaps and the pod would have a "FailedMount" warning for a few seconds until the configmaps are created.
Now the configmaps are created before the statefulset to avoid that warning.
|
|
Automatic merge from submit-queue.
Start requiring Ansible 2.4
We've tested Ansible 2.4 and need to start addressing deprecation warnings. This change will allow us to start migrating away from the `include:` directive as well as make necessary changes for obsolete AWS modules.
|
|
Automatic merge from submit-queue.
Combine master upgrade play with role
Currently, there are plays importing tasks directly from
openshift_master role. This has caused numerous bugs
and code duplicaiton in the past.
This commit combines the upgrade into openshift_master role
utilizing include_role syntax.
|
|
enable option to configure basename in image
docker_image_availability check: follow registry-console image options
|
|
don't hardcode the enterprise registry; construct the image like origin
|
|
don't hardcode the enterprise registry; construct the image like origin
|
|
don't hardcode the enterprise registry; construct the image like origin
|
|
Fixing docker crio installation.
|
|
|
|
|
|
Automatic merge from submit-queue.
Fix stale data in openshift_facts for logging
Currently, some stale facts may be present in
'/etc/ansible/facts.d/openshift.fact' which causes
openshift_facts to fail.
This commit ensures that the data for the 'logging' key
in that file is a dictionary; otherwise we re-initialize
a new dictionary.
Fixes: https://github.com/openshift/openshift-ansible/issues/6057
|
|
Removed old version code
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
|
|
Automatic merge from submit-queue.
Proposal: container_runtime role
This is a proposal meant to facilitate discussion.
Input is welcome.
|
|
- Adds reference to plugins and library path to support removal of symlinks
- Removes references to old example inventories
- Corrects deprecated ansible_ssh_user
- Adds [nfs] group for proper parsing of the example inventory
|
|
mgugino-upstream-stage/syscontainers-docker-login-module
Automatic merge from submit-queue.
Alternative method to create docker registry auth creds
Currently, the command 'docker login' is run when using
oreg with authentication.
On some hosts, such as hosts configured to use system containers,
the docker service is not running. 'docker login' will fail
without the docker service running.
This commit adds a module to idempotently add credentials
to the registry credentials file without the use of
'docker login'
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1511374
|
|
Automatic merge from submit-queue.
Switch up the cluster install order.
The purpose of this pull request is to change the order of installation to the following:
- Provision masters
- Install masters
- Provision node groups (infra/compute)
- Join nodes to cluster (approval process)
- Call hosted playbooks on entire cluster
This model of install is a bit more robust than the previous one of bringing up nodes after hosted has been installed. This method allows us to have all nodes available when the services are being configured rather than after-the-fact.
|
|
Automatic merge from submit-queue.
Cleans up additional artifacts in uninstall. Closes 3082
Closes #3082
|
|
Automatic merge from submit-queue.
Run registry auth after docker restart
Currently, docker login may fail if a proxy is added to the config
but docker is already running.
This is due to the fact that 'docker login' must have a functioning
docker.service running (with valid network connection) to complete.
Currently, handlers restart the docker service at the end of
the role. This doesn't allow for updating proxy settings before
running docker login.
This commit moves 'docker login' command after flushing handlers.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1511869
|
|
Automatic merge from submit-queue.
Instance profile support.
Purpose of this PR is to remove the AWS cloud-provider credentials from the node and use instance profiles during provisioning time.
|
