summaryrefslogtreecommitdiffstats
path: root/roles/contiv
Commit message (Collapse)AuthorAgeFilesLines
* Contiv multi-master and other fixesNick Bartos2018-01-0834-287/+866
| | | | | | | | | | | | | | | | | | | | | | | | Contiv's etcd was not being deployed correctly when using more than one master. To make it easier to manage, it has been moved into a k8s container. The api proxy was hardcoded to an old version (1.1.1), and in some environments would run into a docker error. This has been moved into a k8s container for easier management. The firewall was too permissive on several ports. Many were open to the world when they should have only been accessible inside the cluster. Many of the contiv role variables were not prefixed with 'contiv', which may end up clobbering variables from another role. Now all the contiv specific role variables start with 'contiv_'. The api proxy's default self-signed certificate was bundled with the role. This means someone with read-only MITM access and this key could decrypt traffic. Granted a user defined certificate from a trusted CA should be used in a production environment, it is still better to generate one in each environment when one is not provided.
* Cast openshift_docker_use_system_container to boolMichael Gugino2018-01-021-1/+1
| | | | | | | | | | | | | openshift_docker_use_system_container might be passed in via ini inventory as 'openshift_docker_use_system_container=false' This condition will be interpreted as a string type, instead of boolean. Casting openshift_docker_use_system_container as bool will achieve the users desired intent. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1528943
* Remove openshift.common.{is_atomic|is_containerized}Michael Gugino2017-12-202-2/+1
| | | | | We set these variables using facts in init, no need to duplicate the logic all around the codebase.
* Relocate filter plugins to lib_utilsMichael Gugino2017-12-181-0/+1
| | | | | | | | | | | | | | This commit relocates filter_plugings to lib_utils, changes the namespacing to prevent unintended use of older versions that may be present in filter_plugins/ directory on existing installs. Add lib_utils to meta depends for roles Also consolidate some plugins into lib_utils from various other areas. Update rpm spec, obsolete plugin rpms.
* Deprecate using Ansible tests as filtersRussell Teague2017-12-143-7/+7
|
* Merge pull request #6314 from riffraff169/contiv-ovs-fixScott Dodson2017-12-141-1/+1
|\ | | | | Remove version requirement from openvswitch package
| * Remove version requirement from openvswitch package, since listed version ↵riffraff2017-11-291-1/+1
| | | | | | | | got removed from repo
* | Contiv systemd fixesNick Bartos2017-12-143-2/+13
| | | | | | | | | | Add install section so that enable on reboot works. Make sure services are always restarted if they die.
* | Merge pull request #6315 from riffraff169/contiv-multimasterRussell Teague2017-12-133-2/+21
|\ \ | | | | | | Multimaster openshift+contiv fixes
| * | Multimaster openshift+contiv fixesLance Dillon2017-11-293-2/+21
| |/ | | | | | | | | | | | | Only run default contiv commands once Fix detection of firewalld Open up netmaster ports to all nodes Make sure etcd ca stuff only runs once
* | Implement container runtime roleMichael Gugino2017-12-013-2/+4
| |
* | retry package operationsLuke Meyer2017-11-302-0/+8
|/ | | | | | When a package install/update fails due to network blips or other spotty availability, retry it. If the failure is a real failure (e.g. package is really not there) it still fails after 3 tries (Ansible default).
* Include Deprecation - openshift-nodeRussell Teague2017-11-225-12/+12
|
* Merge pull request #4919 from srampal/contiv_1.1.1Scott Dodson2017-07-316-3/+25
|\ | | | | Some automation fixes for contiv GUI/auth_proxy & vxlan mode
| * Fixes for auth_proxy, vxlan modeSanjeev Rampal2017-07-276-3/+25
| |
* | Merge pull request #4479 from mtnbikenc/contiv-warningsScott Dodson2017-07-272-2/+2
|\ \ | |/ |/| Resolve Ansible deprecation warnings in Contiv roles
| * Resolve deprecation warnings in Contiv rolesRussell Teague2017-06-162-2/+2
| |
* | Test docker restart with retries 3 delay 30Steve Milner2017-07-181-0/+4
| |
* | Add support for rhel, aci, vxlanSanjeev Rampal2017-05-318-23/+111
|/
* Update systemd units to use proper container service nameSteve Milner2017-05-091-1/+1
| | | | | | | - If using a system container: container-engine - If using a package install: docker Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1448800
* System container dockerSteve Milner2017-05-031-1/+1
| | | | | | | | | | | | | | | This change allows for the use of either the traditional package install of docker OR a system container install of docker. Two new inventory options, openshift_docker_use_system_container and openshift_docker_systemcontainer_image_registry_override, have been added which are be used to install with a system container. By default this option is commented out. One new fact has been added: - docker.service_name: docker by default, container-engine-docker for system container
* Fix for issue 3541Sanjeev Rampal2017-03-074-1/+36
|
* Combined (squashed) commit for all changes related to adding Contiv support ↵Sanjeev Rampal2017-02-2727-0/+706
into Openshift Ansible. This is the first (beta) release of Contiv with Openshift and is only supported for Openshift Origin + Bare metal deployments at the time of this commit. Please refer to the Openshift and Contiv official documentation for details of the level of support for different features and modes of operation.