| Age | Commit message (Collapse) | Author |
|---|
|
set use_manageiq true as default
|
|
Add documentation of external nfs variables
|
|
Add checkpoint steps for full cluster install and individual entry point playbook.
|
|
|
|
We control /etc/resolv.conf and parts of the dnsmasq configuration via
Puppet in our environment. The hook ends up overwriting the managed
configuration.
|
|
When "openshift_master_controllers_env_vars" is set, but
"openshift_master_api_env_vars" isn't, the template for the sysconfig
file of atomic-openshift-master fails:
AnsibleUndefinedVariable: 'dict object' has no attribute 'api_env_vars'
Avoid this issue by applying "default({})" to the dict and always
calling ".items()".
|
|
The "registry_volume_claim" variable has not been used since at least
commit 7cf5cc1 (February 21, 2017) and this commit removes the last
mention.
|
|
For historical reasons a small set of programs in our environments rely
on the cluster-internal Docker registry having the IP address
"172.30.1.1". So far we always had to patch in that address manually.
Adding a variable on the "openshift_hosted" role allows the IP address
to be set correctly when a cluster is installed.
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
Remove unneeded master config updates during upgrades
|
|
Allow each node group to request bootstrap, allow per node group image
override, and ensure the provision logic does not wait for bootstrapping
node groups before continuing.
This is an incremental step to allow GCP clusters to use bootstrap logic
on cluster deploy without having fully baked images. We will switch over
slowly and ensure both code paths function.
|
|
Wait longer for GCP stability
|
|
We are seeing instances take longer than 5m to become available,
possibly due to GCP infra issues.
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
|
|
|
|
Currently, existing clusters might not have journald
configurations applied. This may result in a rate-
limiting of important log messages on openshift-masters.
This commit ensures that journald settings are applied
during the upgrade process openshif-masters.
Fixes: https://github.com/openshift/openshift-ansible/issues/5642
|
|
Fix typo in setting prom-proxy memory limit
|
|
|
|
Fix pvc selector default to be empty dict instead of string
|
|
Currently, oreg_auth_credentials_replace is undefined
during master upgrades.
This commit ensures this variable is defined during
upgrades.
|
|
|
|
|
|
|
|
We'll do it in a separate pull request.
|
|
bz: https://bugzilla.redhat.com/show_bug.cgi?id=1493368
|
|
|
|
Provisioning updates.
|
|
Fix prometheus role nfs
|
|
Fix missing docker option signature-verification
|
|
* add cas: playbook adding new CAs created
* add CAs: README updated, bug fixes
* README: improvements
* README: minor fixes
* README: removed code snippet
* README: fix
|
|
* Add flannel support
* Document Flannel SDN use case for a separate data network.
* Add post install step for flannel SDN
* Configure iptables rules as described for OCP 3.4 refarch
https://access.redhat.com/documentation/en-us/reference_architectures/2017/html/deploying_red_hat_openshift_container_platform_3.4_on_red_hat_openstack_platform_10/emphasis_manual_deployment_emphasis#run_ansible_installer
* Configure flannel interface options
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* Use os_firewall from galaxy for required flannel rules
For flannel SDN:
* Add openshift-ansible as a galaxy dependency module.
* Use openshift-ansible/roles/os_firewall to apply DNS rules
for flanel SDN.
* Apply the remaining advanced rules with direct
iptables commands as os_firewall do not support advanced rules.
* Persist only iptables rules w/o dynamic KUBe rules. Those are
added runtime and need restoration after reboot or iptables restart.
* Configure and enable the masked iptables service on the app nodes.
Enable it to allow the in-memory rules to be persisted.
Disable firewalld, which is the expected default behavior of the
os_firewall module.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* Allow access from nodes to masters' port 2379 when using flannel
Flannel requires to gather information from etcd to configure and
assign the subnets in the nodes, therefore, allow access from nodes to port 2379/tcp to the master security group.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
A broking change has been introduced in Vagrant 2.0 with this commit:
https://github.com/hashicorp/vagrant/commit/ac75e409a3470897d56a0841a575e981d60e2e3d
The change puts additional quotes around the node labels.
As a fix, use different quoting mechanism for Vagrant >=2.0
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
Updating openshift-ansible.spec file to include files dir
|
|
|
|
|
|
Currently, docker_image_availability.py plugin check is
using the raw strings for variables from task_vars.
This results in any variables that utilized within the
plugin to be un-templated. For instance, if variable
"x" is set to "{{ y }}" and y is set to "2", one
would expect that x == 2 inside the plugin. Currently,
the plugin will use the string "{{ y }}" for the value
of x instead of templating the variable.
This commit ensures skopeo registry auth credentials
are templated properly.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1500698
|
|
|
|
|
|
|
|
Restart all controllers to force reconfiguration during upgrade
|
|
Updating ES proxy image prefix and version to match other components
|
|
Currently, upgrade_control_plane.yml will add any
missing sections to the openshift master's config.
These additions are only needed once. Users who
perform multiple upgrades to their clusters over
time do not need to have these variables re-inserted.
Currently, re-inserting these variables can cause
unwanted local changes.
This commit ensures that the variables are only
inserted into openshift master's config once.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1486054
|
|
Bug 1501768: fix eventrouter nodeSelector padding
|
|
|
|
Automatic merge from submit-queue.
Ensure controllerConfig.serviceServingCert is correctly set during upgrade.
A typo was originally introduced in https://github.com/openshift/openshift-ansible/pull/2449 causing an incorrect key to be configured within the master config. This commit ensures that the correct key is set during upgrades.
/cc @dlbewley
https://bugzilla.redhat.com/show_bug.cgi?id=1500981
|
|
|
|
Automatic merge from submit-queue.
cri-o: error out when node is a Docker container
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1489555
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
