| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Automatic merge from submit-queue
hot fix for env variable resolve
If we use environment variables in our inventory files (and from what I seen we do this everywhere where We deploy OCP) our fact engine ignores env variables so if my path looks like
```
openshift_hosted_registry_routecertificates={"certfile": "{{inventory_dir}}/../files/certs/wildcard.registry.company.local.crt", "keyfile": "{{inventory_dir}}/../files/certs/wildcard.registry.companylocal.key", "cafile":"{{inventory_dir}}/../files/certs/CompanyLocalRootCA.crt"}
openshift_hosted_registry_routehost=containers.registry.comany.local
```
the result is: `/../files/certs/RoSLocalRootCA.crt`
We need to fix our fact set in a long run to read Ansible variables. And it was done in the same way with router certificates already.
|
| | |
|
|/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We have identified an issue where a docker-registry service set up
as 'reencrypt' with a provided certificate and a self-signed certificate
on the pod does not authorize users to push images.
If the docker-registry service is set up as 'passthrough' with the
same provided certificate, everything works.
In light of this, this commit essentially adds support for configuring
provided certificates with a passthrough route while maintaining backwards
compatibility with the other use cases.
The default remains 'passthrough' with self-generated certificates.
Other miscellaneous changes include:
- Move fact setup that were only used in secure.yml there
- Omit the hostname for the route if there are none to configure,
oc_route takes care of handling the default
- Replace hardcoded /etc/origin/master by openshift_master_config_dir
|
| |
|
| |
|
|
|
|
| |
error in secure.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
reencrypt for route.
|
| |
|
| |
|
|\
| |
| | |
[WIP] oc route commands now using the oc_route module
|
| | |
|
|\ \
| |/
|/| |
replace 'oc service' command with its lib_openshift equivalent
|
| | |
|
|\ \
| | |
| | | |
WIP: oc secrets now done via oc_secret module
|
| |/ |
|
|/ |
|
| |
|
|
|
|
|
|
| |
In k8s 1.5 (see rebase PR: origin 12143) jsonpath output is slightly
different than previously. Causing this line to fail. We need to pick
secret or secretName when checking this task failure condition.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Problem was caused by facts not being set for that master. To fix this
patch cleans up the calculation of metricsPublicURL in general. Because
this value is used in openshift_master to template into the master
config file, we now define these facts more clearly in
openshift_master_facts, and add a dependency on this to
openshift_metrics.
The calculation of default sub-domain is also changed to remove it from
system facts (as neither of these are facts about the system) and
instead use plain variables.
|
|
|
|
|
|
|
|
| |
Found bug syncing binaries to containerized hosts where if a symlink was
pre-existing, but pointing to the wrong destination, it would not be
corrected.
Switched to using oc adm instead of oadm.
|
|
|
|
|
|
| |
* Convert oc template calls to jsonpath.
* Wait for deployments to finish before restarting docker.
* Re-organize node ca configuration.
|
| |
|
|
|