summaryrefslogtreecommitdiffstats
path: root/playbooks
Commit message (Collapse)AuthorAgeFilesLines
* Open OpenStack security group for the service node port rangeLénaïc Huard2016-08-193-0/+14
| | | | | | | | | | | | With OpenShift 3.2, creating a service accessible from the outside of the cluster thanks to `nodePort` automatically opens the “local” `iptables` firewall to allow incoming connection on the `nodePort` of the service. In order to benefit from this improvement, the OpenStack security group shouldn’t block those incoming connections. This change opens, on the OS nodes, the port range dedicated to service node ports.
* Update uninstall.ymlScott Dodson2016-08-171-1/+1
| | | Fixes #2317
* Reconcile roles after master upgrade, but before nodes.Devan Goodwin2016-08-161-43/+46
| | | | | | | | | | Prevents the network egress bug causing node restart to fail during 3.3 upgrade. (even though a separate fix is incoming for this) Only catch is preventing the openshift_cli role, which requires docker, from triggering a potential upgrade, which we still don't want at this point. To avoid we use the same variable to protect docker installed version as we use in pre.yml.
* Merge pull request #2220 from jkhelil/fix_key_error_when_ssh_failingScott Dodson2016-08-161-1/+1
|\ | | | | fixing openshift key error in case of node failure during run (ssh is…
| * fixing openshift key error in case of node failure during run (ssh issue)jawed2016-08-091-1/+1
| |
* | Reference tmpdir from first master hostvars when evacuating nodes.Andrew Butcher2016-08-111-4/+4
| |
* | Merge pull request #2285 from dgoodwin/nuke-images-2Scott Dodson2016-08-114-20/+59
|\ \ | | | | | | Improvements for Docker 1.10+ Upgrade Image Nuking
| * | Improvements for Docker 1.10+ upgrade image nuking.Devan Goodwin2016-08-114-20/+55
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In a parallel step prior to real upgrade tasks, clear out all unused Docker images on all hosts. This should be relatively safe to interrupt as no real upgrade steps have taken place. Once into actual upgrade, we again clear all images only this time with force, and after stopping and removing all containers. Both rmi commands use a new and hopefully less error prone command to do the removal, this should avoid missed orphans as we were hitting before. Added some logging around the current image count before and after this step, most of them are only printed if we're crossing the 1.10 boundary but one does not, just for additional information in your ansible log.
| * | Shutdown Docker before upgrading the rpm.Devan Goodwin2016-08-101-0/+4
| |/ | | | | | | | | This avoids the automatic image migration in 1.10, which can take a very long time and potentially cause rpm db corruption.
* / Support for redeploying certificates.Andrew Butcher2016-08-113-1/+270
|/
* Merge pull request #2211 from dgoodwin/33-upgrade-playbookScott Dodson2016-08-0832-70/+227
|\ | | | | 1.3 / 3.3 Upgrades
| * Migrate ca.crt to ca-bundle.crtScott Dodson2016-08-081-0/+25
| |
| * Upgrade configs for protobuf support.Devan Goodwin2016-08-084-0/+68
| |
| * Introduce 1.3/3.3 upgrade path.Devan Goodwin2016-07-2530-70/+134
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refactored the 3.2 upgrade common files out to a path that does not indicate they are strictly for 3.2. 3.3 upgrade then becomes a relatively small copy of the byo entry point, all calling the same code as 3.2 upgrade. Thus far there are no known 3.3 specific upgrade tasks. In future we will likely want to allow hooks out to version specific pre/upgrade/post tasks. Also fixes a bug where the handlers were not restarting nodes/openvswitch containers doing upgrades, due to a change in Ansible 2+.
* | Convert ansible facts callback to v2.Andrew Butcher2016-08-081-1/+1
| |
* | Call relocated openshift-loadbalancer playbook in master scaleup.Andrew Butcher2016-08-041-0/+2
| |
* | Merge pull request #2049 from abutcher/named-certificatesScott Dodson2016-08-033-50/+12
|\ \ | | | | | | Named CA Certificates
| * | Add options for specifying named ca certificates to be added to the ↵Andrew Butcher2016-08-013-50/+12
| | | | | | | | | | | | openshift ca bundle.
* | | Refactor etcd certificates roles.Andrew Butcher2016-08-023-269/+16
|/ /
* | Move role dependencies to playbooks.Andrew Butcher2016-07-293-3/+98
| |
* | Merge pull request #2236 from maxamillion/fedoraScott Dodson2016-07-291-1/+1
|\ \ | | | | | | update bootstrap-fedora playbook with new python crypto deps
| * | update bootstrap-fedora playbook with new python crypto depsAdam Miller2016-07-281-1/+1
| | | | | | | | | | | | Signed-off-by: Adam Miller <maxamillion@fedoraproject.org>
* | | Merge pull request #2210 from abutcher/staggered-master-startScott Dodson2016-07-281-0/+1
|\ \ \ | |/ / |/| | Stagger HA master service start
| * | Stagger the start of master services.Andrew Butcher2016-07-241-0/+1
| | |
* | | Merge pull request #2213 from detiber/remove_old_metrics_roleJason DeTiberus2016-07-261-2/+0
|\ \ \ | | | | | | | | remove outdated openshift_cluster_metrics role
| * | | remove outdated openshift_cluster_metrics roleJason DeTiberus2016-07-251-2/+0
| | | |
* | | | Template named certificates with_items.Andrew Butcher2016-07-251-2/+2
| | | |
* | | | Replace master_cert_config_dir with common config_base fact.Andrew Butcher2016-07-251-1/+1
|/ / /
* | | Merge pull request #2196 from dgoodwin/nuke-images-symlinkAndrew Butcher2016-07-221-0/+1
|\ \ \ | |/ / |/| | Add missing nuke_images.sh symlink.
| * | Add missing nuke_images.sh symlink.Devan Goodwin2016-07-221-0/+1
| |/
* | Merge pull request #1990 from abutcher/openshift-certificatesScott Dodson2016-07-212-154/+16
|\ \ | |/ |/| Refactor openshift certificates roles.
| * Refactor openshift certificates roles.Andrew Butcher2016-07-202-154/+16
| |
* | Merge pull request #2168 from dgoodwin/container-cli-speedScott Dodson2016-07-211-0/+2
|\ \ | | | | | | Copy openshift binary instead of using wrapper script.
| * | Stop reporting changes when docker pull is already up to date.Devan Goodwin2016-07-201-0/+2
| | |
* | | Merge pull request #2187 from lhuard1A/bin_cluster_libvirt_ansible_2.1Jason DeTiberus2016-07-214-21/+24
|\ \ \ | | | | | | | | Fix libvirt provider for Ansible 2.1.0.0
| * | | Fix libvirt provider for Ansible 2.1.0.0Lénaïc Huard2016-07-214-21/+24
| | |/ | |/|
* | | Correct relative include for ansible version check.Andrew Butcher2016-07-211-1/+1
| | |
* | | Check ansible version prior to evaluating cluster hosts and groups.Andrew Butcher2016-07-207-0/+24
|/ /
* | Merge pull request #2175 from dgoodwin/origin-12-rpm-upgradeScott Dodson2016-07-191-2/+6
|\ \ | | | | | | Fix bugs with origin 1.2 rpm based upgrades.
| * | Fix bugs with origin 1.2 rpm based upgrades.Devan Goodwin2016-07-191-2/+6
| |/
* | Merge pull request #2174 from dgoodwin/skip-docker-upgrade-atomicScott Dodson2016-07-191-2/+2
|\ \ | | | | | | Skip docker upgrades on Atomic.
| * | Skip docker upgrades on Atomic.Devan Goodwin2016-07-191-2/+2
| |/
* / Resolve some deprecation warnings.Andrew Butcher2016-07-186-6/+6
|/
* Merge remote-tracking branch 'upstream/master' into upgrade33Devan Goodwin2016-07-1412-53/+62
|\
| * Make libvirt’s VM use virtio-scsi insteal of virtio-blkLénaïc Huard2016-07-132-22/+17
| | | | | | | | | | | | The main advantage is that virtio-scsi honors TRIM so that deleting files and/or docker images inside the VM now frees disk space on the host by resparsifying the qcow2 file.
| * Merge pull request #2142 from lhuard1A/fix_openstack_firewallJason DeTiberus2016-07-121-0/+30
| |\ | | | | | | Re-align the OpenStack firewall rules with the iptables rules
| | * Re-align the OpenStack firewall rules with the iptables rulesLénaïc Huard2016-07-121-0/+30
| | |
| * | Merge pull request #2141 from lhuard1A/fix_dnsJason DeTiberus2016-07-121-0/+5
| |\ \ | | | | | | | | Fix bin/cluster openstack related error
| | * | Fix bin/cluster openstack related errorLénaïc Huard2016-07-121-0/+5
| | |/
| * / ops-docker-loopback-to-direct-lvm.yml: fix typo on the variable name ↵gaelL2016-07-121-1/+1
| |/ | | | | | | "cli_name vs cli_host"