| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |/
|
|
|
|
|
| |
- htpasswd users
- ldap ca file
- openid ca file
- request_header ca file
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Configures HTTP_PROXY, HTTPS_PROXY, NO_PROXY for master and docker services.
Configugres BuildDefaults Admission controller for master to automatically
insert proxy environment configuration into build environments.
To use set at least these variables
- openshift_http_proxy
- openshift_https_proxy
NO_PROXY entries will automatically be configured for hostnames of all openshift
hosts. You may specify additional NO_PROXY hosts or patterns by setting
`openshift_no_proxy`
If you wish to disable automatic generation of NO_PROXY hosts you may set
`openshift_generate_no_proxy_hosts` to False.
If you wish to have different builddefaults proxy configuration than baseline
proxy configuration set these variables
- openshift_builddefaults_http_proxy
- openshift_builddefaults_https_proxy
- openshift_builddefaults_no_proxy
- openshift_builddefaults_git_http_proxy
- openshift_builddefaults_git_https_proxy
|
| |
|
|
|
| |
Conflicts:
roles/openshift_facts/library/openshift_facts.py
|
| |\
| |
| | |
Support setting imagePolicyConfig JSON in inventory.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
For flexibility this is another pure JSON field to translate directly to
yaml in the master config.
Also updated to more safely handle JSON inventory variables as this
uncovered a bug with booleans where you end up with a string containing
json in your yaml.
|
| |/
|
|
| |
Lifted from https://github.com/openshift/origin/pull/8317
|
| |\
| |
| | |
Add cloudprovider config dir to docker options.
|
| | | |
|
| |\ \
| | |
| | | |
Check for kind in cloudprovider facts prior to accessing.
|
| | |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow users who wish to deploy configs with ansible to define templates for
oauth screens, and control the alwaysShowProviderSelection setting.
There are currently three supported oauth templates, and we have a pre-existing
'oauth_template' variable, but it is assumed to mean you are controlling the
'login' screen, and this is the only one you can configure.
To work around this, supporting all current and future templates, introduce a
pluralized variable 'oauth_templates', which contains a JSON dict allowing the
admin to control any template they wish. If both new and old variables are
defined, the old one is ignored. (and can be considered deprecated)
Internally the old value will be converted to the new dict, so the template
just references one value.
Example:
openshift_master_oauth_always_show_provider_selection=true
openshift_master_oauth_templates={"providerSelection": "provider-selection.html", "error": "oauth-error.html"}
Yeilds:
oauthConfig:
alwaysShowProviderSelection: true
templates:
error: oauth-error.html
providerSelection: provider-selection.html
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds four new inventory variables for setting sections in "admissionConfig" and
"kubernetesMasterConfig.admissionConfig".
openshift_master_admission_plugin_order allows configuring the list of origin
admission controller plugins to enable and what order to run them in. This must
be a JSON formatted list of strings:
openshift_master_admission_plugin_order=["RunOnceDuration", "NamespaceLifecycle", "OriginPodNodeEnvironment", "ClusterResourceOverride", "LimitRanger", "ServiceAccount", "SecurityContextConstraint", "ResourceQuota", "SCCExecRestrictions"]
openshift_master_kube_admission_plugin_order is identical but for the
kubernetes admission controller plugins which appear beneath
kubernetesMasterConfig.
openshift_master_admission_plugin_config allows setting free-form configuration
stanzas that match up with enabled admission controller plugins. This must be a
JSON formatted hash:
openshift_master_admission_plugin_config={"RunOnceDuration":{"configuration":{"apiVersion":"v1","kind":"RunOnceDurationConfig","activeDeadlineSecondsOverride":3600}},"ClusterResourceOverride":{"configuration":{"apiVersion":"v1","kind":"ClusterResourceOverrideConfig","limitCPUToMemoryPercent":200,"cpuRequestToLimitPercent":6,"memoryRequestToLimitPercent":60}}}
openshift_master_kube_admission_plugin_config is the equivalent for kubernetes
admission controller plugins.
Contains a change to merge_facts to fix issues with modifying inventory
variables that contain JSON dicts. If you modified a previously set variable,
the result would be a merge of old and new, which is completely wrong in this
case. Addded new overwrite_facts to shortcut to just taking the new values.
This differs from the pre-existing concept of "protected" in that we're not
protecting an old value, we're trashing it and taking the new.
|
| |
|
|
|
|
|
|
|
| |
- introduce openshift_master_scheduler_predicates and
openshift_master_scheduler_priorities to override the default scheduler
predicates and priorities
- switch default scheduler priorities to use SelectorSpreadPriority instead
of ServiceSpreadingPriority
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are points where the docker service is restarted during
the install. Sometimes the services that are PartOf docker.service
do not get restarted when docker is restarted.
https://bugzilla.redhat.com/show_bug.cgi?id=1318948
Systemd documentation recommends using "wants" as the perferred
means of creating startup linkages between units. This
patch makes the ose services wanted by the docker service rather
than multi-user.target.
This creates a downward link from the docker service to the ose
containerized services.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This is the containerized openshift_pkg_version equivalent. Originally I was
hoping to reuse openshift_pkg_version for containerized installs but the fact
that it's very coupled to yum made that pretty ugly.
However, I did opt to rely on the previously existing 'openshift_version'
variable. Containerized and RPM installs can both use that variable and it
will be set appropriately if either openshift_pkg_version or
openshift_image_tag are set. I suspect someday containerized installs will be
the only option and I didn't can to have thinkgs like openshift_pkg_version and
openshift_image_tag in the playbooks anymore the necessary.
|
| | |
|
| | |
|
| |\
| |
| | |
Nuage
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Added variables
Made changes for node configuration
Add service restart logic to node
Fixed ansible syntax errors
Add cert and key info for nodes
Added active and standby controller ip configuration information
Uncommented the nuage sdn check
Changed ca_crt -> ca_cert
Added restarting of atomic openshift master
Removed service account dependencies
Fixes
Fixed the api server url
Removed redundant restart of atomic openshift master
Configure nuagekubemon on all of the master nodes
Restart master api and controllers as well on nuagekubemon installation
Converted plugin config into template
Add template for nuagekubemon
Removed uplink interface from vars
Able to copy cert keys
Uninstall default ovs
Add the kubemon template
Do not install rdo sdn rpms in case of nuage
Addressed latest review comments
Set the networkPluginName for nuage
|
| | | |
|
| |\ \
| | |
| | | |
Native ha port fixes
|
| | | | |
|
| |/ / |
|
| | | |
|
| | | |
|
| | | |
|
| |\ \
| | |
| | | |
Clean up idempotency issues with session secrets.
|
| | | | |
|
| |/ / |
|
| |\ \
| | |
| | | |
Add the new metrics and logging urls v2
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
add the necessary URLs for logging and metrics
use the dict in the right way
add the new variables into the hosts file
add the new variables into the hosts file
add the new variables into the hosts file
Adopted the config text
|
| |\ \ \
| | | |
| | | | |
Reset Type=notify for controllers service
|
| | | | | |
|
| | |/ / |
|
| | | | |
|
| | | | |
|
| |/ /
| |
| |
| | |
copied from https://github.com/eparis/kubernetes-ansible/blob/17f98edd7ff53e649b43e26822b8fbc0be42b233/roles/common/tasks/main.yml
|
| |/ |
|
| | |
|
| |
|
|
|
|
| |
- Remote template in favor of a filter plugin
- Add additional validation for identity provider config
- Add mappingMethod attribute for identity providers, default to 'claim'
|
| | |
|
| | |
|
| |\
| |
| | |
apiLevel changes
|
| | |
| |
| |
| |
| |
| | |
- remove kubernetesMasterConfig.apiLevels if >= 3.1/1.1
- change apiLevels conditional from using deployment_type to
version_greater_than_3_1_or_1_1
|
| | | |
|
| | | |
|
