| Age | Commit message (Collapse) | Author |
|---|
|
Automatic merge from submit-queue
Adding default for volume size if not set
Adds default for volume size if not provided but setting the storage kind
Addresses:
https://bugzilla.redhat.com/show_bug.cgi?id=1495203
https://github.com/openshift/openshift-ansible/issues/5525
This should go in after https://github.com/openshift/openshift-ansible/pull/5543
|
|
Fix missing quotes on openshift_aws_build_ami_ssh_user default
|
|
|
|
Automatic merge from submit-queue
logging: introducing event router
Initial concept integrating kubernetes events to EFK stack using [eventrouter](https://github.com/heptio/eventrouter)
- **eventrouter** is deployed to logging project, has a service account and its own role to read events
- **eventrouter** watches kubernetes events, marshalls them to JSON and outputs to its STDOUT
- **fluentd** picks them up and inserts to elastic search logging project index
Kubernetes events could be easily stored into different index. Among other ways, it could be achieved either by a fluentd filter plugin or custom eventrouter sink.
Pending actions:
- [x] - get our downstream and upstream images for eventrouter, don't use heptio's
cc: @josefkarasek , @jcantrill , @richm
|
|
More variables in AWS provisioning plays
|
|
Automatic merge from submit-queue
Support installation of NetworkManager for provisioned nodes
Currently, automated AWS provisionging fails when provisioning
with images that don't already have NetworkManager installed
and activated.
This commit adds NetworkManager to the build_ami provisioning
process, if not already installed.
|
|
Automatic merge from submit-queue
logging: fix kibana and kibana-ops defaults
- move kibana-ops defaults to `openshift_logging_kibana` role
- set kibana-ops memory limit to 256Mi to match kibana memory limit
**additional steps:**
- [ ] backport to 3.6
- [ ] backport to 3.5
- [x] wait for PR #5176 to merge and rebase
cc: @jcantrill
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
Automatic merge from submit-queue
Consolidate etcd common role
The last PR toward a single etcd role
|
|
Automatic merge from submit-queue
make difference filter output a list for Python3
Fixes: #3934
|
|
Automatic merge from submit-queue
Fluentd: one output tag, one output plugin (origin-aggregated-logging)
|
|
|
|
Automatic merge from submit-queue
Updating to check for netnamespace kube-service-catalog to be ready
When we are using the sdn multitentant plugin we need to wait for the netnamespace to be ready before we can make it a global project
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1487959
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
Automatic merge from submit-queue
Generate aggregator api client config in temporary directory.
The `run_once`'s probably aren't necessary since the role is ran serially.
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
Automatic merge from submit-queue
Passing in image parameter for tsb template
CC @jim-minter @deads2k @bparees
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
Automatic merge from submit-queue
Refactor openshift_hosted plays and role (version 2)
Currently, openshift_hosted role duplicates some logic
across separate task chains. This commit cleans up
the openshift_hosted role and converts it to be
primarily used with include_role to give better
logic to the playbooks that utilize this role.
This commit also refactors the playbook that calls
various openshift_hosted roles into individual playbooks.
This allows more granularity for advanced users.
-----
This version of the patch set rolls back some of the refactoring (removal of running fact roles as a dependency) and focuses on just realigning the roles and plays.
Original PR: https://github.com/openshift/openshift-ansible/pull/5284
Once this merges, I will close the old PR. Leaving it open for now for reference.
|
|
Automatic merge from submit-queue
Remove logging ES_COPY feature
This PR removes the ES_COPY feature that has been deprecated since 3.3
|
|
|
|
This commit adds more optional variables to provision
hosts in AWS environments.
These changes allow provisioning instances that utilize
an ssh_user other than root.
|
|
Currently, automated AWS provisionging fails when provisioning
with images that don't already have NetworkManager installed
and activated.
This commit adds NetworkManager to the build_ami provisioning
process, if not already installed.
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
Automatic merge from submit-queue
Detect the proper version of the images when using CRI-O
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1494357
|
|
- eventrouter has its own role 'openshift_logging_eventrouter' written as
a template
- 'openshift_logging_install_eventrouter' controls whether it gets included
in the playbook or not
- deployed by default to 'default' namespace
|
|
|
|
Automatic merge from submit-queue
check if the storage backend is set to etcd3 before upgrading to 3.7
SSIA
|
|
|
|
Automatic merge from submit-queue
Changes for Nuage atomic ansible install
|
|
|
|
Automatic merge from submit-queue
Move additional/block/insecure registires to /etc/containers/...
Move additional/block/insecure registires to /etc/containers/registries.conf
This commit moves additional/block/insecure registries to
/etc/containers/registries.conf and comments existing lines in
/etc/sysconfig/docker.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1460930
|
|
|
|
Adding <label @OUTPUT> to fluent.conf.
|
|
Automatic merge from submit-queue
#5362 GlusterFS fails to run more than once
#5362 Added the ability to have the GlusterFS ansible script run more than once. It also allows to update the topology of the Gluster cluster even if the Gluster cluster has already been deployed.
@dustymabe
|
|
Automatic merge from submit-queue
Consolidate etcd upgrade
Consolidates `etcd_upgrade` into the `etcd` role.
|
|
|
|
Currently, openshift_hosted role duplicates some logic
across separate task chains. This commit cleans up
the openshift_hosted role and converts it to be
primarily used with include_role to give better
logic to the playbooks that utilize this role.
This commit also refactors the playbook that calls
various openshift_hosted roles into individual playbooks.
This allows more granularity for advanced users.
|
|
|
|
Automatic merge from submit-queue
Add 3.7 scheduler predicates
In 3.7 we added NoVolumeNodeConflict and MaxAzureDiskVolumeCount predicate that needs to be installed.
Check carefully, I tested it on my virtual machine, but I did not manage to run the test.
|
|
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1494357
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
Automatic merge from submit-queue
resolve #5428: python-dbus not found
`python-dbus` is not available in centos standard repos, but:
> It appears python-dbus is just a reference to dbus-python
and `dbus-python` is.
|
|
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
Automatic merge from submit-queue
Use 3.7 RPM repo
|
|
Automatic merge from submit-queue
crio: skip installation on lbs and nfs nodes
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1494461
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
Automatic merge from submit-queue
Remove override default.py callback plugin
The functionality of this plugin has been added to Ansible as the [debug.py](https://github.com/ansible/ansible/blob/devel/lib/ansible/plugins/callback/debug.py) callback plugin. The Ansible default plugin has added a significant amount of functionality as well as updates to the CallbackBase class. When developing new plugins for OpenShift-Ansible this override can result in [unexpected](https://github.com/ansible/ansible/issues/27151) behavior.
This plugin was originally added in #1861.
|
|
Automatic merge from submit-queue
Fixed AnsibleUnsafeText by converting to int
Related to https://github.com/openshift/openshift-ansible/pull/5067
I've tested with custom values and it failed. This fixes the issue in my tests.
```
[cloud-user@bastion ~]$ grep -E 'osm|portal' /etc/ansible/hosts
osm_default_node_selector="role=app"
osm_use_cockpit=true
osm_cluster_network_cidr=10.130.0.0/14
osm_host_subnet_length=8
openshift_portal_net=10.111.0.0/16
```
After the installation:
```
[root@master-0 ~]# alias oetcdctl='etcdctl --cert-file=/etc/etcd/peer.crt --key-file=/etc/etcd/peer.key --ca-file=/etc/etcd/ca.crt --peers="https://master-0.edu.flannel.com:2379,https://master-1.edu.flannel.com:2379,https://master-2.edu.flannel.com:2379"'
[root@master-0 ~]# oetcdctl get /openshift.com/network/config
{
"Network": "10.130.0.0/14",
"SubnetLen": 24,
"Backend": {
"Type": "host-gw"
}
}
```
But, the subnets assigned to the nodes are on different subnet:
```
[root@master-0 ~]# oetcdctl ls /openshift.com/network/subnets
/openshift.com/network/subnets/10.128.83.0-24
/openshift.com/network/subnets/10.128.18.0-24
/openshift.com/network/subnets/10.128.77.0-24
/openshift.com/network/subnets/10.128.101.0-24
/openshift.com/network/subnets/10.128.20.0-24
/openshift.com/network/subnets/10.128.92.0-24
/openshift.com/network/subnets/10.128.58.0-24
/openshift.com/network/subnets/10.128.48.0-24
```
|
|
Automatic merge from submit-queue
Improve CA redeploy restart logic
Expired etcd certificates require special casing around restarts in the certificate redeploy playbooks. When etcd certificates are expired we can't restart masters or nodes. We also can't simply restart etcd because peers also had expired certificates so we must start/stop etcd when we detect expired etcd certificates.
`openshift-ca.yml`:
* No longer restart master services when etcd certificates were previously expired.
* No longer restart node services when master or etcd certificates were previously expired.
`etcd-ca.yml`:
* No longer restart master services when etcd certificates were previously expired.
Tested using [gen_expired_tls.sh](https://gist.github.com/abutcher/bdd20b9d582675d89fb22658689c49e4) on one of my master/etcd hosts to ensure that restart logic changes caused us to skip the right restarts and do a full start/stop of etcd in the `redeploy-certificates.yml` and `redeploy-etcd-certificates.yml` playbooks.
Note: When this happens with a cluster and you want to replace all certificates, you can run: `redeploy-etcd-ca.yml`, `redeploy-openshift-ca.yml` (which will both skip restarts) and then run `redeploy-certificates.yml` which will now be able to full/stop start etcd.
|
|
Automatic merge from submit-queue
Set master facts prior to adding new etcd client urls to master config.
`openshift_master` role dependencies were moved out of the role in https://github.com/openshift/openshift-ansible/pull/5392 so we need to call `openshift_master_facts` prior to patching the master config in etcd scaleup.
https://bugzilla.redhat.com/show_bug.cgi?id=1490304
|
|
Automatic merge from submit-queue
Fix registry_auth logic for upgrades
Currently, the logic for registry authentication is
not implemented correctly to account for upgrades of
containerized hosts.
Additionally, the logic to account for multiple runs
of openshift-ansible might cause registry authentication
credentials to not be mounted inside of containerized hosts.
This commit adds the necessary logic to ensure containerized
hosts retain registry credentials.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1494470
|
