| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|\ \ \ \
| |_|/ /
|/| | | |
Fix registry/router being created despite no infra nodes.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fix a bug with determining the correct number of replicas to use, and
guarding the creation of the router/registry on whether or not replicas
is > 0.
|
|\ \ \ \
| | | | |
| | | | | |
a-o-i: write missing openshift_node_labels
|
| | | | | |
|
|/ / / / |
|
|\ \ \ \
| | | | |
| | | | | |
a-o-i: Support for arbitrary host-level variables
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This allows the user to set a block containing any variables they want to set per-host
instead of per-role.
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Beautiful -v output from ansible
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
When supporting openshift-ansible, users share pastes like::
TASK: [openshift_serviceaccounts | Grant the user access to the privileged scc] ***
changed: [li1491-86.members.linode.com] => (item=['router', {'cmd': ['oc', 'get', 'scc', 'privileged', '-o', 'yaml'], 'end': '2016-05-05 13:31:50.216857', 'stderr': u'', 'stdout': 'allowHostDirVolumePlugin: true\nallowHostIPC: true\nallowHostNetwork: true\nallowHostPID: true\nallowHostPorts: true\nallowPrivilegedContainer: true\nallowedCapabilities: null\napiVersion: v1\ndefaultAddCapabilities: null\nfsGroup:\n type: RunAsAny\ngroups:\n- system:cluster-admins\n- system:nodes\nkind: SecurityContextConstraints\nmetadata:\n annotations:\n kubernetes.io/description: \'privileged allows access to all privileged and host\n features and the ability to run as any user, any group, any fsGroup, and with\n any SELinux context. WARNING: this is the most relaxed SCC and should be used\n only for cluster administration. Grant with caution.\'\n creationTimestamp: 2016-05-05T13:30:06Z\n name: privileged\n resourceVersion: "371"\n selfLink: /api/v1/securitycontextconstraints/privileged\n uid: 7ae22005-12c5-11e6-9bc5-06174e73e52a\npriority: null\nreadOnlyRootFilesystem: false\nrequiredDropCapabilities: null\nrunAsUser:\n type: RunAsAny\nseLinuxContext:\n type: RunAsAny\nsupplementalGroups:\n type: RunAsAny\nusers:\n- system:serviceaccount:openshift-infra:build-controller\n- system:serviceaccount:management-infra:management-admin\n- system:serviceaccount:management-infra:inspector-admin\nvolumes:\n- \'*\'', 'item': 'privileged', 'changed': False, 'rc': 0, 'failed': False, 'warnings': [], 'delta': '0:00:00.264340', 'invocation': {'module_name': u'command', 'module_complex_args': {}, 'module_args': u'oc get scc privileged -o yaml'}, 'stdout_lines': ['allowHostDirVolumePlugin: true', 'allowHostIPC: true', 'allowHostNetwork: true', 'allowHostPID: true', 'allowHostPorts: true', 'allowPrivilegedContainer: true', 'allowedCapabilities: null', 'apiVersion: v1', 'defaultAddCapabilities: null', 'fsGroup:', ' type: RunAsAny', 'groups:', '- system:cluster-admins', '- system:nodes', 'kind: SecurityContextConstraints', 'metadata:', ' annotations:', " kubernetes.io/description: 'privileged allows access to all privileged and host", ' features and the ability to run as any user, any group, any fsGroup, and with', ' any SELinux context. WARNING: this is the most relaxed SCC and should be used', " only for cluster administration. Grant with caution.'", ' creationTimestamp: 2016-05-05T13:30:06Z', ' name: privileged', ' resourceVersion: "371"', ' selfLink: /api/v1/securitycontextconstraints/privileged', ' uid: 7ae22005-12c5-11e6-9bc5-06174e73e52a', 'priority: null', 'readOnlyRootFilesystem: false', 'requiredDropCapabilities: null', 'runAsUser:', ' type: RunAsAny', 'seLinuxContext:', ' type: RunAsAny', 'supplementalGroups:', ' type: RunAsAny', 'users:', '- system:serviceaccount:openshift-infra:build-controller', '- system:serviceaccount:management-infra:management-admin', '- system:serviceaccount:management-infra:inspector-admin', 'volumes:', "- '*'"], 'failed_when_result': False, 'start': '2016-05-05 13:31:49.952517'}])
changed: [li1491-86.members.linode.com] => (item=['registry', {'cmd': ['oc', 'get', 'scc', 'privileged', '-o', 'yaml'], 'end': '2016-05-05 13:31:50.216857', 'stderr': u'', 'stdout': 'allowHostDirVolumePlugin: true\nallowHostIPC: true\nallowHostNetwork: true\nallowHostPID: true\nallowHostPorts: true\nallowPrivilegedContainer: true\nallowedCapabilities: null\napiVersion: v1\ndefaultAddCapabilities: null\nfsGroup:\n type: RunAsAny\ngroups:\n- system:cluster-admins\n- system:nodes\nkind: SecurityContextConstraints\nmetadata:\n annotations:\n kubernetes.io/description: \'privileged allows access to all privileged and host\n features and the ability to run as any user, any group, any fsGroup, and with\n any SELinux context. WARNING: this is the most relaxed SCC and should be used\n only for cluster administration. Grant with caution.\'\n creationTimestamp: 2016-05-05T13:30:06Z\n name: privileged\n resourceVersion: "371"\n selfLink: /api/v1/securitycontextconstraints/privileged\n uid: 7ae22005-12c5-11e6-9bc5-06174e73e52a\npriority: null\nreadOnlyRootFilesystem: false\nrequiredDropCapabilities: null\nrunAsUser:\n type: RunAsAny\nseLinuxContext:\n type: RunAsAny\nsupplementalGroups:\n type: RunAsAny\nusers:\n- system:serviceaccount:openshift-infra:build-controller\n- system:serviceaccount:management-infra:management-admin\n- system:serviceaccount:management-infra:inspector-admin\nvolumes:\n- \'*\'', 'item': 'privileged', 'changed': False, 'rc': 0, 'failed': False, 'warnings': [], 'delta': '0:00:00.264340', 'invocation': {'module_name': u'command', 'module_complex_args': {}, 'module_args': u'oc get scc privileged -o yaml'}, 'stdout_lines': ['allowHostDirVolumePlugin: true', 'allowHostIPC: true', 'allowHostNetwork: true', 'allowHostPID: true', 'allowHostPorts: true', 'allowPrivilegedContainer: true', 'allowedCapabilities: null', 'apiVersion: v1', 'defaultAddCapabilities: null', 'fsGroup:', ' type: RunAsAny', 'groups:', '- system:cluster-admins', '- system:nodes', 'kind: SecurityContextConstraints', 'metadata:', ' annotations:', " kubernetes.io/description: 'privileged allows access to all privileged and host", ' features and the ability to run as any user, any group, any fsGroup, and with', ' any SELinux context. WARNING: this is the most relaxed SCC and should be used', " only for cluster administration. Grant with caution.'", ' creationTimestamp: 2016-05-05T13:30:06Z', ' name: privileged', ' resourceVersion: "371"', ' selfLink: /api/v1/securitycontextconstraints/privileged', ' uid: 7ae22005-12c5-11e6-9bc5-06174e73e52a', 'priority: null', 'readOnlyRootFilesystem: false', 'requiredDropCapabilities: null', 'runAsUser:', ' type: RunAsAny', 'seLinuxContext:', ' type: RunAsAny', 'supplementalGroups:', ' type: RunAsAny', 'users:', '- system:serviceaccount:openshift-infra:build-controller', '- system:serviceaccount:management-infra:management-admin', '- system:serviceaccount:management-infra:inspector-admin', 'volumes:', "- '*'"], 'failed_when_result': False, 'start': '2016-05-05 13:31:49.952517'}])
With this patch, the json is nicely indented and std{err,out} are
properly printed by default with -v.
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
a-o-i: Move inventory vars to the correct location
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Several variables such as 'deployment_type' and 'ansible_config' were
being set under a variable group for the last defined role instead of
under OSEv3:vars.
|
|\ \ \ \ \ \ \
| |_|_|/ / / /
|/| | | | | | |
add rpm_q module to query rpm database
|
| | | | | | | |
|
| | | | | | | |
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
Document openshift_portal_net
|
| | |/ / / / /
| |/| | | | | |
|
|/ / / / / / |
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Fix "deloyment" typo in deployment types doc
|
| | |_|/ / /
| |/| | | | |
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
remove outdated openshift_cluster_metrics role
|
| |/ / / / / |
|
|\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
Fix named certificate directory path.
|
| | | | | | |
|
|/ / / / / |
|
|\ \ \ \ \
| |_|_|/ /
|/| | | | |
Add missing nuke_images.sh symlink.
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | | |
a-o-i: Persist Roles Variables
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Previously, we we're saving the roles variables set during a run.
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Refactor openshift certificates roles.
|
| | | | | | | |
|
| | | | | | | |
|
|\ \ \ \ \ \ \
| |_|_|/ / / /
|/| | | | | | |
Bug 1358723 - openshift_hosted_router_replicas option didn't work
|
| | | | | | | |
|
|\ \ \ \ \ \ \
| |_|_|/ / / /
|/| | | | | | |
Copy openshift binary instead of using wrapper script.
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
For containerized masters, we previously create a wrapper script to run
the docker CLI image and clean up afterward, but this approach is much
slower than having the binary on the native system.
Instead we now use an ansible module to handle the logic of syncing the
various OpenShift binaries and symlinks for client tools out onto the
host. The module will correctly report changed if modifications were
needed.
Substantial speed improvement for containerized installs which requires
many openshift/oc commands.
|
| | | | | | | |
|
|\ \ \ \ \ \ \
| |_|/ / / / /
|/| | | | | | |
Fix libvirt provider for Ansible 2.1.0.0
|
| | | | | | | |
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
Correct relative include for ansible version check.
|
|/ / / / / / / |
|
|\ \ \ \ \ \ \
| |_|_|/ / / /
|/| | | | | | |
Check ansible version prior to evaluating cluster hosts and groups.
|
| | | | | | | |
|
|\ \ \ \ \ \ \
| |/ / / / / /
|/| | | | | | |
a-o-i: Looser facts requirements for unattended
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Loosen the facts requirements for unattended installs to allow the user to install
with only 'connect_to' defined.
|
|\ \ \ \ \ \ \
| |_|/ / / / /
|/| | | | | | |
a-o-i: Write Role variable groups
|
|/ / / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Correct an error in the way we're writing out the variable group tags
for host roles.
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Slight modification to error when using mismatched openshift_release.
|
| | | | | | | |
|
|\ \ \ \ \ \ \
| | |_|_|_|_|/
| |/| | | | | |
Image stream sync, add jenkinstemplate
|
| | | | | | | |
|