| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Automatic merge from submit-queue.
Update deployment and apiserver with new certs
Since new certificates are generated for every run, the apiservice
caBundle needs updating in order to have the on disk CA match what is in
Kubernetes.
Because the secrets are updated, the daemonset needs to do a rolling
update for the apiserver to pick up the new certs. Implemented here is
an added annotation to the api server such that the update occurs
automatically when the CA is changed.
---
There may be a better way to make the rolling update occur without adding an annotation, such as within ansible itself (I just didn't know how to do that). Also, I think that probably the controller needs to be updated too in order to ensure staying in sync with the api server.
Edit: I did not think that doing "oc apply" would cause the daemonset to pick up a change since the yaml may be exactly the same, but if it does then the annotation part can definitely be changed.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since new certificates are generated for every run, the apiservice
caBundle needs updating in order to have the on disk CA match what is in
Kubernetes.
Because the secrets are updated, the daemonset needs to do a rolling
update for the api server to pick up the new certs. Implemented here is
an added annotation to the api server such that the update occurs
automatically when the CA is changed.
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Automatic merge from submit-queue.
docker_upgrade_check: skip repoquery calls on containerized setups
Fedora/CentOS Atomic hosts don't have repoquery installed - also there
is no need to check available Docker rpms in the repos for Atomic
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1527256
Note, that this solution is pretty naive - a better idea would be splitting
the playbooks for rpm and containerized installs for clarity
|
| | |
| | |
| | |
| | |
| | | |
Fedora/CentOS Atomic hosts don't have repoquery installed - also there
is no need to check available Docker rpms in the repos for Atomic
|
|\ \ \
| | | |
| | | | |
Add missing v3.9 gluster templates
|
| | | |
| | | |
| | | |
| | | | |
Fixes Bug 1532961
|
|\ \ \ \
| | | | |
| | | | | |
Bug 1527178 - installation of logging stack failed: Invalid version s…
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
specified for Elasticsearch
openshift_logging_{curator,elasicsearch,fluentd,kibana,mux}/vars/main.yml:
- adding "3_9" to __allowed_.*_versions
- bumping __latest_.*_version to "3_9"
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Bug 1532787 - Add empty node selector to openshift-web-console namespace
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1532787
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Automatic merge from submit-queue.
logging: fix jinja filters to support py3
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Since py3 returns `dict_items` for dict.keys() call instead of a list,
it should be converted into a list for compatibility
Signed-off-by: Vadim Rutkovsky <vrutkovs@redhat.com>
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Automatic merge from submit-queue.
Update web console template
Update the web console template based on changes in
https://github.com/openshift/origin/pull/17575
/assign @sdodson
@deads2k fyi
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Update the web console template based on changes in
https://github.com/openshift/origin/pull/17575
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
coreydaley/trello_1435_default_tolerations_via_buildconfig_defaulter
Automatic merge from submit-queue.
Ability to specify default tolerations via the buildconfig defaulter
Trello: https://trello.com/c/LNxlMjjU/1435-5-ability-to-specify-default-tolerations-via-the-buildconfig-defaulter-builds
Dependent on:
https://github.com/openshift/origin/pull/17955
|
| | |_|/ / / / /
| |/| | | | | |
| | | | | | | |
| | | | | | | | |
Trello: https://trello.com/c/LNxlMjjU/1435-5-ability-to-specify-default-tolerations-via-the-buildconfig-defaulter-builds
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
Updating tsb image names
|
| | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Automatic merge from submit-queue.
Add the ability to specify a timeout for node drain operations
A timeout to wait for nodes to drain pods can be specified to ensure that the upgrade continues even if nodes fail to drain pods in the allowed time. The default value of 0 will wait indefinitely allowing the admin to investigate the root cause and ensuring that disruption budgets are respected. In practice the `oc adm drain` command will eventually error out, at least that's what we've seen in our large online clusters, when that happens a second attempt will be made to drain the nodes, if it fails again it will abort the upgrade for that node or for the entire cluster based on your defined `openshift_upgrade_nodes_max_fail_percentage`.
`openshift_upgrade_nodes_drain_timeout=0` is the default and will wait until all pods have been drained successfully
`openshift_upgrade_nodes_drain_timeout=600` would wait for 600s before moving on to the tasks which would forcefully stop pods such as stopping docker, node, and openvswitch.
|
| | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
Ensure that openshift_facts role is imported whenever we rely on
|
| | |_|_|/ / / / / /
| |/| | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
openshift_client_binary
|
|\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
vrutkovs/3.9-upgrades-remove-openshift.common.service_type
3.9 upgrade: remove openshift.common.service_type
|
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
See eb6b20fc9183cc2aae424c72efd1191b99110a93
|
|\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | | |
failure_summary: make sure msg is always a string
|
| | |_|_|_|_|_|_|_|/ /
| |/| | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
Some tasks may return a dict in the msg. In that case `stringc` will
fail to colorize it (with "AttributeError: <msg type> object has no
attribute 'split'" error.
|
|\ \ \ \ \ \ \ \ \ \ \
| |_|_|_|_|_|_|_|_|/ /
|/| | | | | | | | | | |
Add defaults for openshift_pkg_version
|
| | |_|_|_|_|_|_|_|/
| |/| | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
This variable may or may not be defined by the users.
During deployments, it will be set to '-{{ openshift_version }}'
if undefined.
During upgrades, it will remain undefined.
This commit ensures that if the variable is undefined,
empty strings '' are set.
|
|\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
Fixing openshift_hosted variable.
|
| | | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \ \
| |/ / / / / / / / / /
|/| | | | | | | | | | |
Add vsphere provider
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | | |
Add key existing check to collect facts for rolebidings
|
| | | | | | | | | | | | |
|
| | | | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \ \ \
| |_|_|/ / / / / / / / /
|/| | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
Automatic merge from submit-queue.
Don't hardcode the network interface in the openshift_logging_mux role
The openshift_logging_mux role hardcodes the 'eth0' interface alias
for determining the IP address to use for incoming external client
connections. This will cause the playbook to fail with an undefined
variable error on systems where an 'eth0' interface does not exist.
This patch changes the default IP address for external connections
to use the 'ansible_default_ipv4' fact. It also allows this to be
overridden by a new 'openshift_logging_mux_external_address' variable.
|
| | |_|/ / / / / / / /
| |/| | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
The openshift_logging_mux role hardcodes the 'eth0' interface alias
for determining the IP address to use for incoming external client
connections. This will cause the playbook to fail with an undefined
variable error on systems where an 'eth0' interface does not exist.
This patch changes the default IP address for external connections
to use the 'ansible_default_ipv4' fact. It also allows this to be
overridden by a new 'openshift_logging_mux_external_address' variable.
|
|\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
mgugino-upstream-stage/node-reduce-package-commands
Install node packages in one task instead of 3
|
| |/ / / / / / / / / /
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
This commit reduces the number of package tasks
from 3 to 1.
|
|\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | | |
Remove become statements
|
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
After remove become:no statements on local_action tasks,
we need to ensure that the proper file permssions are
applied to local temp directories.
This reason for this is that the 'fetch' module
does not use 'become' for the localhost, just the remote
host.
Additionally, users may not wish for the localhost to
become during a fetch. local_action will execute with
whatever permissions are specified in inventory or via
cli.
|
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
This commit removes become:no statements that break
the installer in various ways.
|
|\ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Automatic merge from submit-queue.
Limit host group scope on control-plane upgrades
This commit limits common init code to exclude
oo_nodes_to_config during upgrade_control_plane runs.
|
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
This commit limits common init code to exclude
oo_nodes_to_config during upgrade_control_plane runs.
|
| | |_|_|_|_|_|_|_|_|_|/
| |/| | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
This commit changes how we handle openshift_version role.
Most of the version initialization code is only run
on the first master now. All other hosts have values
set from the master.
Aftwards, we run some basic RPM queries to ensure
that the correct version is available on the other nodes.
Containerized needs to do their own image checks elsewhere.
|
|\ \ \ \ \ \ \ \ \ \ \ \
| |_|_|_|_|_|_|_|_|_|_|/
|/| | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
Automatic merge from submit-queue.
Adding logic to do a full cluster restart if we are incrementing our …
…major versions of ES
This will help with the upgrade from 2.x to 5.x for ES, it also fixes something I came across with the handler on 3.7 where it checks the prior deployed version of the ES pod rather than the new one.
|
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
full restart
|