| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| | |
Add dynamic inventory
|
| |
| |
| |
| |
| | |
The DNS code expects a `public_v4` even when we use the provider
networks. Let's just always export it.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds an `inventory.py` script to the `sample-inventory` that lists
all the necessary servers and groups dynamically, skipping the
`static_inventory` role as well as the `hosts` creation.
It also adds an `os_cinder` lookup function which is necessary for a
seamless Cinder OpenShift registry integration without a static
inventory.
|
|/
|
|
|
|
| |
Following up on the initial port of the OpenStack roles from
casl-ansible to openshift-ansible-contrib. One of the points that was
brought up in the review was to drop the references to CASL in the
code since the code has now wider reach.
|
|
|
|
|
| |
When using a bastion and a single master, add the bastion node's public IP the public master's IP for the DNS record.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scale-up: playbook for upscaling app nodes
* scale-up: removed debug
* scale-up: made suggested changes
* scale-up: indentation fix
* upscaling: process split into two playbooks that are executed by a bash script
- upscaling_run.sh: bash script, usage displayed using -h parameter
- upscaling_pre-tasks: check that new value is higher, change inventory variable
- upscaling_scale-up: rerun provisioning and installation, verify change
* upscaling_run: fixed openshift-ansible-contrib directory name
* upscaling_run: inventory can be entered as relative path
* upscaling_scale-up: fixed formatting
* upscaling: minor changes
* upscaling: moved to .../provisioning/openstack directory, README updated, minor changes made
* README: minor changes
* README: formatting
* uspcaling: minor fix
* upscaling: fix
* upscaling: added customisations, fixes
- openshift-ansible-contrib and openshift-ansible paths are customisable
- fixed implicit incrementation by 1
* upscaling: fixes
* upscaling: fixes
* upscaling: another fix
* upscaling: another fix
* upscaling: fix
* upscaling: back to a single playbook, README updated
* minor fix
* pre_tasks: added labels for autoscaling
* scale-up: fixes
* scale-up: fixed host variables, post-verification is only based on labels
* scale-up: added openshift-ansible path customisation
- path has to be absolute, cannot contain '/' at the end
* scale-up: fix
* scale-up: debug removed
* README: added docs on openshift_ansible_dir, note about bastion
* static_inventory: newly added nodes are added to new_nodes group
- note: re-running provisioning fails when trying to install docker
* removing new line
* scale-up: running byo/config.yml or scaleup.yml based on the situation
- (whether there is an existing deployment or not)
* openstack.yml: indentation fix
* added refresh inventory
* upscaling: new_nodes only contains new does, it is not used during the first deployment
* static_inventory: make sure that new nodes end up only in their new_nodes group
* bug fixes
* another fix
* fixed condition
* scale-up, static_inventory role: all app node data gathered before provisioning
* upscaling: bug fixes
* upscaling: another fixes
* fixes
* upscaling: fix
* upscaling: fix
* upscaling: another logic fix
* bug fix for non-scaling deployments
|
|
|
|
|
|
|
|
| |
* Document using a Docker image for Ansible host
* Fix the markdown url syntax
* Mention keystonerc as well
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Make `openstack_private_ssh_key` optional
Before this, the deployer could not reasonably rely on their own SSH
configuration or e.g. using the `--private-key` option to
ansible-playbook because we always wrote the `ansible_private_key_file`
value in the static inventory.
This change makes the `openstack_private_ssh_key` variable truly
optional: if it's not set, the static inventory will not configure the
SSH key and will just rely on the existing configuration.
* Update the openstack e2e CI
It no longer sets the SSH keys explicitly -- which should just work with
the previous commit.
* Put back the `openstack_ssh_public_key` in CI
This is the option we actually need to keep. This sholud fix the CI
failures.
|
|
|
|
| |
It is now commented out since it's no longer necessary.
|
|
|
|
|
| |
This was a regression -- it used to be optional (defaulting to False),
but among some changes we ended up requiring it again.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Attach and detach a volume, wait for it to be accessible
This is mostly just handling the attach/detach code, making sure the necessary
vars are accessible where they need to be as well as finding out the correct
device name the volume is attached as.
* Create temp directory for mounts, remove some debug info
* add the fs actions
* Remove debug
* Prepare the volume automatically if possible
* Add docs and sample inventory
* Read OS_* creds from shell in sample inventory
* Fix yamlint complaint
* Update readme
This mentions the potential pitfalls when using devstack.
* Better check for the router deployment in CI
* Set the openshift_hoster*_wait vars to True
* Fix typo
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Point openshift_master_cluster_public_hostname at master or load balancer if specified
* cleanup
* remove extraneous brackets
* corrections
* added doc section
* add private records
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Allow using a provider network
This adds a new option `openstack_provider_network_name` which will take
a name of an existing network and put the servers there. It will also
prevent creating floating IP addresses as the provider network's IPs
should already be accessible without any additional routing required.
Fixes #622
* Requested changes
Don't fail on external/private networks and use role defaults for the
provider network.
* Add missing endif
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Document global DNS security options
Related changes:
* Do not create a view if externally managed.
* Allow to specify the recursion settings for public/private
views defined by the dns-view role.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* Document public_dns_nameservers better
Also use it as the private view forwarder
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
|
|
|
|
|
|
| |
* Add custom post-provision playbook for adding yum repos
* fixed formatting issues
* requested corrections and formatting changes
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Document how to use fully external DNS servers w/o provisioning
dns servers group with Heat.
* Document how to use a mixed servers setup for dynamic records
updates mathing public or private views.
* Allow custom nsupdate key names for OSP10 dns service compatibility.
The osp-dns configures the named service with the fixed key_name
'update-key'. Add optional key_name for the external_nsupdate_keys
public section to allow custom key names.
|
|
|
|
|
|
|
|
| |
* prerequisites, custom_*_check: added checking that specified images/flavors are available
- uses stack_params as a source of variable value which is then passed to the HOT
* minor fixes
|
|
|
|
|
|
| |
Move repeating pre_tasks to pre-install
(OpenShift Pre-Requisites) step.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* node labels: add checks for custom labels
- README: add more info about customising labels
- pre_tasks: add checks for label values, set to empty dict if undefined
- group_vars: move labels customisation from OSEv3 to all
* pre_tasks: tried a new approach to updating variables
* pre_tasks: variable update fixed
* pre_tasks: rollback upscaling changes (to be added in upscaling PR)
* pre_tasks: blank line removed
* pre_tasks: add check for undefined variable (should not happen though)
* pre_tasks: be sure to have regions defined
|
|
|
|
|
|
|
|
| |
* Add documentation regarding running custom post-provision tasks
* moved post-provision doc to openstack README
* added reference to OSEv3, clarified some text
|
|\
| |
| | |
[WIP] Add docs and defaults for multi-master setup
|
| |
| |
| |
| |
| |
| |
| |
| | |
Additionally, add the lb group to contain lb nodes to the
static inventory template. Include the lb group into the
OSEv3 group, in order to apply the cluster group vars to it.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|/
|
|
|
|
| |
This allows our users to keep the ansible.cfg file in the inventory as
well as putting e.g. LDAP certificates in.
Fixes #481
|
|
|
|
|
|
|
| |
* Update openshift_release in the sample inventory
This removes setting the version for Openshift Origin, because the
only the latest release is actually available. So if a new Origin
release comes up, the installation will fail.
|
|
|
|
|
|
|
|
|
|
|
|
| |
* README, all.yml, stack_params.yaml, openstack-stack: added docker volume size customisation
- app_volume_size changed to node_volume_size (it is node everywhere else)
* all.yml, stack_params.yaml,openstack-stack: added customisation for lb, etcd, dns
* README: updated
* README: updated info about ephemeral volumes
|
|
|
|
|
|
|
|
|
|
| |
* README, all.yml, stack_params.yml, heat_stack.yaml.j2: hostname customisation added
* hostnames customisation: default set in stack_params
* heat_stack: bug fix
* fixed commented defaults in group_vars/all.yml
|
|
|
|
|
|
|
|
| |
When using a bastion and a single master, use the lb-secgrp
to access UI port allowed from the ingress bastion node cidr.
For HA (masters>1), UI still should be accessed via
the LB node's ingress cidr, omitting the bastion.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
|
|
| |
and documented (#638)
|
|
|
|
|
|
|
|
|
|
|
|
| |
* all.yml: set up new variables for specifying images for roles
* stack_params.yaml: add image name variables for different roles
* more roles added
* heat_stack.yaml.j2: openstack_image changed to updated image names
* README: updated documentation for specifying image names
|
|
|
|
|
|
| |
Add openstack_private_network_name to filter by a wanted private
network.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
|
|
|
|
|
|
| |
For testing cases it's sometimes useful to not create Cinder volumes for
the VMs. It can also sometimes be a little faster and more robust (but
unfit for production).
This adds an option called `ephemeral_volumes` that will use the VM's
storage instead of creating volumes when set to true.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the move to the static inventory, we don't need it anymore so it's
now just an unnecessary step in the deployment.
Note that the users may still want to use clouds.yaml for openstack
credentials instead of sourcing the `OS_*` environment variables, but
they can do that at their discression.
The reason we had the clouds.yaml here was because the `openstack.py`
dynamic inventory used the servers' UUID's as ansible hosts by default
and the options we put in caused it to use the hostnames (as desired).
|
| |
|
|\
| |
| | |
Add wildcard record for Private DNS
|
| | |
|
| | |
|
| |
| |
| | |
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* At the provisioning stage, allow users to auto-generate SSH config,
when using a static inventory.
* Run playbooks to provsion and post-provision as a separate, when
using a bastion. This re-applies the SSH config, which ansible can't
do on the fly.
* Support a pre-installed bastion node, colocated with the 1st infra
node.
* With a bastion enabled, reduce floating IP footprint to infra and
dns nodes only, effectively isolating a cluster in a private
network.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
|
|
|
|
|
|
| |
* README in provisioning: note about infra-ansible not updating versions if one exists
* README in provisioning: minor change
* README: improved readability
|
|
|
|
|
|
|
|
|
| |
* At the provisioning stage, allow users to auto-generate a static
inventory w/o manual steps needed. The alternative to
go fully dynamic TBD.
* Move openshift pre-install playbook to the post provision playbook,
where the second part of the pre install tasks is already placed.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Autogenerate inventory/hosts when 'inventory: static' (Default),
with the shade-inventory tool.
* Drop unused anymore: openstack.py and associated GPL notes,
an example static inventory, omit manual updates for the
inventory DNS names in the deployment guide.
* Switch openstack.py formatted inventory hostvars
to the shade-inventory format (omit openstack.* from hostvars).
* Populate node labels from inventory vars instead of the heat
templates combined with inventory vars.
* Add app (k8s minions) nodes group for primary node labels.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|\
| |
| | |
Added prerequisity for python-openstackclient installation
|
| | |
|
| | |
|
| |
| |
| |
| | |
dependencies
|
| |
| |
| |
| | |
python-openstackclient installation
|
|/
|
|
|
|
|
|
|
|
| |
Because openshift-ansible requires root on the cluster nodes, but it
doesn't explicitly set it in the playbooks (like we do), let's set it
in our inventory instead of requiring to pass `--become` to
`ansible-playbook`.
That will simplify the installation steps as well as let us include
the provisioning and openshift-ansible playbooks in a single playbook.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Set up NetworkManager automatically
This removes the extra step of running the
`openshift-ansible/playbooks/byo/openshift-node/network_manager.yml`
before installing openshift. In addition, the playbook relies on a
host group that the provisioning doesn't provide (oo_all_hosts).
Instead, we set up NetworkManager on CentOS nodes automatically. And
we restart it on RHEL (which is necessary for the nodes to pick up the
new DNS we configured the subnet with).
This makes the provisioning easier and more resilient.
* Apply the node-network-manager role to every node
It makes the code simpler and more consistent across distros.
|