| Age | Commit message (Collapse) | Author |
|---|
|
Bug 1510546- Fix previous fix, task was indented one level too deep
|
|
|
|
|
|
Fix ansible service broker etcd cert generation logic.
|
|
Automatic merge from submit-queue.
Fix prometheus default vars
Currently, prometheus role tries to set some defaults depending
on openshift_deployment_type.
This commit simplifies that logic.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1509782
|
|
Automatic merge from submit-queue.
Update service broker configmap and serviceaccount privileges
Addresses Bugs https://bugzilla.redhat.com/show_bug.cgi?id=1503289 and https://bugzilla.redhat.com/show_bug.cgi?id=1507111
|
|
|
|
Recent commit removed these checks. These two auth providers
are specifically excluded in origin, thus we should enable
the checks to ensure challenge auth is not enabled for these
providers.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1444367
|
|
Add etcd as part of inventory file
|
|
|
|
|
|
|
|
|
|
|
|
This commits enables the ports pool driver when deploying kuryr
networking on top of OpenShift in containers. It also exposes
some configuration options such as the maximum and minimum pool
sizes, as well as the bulk subports creation size and the time
between pools update actions.
|
|
Currently, prometheus role tries to set some defaults depending
on openshift_deployment_type.
This commit simplifies that logic.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1509782
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
|
|
Automatic merge from submit-queue.
Temporarily set master servingInfo.clientCA as client-ca-bundle.crt during rolling CA redeployment.
This PR temporarily configures master `servingInfo.clientCA` as `client-ca-bundle.crt` during CA redeploy so that clients referencing the old OpenShift CA can continue to function until all cluster certificates have been replaced and `servingInfo.clientCA` is reset to `ca.crt`.
`client-ca-bundle.crt` is a new bundle created by the `openshift_ca` role which contains old and new OpenShift CA certificates.
https://bugzilla.redhat.com/show_bug.cgi?id=1509124
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1493276
|
|
|
|
|
|
This makes sure that all the variables used in the `openshift_openstack`
role are prefixed with `openshift_openstack_` as is the convention.
|
|
The `openstack_*_network_name` vars are strings, not booleans, so the
absense shouldn't really be marked by `False`.
|
|
Because the templates are present in a role, the `template` module is
able to look them up directly, without having to use `{{ role_path
}}/templates`.
|
|
|
|
|
|
Most of the vars in `roles/openshift_openstack/defaults/main.yml` are
now prefixed with `openstack_`.
|
|
It's no longer being used.
|
|
The contents of roles/openshift_openstack/vars/main.yml were moved to
the defaults/main.yml file instead.
There are now duplication warnings we need to address, but the
deployment does still work.
|
|
|
|
These options will have no effect until we add static inventory and
bastion support back in.
|
|
|
|
The repo already contains the `rhel_subscribe` role so we should use
that instead.
|
|
This will mostly not work but it's a starting point.
|
|
|
|
They're not necessary for the initial PR so let's add them properly
later.
|
|
They're duplicating a lot of functionality that's already in
openshift-ansible and they're not actually used from the provisioning
playbooks.
We'll revisit them later.
|
|
The `openstack-stack` role is now under `openshift_openstack` and the
`openstack-create-cinder-registry` one will be added there, later.
|
|
All the tasks that were previously in playbooks are now under
`roles/openshift_openstack`.
The `openshift-cluster` directory now only contains playbooks that
include tasks from that role. This makes the structure much closer to
that of the AWS provider.
|
|
|
|
|
|
|
|
|
|
We move them from `playbooks/provisioning/openstack` to
`playbooks/openstack` to mirror `playbooks/aws`.
|
|
This moves all the OpenStack-related code from the -contrib[1] repo
including its git history to openshift-ansible. It will then be moved
around and updated to fit the rest of the project's structure.
[1]: https://github.com/openshift/openshift-ansible-contrib
|
|
Bug 1507617- Move etcd into its own service/dc with SSL
|
|
mgugino-upstream-stage/retry-restart-master-controllers
Automatic merge from submit-queue.
Retry restarting master controllers
Currently, master controller services may fail to restart
if master api services are not fully initialized.
This commit enables retry of master controllers.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1509837
|
|
Automatic merge from submit-queue.
Fix preupgrade authorization objects are in sync
Currently, this task is executed based on openshift_version.
openshift_version is based on the upgrade target, thus not
the currently install versions.
This commit ensures that the task executes as intended.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1508301
|
|
Automatic merge from submit-queue.
container-engine: ensure /var/lib/containers/ is properly labelled
we were doing it only when CRI-O is installed.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1509880
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
rolling CA redeployment.
|
