summaryrefslogtreecommitdiffstats
path: root/roles/openshift_master/templates
Commit message (Collapse)AuthorAgeFilesLines
...
| * | support 3rd party schedulerenlinxu2016-10-201-0/+1
| | |
* | | Change to allow cni deployments without openshift SDNyfauser2016-11-081-1/+1
| | | | | | | | | | | | | | | | | | | | | The roles/openshift_facts main task did not pass the cni plugin variable to the later role playbooks. The master.yaml and node.yaml templates did not allow for a cni configuration without either installing openshift sdn or nuage. This change will allow to use os_sdn_network_plugin_name=cni and set openshift_use_openshift_sdn=false for deployments that use a cni plugin that doesn't need and want openshift sdn to be installed
* | | Restart API service always as well.Devan Goodwin2016-11-041-0/+1
| |/ |/| | | | | | | | | | | Recently applied this fix for controllers due to the systemd-journald restart issue, it sounds as is this one is also sometimes affected. Containerized already uses this, so we will apply the same restart strategy here.
* | Change HA master controller service to restart always.Devan Goodwin2016-10-272-2/+2
|/ | | | | | | | | | Restarts of systemd-journald can cause the master controllers service to die in HA environments, due to a SIGPIPE and how it's handled. (seemingly by default in golang) on-failure does not trigger in this situation, instead we set to Restart=always in the systemd unit, which matches the non-HA service definitions as well.
* set defaults for debug_level in template and taskJustin Cook2016-10-111-1/+1
|
* Check if openshift_master_ingress_ip_network_cidr is definedMathias Merscher2016-10-041-1/+1
| | | | Signed-off-by: Mathias Merscher <Mathias.Merscher@dg-i.net>
* allow networkConfig.ingressIPNetworkCIDRs to be configuredMathias Merscher2016-10-041-0/+3
| | | | Signed-off-by: Mathias Merscher <Mathias.Merscher@dg-i.net>
* Don't use openshift_env for cloud provider facts.Andrew Butcher2016-08-256-12/+12
|
* Merge pull request #2358 from abutcher/service-serving-certsAndrew Butcher2016-08-251-0/+7
|\ | | | | enable service-serving-cert-signer by default
| * enable service-serving-cert-signer by defaultAndrew Butcher2016-08-241-0/+7
| |
* | Merge pull request #2100 from smunilla/BZ1337553Scott Dodson2016-08-241-0/+1
|\ \ | |/ |/| Add externalIPNetworkCIDRs to config
| * Add externalIPNetworkCIDRs to configSamuel Munilla2016-08-231-0/+1
| | | | | | | | | | Allow networkConfig.externalIPNetworkCIDRs to be set along with a default to emulate the old 3.1 behavior.
* | Correct masterCA config typo.Andrew Butcher2016-08-241-2/+2
|/
* qps typodeads2k2016-08-111-2/+2
|
* Merge pull request #2211 from dgoodwin/33-upgrade-playbookScott Dodson2016-08-082-0/+14
|\ | | | | 1.3 / 3.3 Upgrades
| * Add 3.3 protobuf config stanzas for master/node config.Devan Goodwin2016-07-281-0/+14
| |
| * Introduce 1.3/3.3 upgrade path.Devan Goodwin2016-07-251-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refactored the 3.2 upgrade common files out to a path that does not indicate they are strictly for 3.2. 3.3 upgrade then becomes a relatively small copy of the byo entry point, all calling the same code as 3.2 upgrade. Thus far there are no known 3.3 specific upgrade tasks. In future we will likely want to allow hooks out to version specific pre/upgrade/post tasks. Also fixes a bug where the handlers were not restarting nodes/openvswitch containers doing upgrades, due to a change in Ansible 2+.
* | Add options for specifying named ca certificates to be added to the ↵Andrew Butcher2016-08-011-3/+11
|/ | | | openshift ca bundle.
* Merge pull request #1945 from dgoodwin/upgrade33Scott Dodson2016-07-143-3/+3
|\ | | | | openshift_release / version / upgrade improvements
| * Merge branch 'master' into upgrade33Devan Goodwin2016-06-283-0/+18
| |\
| * | Always populate openshift_image_tag and openshift_pkg_version.Devan Goodwin2016-06-153-3/+3
| | | | | | | | | | | | | | | Allows the use of arbitrary tags, precise control over containers and rpms, and likely mixed environments.
| * | Add leading v for remaining IMAGE_VERSION templates.Devan Goodwin2016-05-302-2/+2
| | |
| * | Complete installation of first master containerized.Devan Goodwin2016-05-251-1/+1
| | |
* | | [master] add support for setting auditConfigJason DeTiberus2016-07-131-0/+3
| |/ |/|
* | Add per-service environment variables.Andrew Butcher2016-06-133-0/+18
|/
* Allow overriding servingInfo.maxRequestsInFlight via ↵Andrew Butcher2016-05-131-1/+1
| | | | openshift_master_max_requests_inflight.
* Fix mistaken quotes on proxy sysconfig variables.Devan Goodwin2016-05-123-9/+9
| | | | Only need double quotes if preserving whitespace, and never singles.
* Merge pull request #1812 from sdodson/issue1759Jason DeTiberus2016-04-271-0/+2
|\ | | | | Add masterConfig.volumeConfig.dynamicProvisioningEnabled
| * Add masterConfig.volumeConfig.dynamicProvisioningEnabledScott Dodson2016-04-261-0/+2
| |
* | Don't set empty HTTP_PROXY, HTTPS_PROXY, NO_PROXY valuesScott Dodson2016-04-263-16/+15
| |
* | Merge pull request #1809 from abutcher/portal-netJason DeTiberus2016-04-263-3/+3
|\ \ | |/ |/| BZ 1330357: Fail to deploy pod after installing env with openshift_master_portal_net='172.31.0.0/16'
| * Access portal_net in common facts.Andrew Butcher2016-04-263-3/+3
| |
* | Add support for setting identity provider custom valuesJason DeTiberus2016-04-251-0/+5
|/ | | | | | | - htpasswd users - ldap ca file - openid ca file - request_header ca file
* Add global proxy configurationScott Dodson2016-04-223-15/+31
| | | | | | | | | | | | | | | | | | | | | | | | | Configures HTTP_PROXY, HTTPS_PROXY, NO_PROXY for master and docker services. Configugres BuildDefaults Admission controller for master to automatically insert proxy environment configuration into build environments. To use set at least these variables - openshift_http_proxy - openshift_https_proxy NO_PROXY entries will automatically be configured for hostnames of all openshift hosts. You may specify additional NO_PROXY hosts or patterns by setting `openshift_no_proxy` If you wish to disable automatic generation of NO_PROXY hosts you may set `openshift_generate_no_proxy_hosts` to False. If you wish to have different builddefaults proxy configuration than baseline proxy configuration set these variables - openshift_builddefaults_http_proxy - openshift_builddefaults_https_proxy - openshift_builddefaults_no_proxy - openshift_builddefaults_git_http_proxy - openshift_builddefaults_git_https_proxy
* Promote portal_net to openshift.common, add kube_svc_ipScott Dodson2016-04-191-2/+2
| | | | | Conflicts: roles/openshift_facts/library/openshift_facts.py
* Merge pull request #1738 from dgoodwin/image-policy-configBrenton Leanhardt2016-04-131-0/+3
|\ | | | | Support setting imagePolicyConfig JSON in inventory.
| * Support setting imagePolicyConfig JSON in inventory.Devan Goodwin2016-04-121-0/+3
| | | | | | | | | | | | | | | | | | For flexibility this is another pure JSON field to translate directly to yaml in the master config. Also updated to more safely handle JSON inventory variables as this uncovered a bug with booleans where you end up with a string containing json in your yaml.
* | use RestartSec to avoid default rate limit in systemdBrenton Leanhardt2016-04-125-0/+5
|/ | | | Lifted from https://github.com/openshift/origin/pull/8317
* Merge pull request #1722 from abutcher/containerized-cloudproviderBrenton Leanhardt2016-04-073-3/+3
|\ | | | | Add cloudprovider config dir to docker options.
| * Add cloudprovider config dir to docker options.Andrew Butcher2016-04-063-3/+3
| |
* | Merge pull request #1699 from abutcher/check-cloudprovider-kindBrenton Leanhardt2016-04-063-3/+3
|\ \ | | | | | | Check for kind in cloudprovider facts prior to accessing.
| * | Check for kind in cloudprovider facts prior to accessing.Andrew Butcher2016-04-043-3/+3
| |/
* | Add support for configuring oauth templates.Devan Goodwin2016-04-011-3/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow users who wish to deploy configs with ansible to define templates for oauth screens, and control the alwaysShowProviderSelection setting. There are currently three supported oauth templates, and we have a pre-existing 'oauth_template' variable, but it is assumed to mean you are controlling the 'login' screen, and this is the only one you can configure. To work around this, supporting all current and future templates, introduce a pluralized variable 'oauth_templates', which contains a JSON dict allowing the admin to control any template they wish. If both new and old variables are defined, the old one is ignored. (and can be considered deprecated) Internally the old value will be converted to the new dict, so the template just references one value. Example: openshift_master_oauth_always_show_provider_selection=true openshift_master_oauth_templates={"providerSelection": "provider-selection.html", "error": "oauth-error.html"} Yeilds: oauthConfig: alwaysShowProviderSelection: true templates: error: oauth-error.html providerSelection: provider-selection.html
* | Add support for templating master admissionConfig.Devan Goodwin2016-04-011-0/+14
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds four new inventory variables for setting sections in "admissionConfig" and "kubernetesMasterConfig.admissionConfig". openshift_master_admission_plugin_order allows configuring the list of origin admission controller plugins to enable and what order to run them in. This must be a JSON formatted list of strings: openshift_master_admission_plugin_order=["RunOnceDuration", "NamespaceLifecycle", "OriginPodNodeEnvironment", "ClusterResourceOverride", "LimitRanger", "ServiceAccount", "SecurityContextConstraint", "ResourceQuota", "SCCExecRestrictions"] openshift_master_kube_admission_plugin_order is identical but for the kubernetes admission controller plugins which appear beneath kubernetesMasterConfig. openshift_master_admission_plugin_config allows setting free-form configuration stanzas that match up with enabled admission controller plugins. This must be a JSON formatted hash: openshift_master_admission_plugin_config={"RunOnceDuration":{"configuration":{"apiVersion":"v1","kind":"RunOnceDurationConfig","activeDeadlineSecondsOverride":3600}},"ClusterResourceOverride":{"configuration":{"apiVersion":"v1","kind":"ClusterResourceOverrideConfig","limitCPUToMemoryPercent":200,"cpuRequestToLimitPercent":6,"memoryRequestToLimitPercent":60}}} openshift_master_kube_admission_plugin_config is the equivalent for kubernetes admission controller plugins. Contains a change to merge_facts to fix issues with modifying inventory variables that contain JSON dicts. If you modified a previously set variable, the result would be a merge of old and new, which is completely wrong in this case. Addded new overwrite_facts to shortcut to just taking the new values. This differs from the pre-existing concept of "protected" in that we're not protecting an old value, we're trashing it and taking the new.
* Allow for overriding scheduler configJason DeTiberus2016-03-311-15/+0
| | | | | | | | | - introduce openshift_master_scheduler_predicates and openshift_master_scheduler_priorities to override the default scheduler predicates and priorities - switch default scheduler priorities to use SelectorSpreadPriority instead of ServiceSpreadingPriority
* Add AWS cloud provider support.Andrew Butcher2016-03-293-0/+15
|
* make docker service want ose containerized servicesSeth Jennings2016-03-283-3/+3
| | | | | | | | | | | | | | | | There are points where the docker service is restarted during the install. Sometimes the services that are PartOf docker.service do not get restarted when docker is restarted. https://bugzilla.redhat.com/show_bug.cgi?id=1318948 Systemd documentation recommends using "wants" as the perferred means of creating startup linkages between units. This patch makes the ose services wanted by the docker service rather than multi-user.target. This creates a downward link from the docker service to the ose containerized services.
* Load environment files in containerized installsScott Dodson2016-03-163-3/+3
|
* improve ordering of systemd unitsJason DeTiberus2016-03-145-15/+14
|
* Ensure is_containerized is cast as bool.Andrew Butcher2016-03-143-3/+3
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-08 00:26:37 +0000