| Commit message (Collapse) | Author | Age | Files | Lines |
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Docker 1.10 is no longer tolerant of commands like "docker pull
myimage:" when we do not have an image tag in play.
Adjust all occurrences with one that only includes the : if a version is
defined.
Adjust the containerized CLI wrappers for a similar problem.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Adds a separate playbook for Docker 1.10 upgrade that can be run
standalone on a pre-existing 3.2 cluster. The upgrade will take each
node out of rotation, and remove *all* containers and images on it, as
this is reportedly faster and more storage efficient than performing the
in place 1.10 upgrade.
This process is integrated into the 3.1 to 3.2 upgrade process.
Normal config playbooks now become 3.2 only, and require Docker 1.10.
Users of older environments will have to use an appropriate
openshift-ansible version.
Config playbooks no longer are in the business of upgrading or
downgrading docker.
|
|\ \
| |/
|/| |
Add flag to manage htpasswd, or not.
|
| |
| |
| |
| | |
Also move file mode to the file-exists check to not specify twice.
|
| |
| |
| |
| |
| | |
Setting `openshift_master_manage_htpasswd` falsy will disable managing
the htpasswd file. It won't get overwritten/generated.
|
|/
|
|
|
|
| |
Causes a hard failure due to missing etcd/atomic-openshift-master
services. Instead, check that the services exist before ensuring they're
stopped/disabled.
|
| |
|
|\
| |
| | |
Add openshift_clock role
|
| |
| |
| |
| | |
openshift_etcd
|
|\ \
| | |
| | | |
Refactor openshift certificate roles
|
| |/ |
|
| | |
|
|/ |
|
|
|
|
| |
openshift_master_max_requests_inflight.
|
|\
| |
| | |
Fix mistaken quotes on proxy sysconfig variables.
|
| |
| |
| |
| | |
Only need double quotes if preserving whitespace, and never singles.
|
| | |
|
|/ |
|
|\
| |
| |
| | |
Tagging package [openshift-ansible] version [3.0.88-1] in directory [./].
|
| | |
|
|/ |
|
|\
| |
| | |
Add masterConfig.volumeConfig.dynamicProvisioningEnabled
|
| | |
|
| | |
|
|\ \
| |/
|/| |
BZ 1330357: Fail to deploy pod after installing env with openshift_master_portal_net='172.31.0.0/16'
|
| | |
|
|/
|
|
|
|
|
| |
- htpasswd users
- ldap ca file
- openid ca file
- request_header ca file
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Configures HTTP_PROXY, HTTPS_PROXY, NO_PROXY for master and docker services.
Configugres BuildDefaults Admission controller for master to automatically
insert proxy environment configuration into build environments.
To use set at least these variables
- openshift_http_proxy
- openshift_https_proxy
NO_PROXY entries will automatically be configured for hostnames of all openshift
hosts. You may specify additional NO_PROXY hosts or patterns by setting
`openshift_no_proxy`
If you wish to disable automatic generation of NO_PROXY hosts you may set
`openshift_generate_no_proxy_hosts` to False.
If you wish to have different builddefaults proxy configuration than baseline
proxy configuration set these variables
- openshift_builddefaults_http_proxy
- openshift_builddefaults_https_proxy
- openshift_builddefaults_no_proxy
- openshift_builddefaults_git_http_proxy
- openshift_builddefaults_git_https_proxy
|
| |
|
|
|
|
|
| |
Conflicts:
roles/openshift_facts/library/openshift_facts.py
|
|
|
|
|
|
| |
QE found that for fresh installs we were basing the docker version facts of the
images that could be pulled prior to configuring /etc/sysconfig/docker. This
is an edge case but something we need to fix.
|
|\
| |
| | |
Support setting imagePolicyConfig JSON in inventory.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
For flexibility this is another pure JSON field to translate directly to
yaml in the master config.
Also updated to more safely handle JSON inventory variables as this
uncovered a bug with booleans where you end up with a string containing
json in your yaml.
|
|\ \
| | |
| | | |
Convert image_tag on masters
|
| | |
| | |
| | |
| | | |
Also convert openshift_image_tag to and rpm versions for masters.
|
| | | |
|
| | |
| | |
| | |
| | | |
Lifted from https://github.com/openshift/origin/pull/8317
|
|/ / |
|
|/ |
|
|\
| |
| | |
Add cloudprovider config dir to docker options.
|
| | |
|
|\ \
| | |
| | | |
Check for kind in cloudprovider facts prior to accessing.
|
| | | |
|
|\ \ \
| |_|/
|/| | |
Add support for templating master admissionConfig.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Allow users who wish to deploy configs with ansible to define templates for
oauth screens, and control the alwaysShowProviderSelection setting.
There are currently three supported oauth templates, and we have a pre-existing
'oauth_template' variable, but it is assumed to mean you are controlling the
'login' screen, and this is the only one you can configure.
To work around this, supporting all current and future templates, introduce a
pluralized variable 'oauth_templates', which contains a JSON dict allowing the
admin to control any template they wish. If both new and old variables are
defined, the old one is ignored. (and can be considered deprecated)
Internally the old value will be converted to the new dict, so the template
just references one value.
Example:
openshift_master_oauth_always_show_provider_selection=true
openshift_master_oauth_templates={"providerSelection": "provider-selection.html", "error": "oauth-error.html"}
Yeilds:
oauthConfig:
alwaysShowProviderSelection: true
templates:
error: oauth-error.html
providerSelection: provider-selection.html
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Adds four new inventory variables for setting sections in "admissionConfig" and
"kubernetesMasterConfig.admissionConfig".
openshift_master_admission_plugin_order allows configuring the list of origin
admission controller plugins to enable and what order to run them in. This must
be a JSON formatted list of strings:
openshift_master_admission_plugin_order=["RunOnceDuration", "NamespaceLifecycle", "OriginPodNodeEnvironment", "ClusterResourceOverride", "LimitRanger", "ServiceAccount", "SecurityContextConstraint", "ResourceQuota", "SCCExecRestrictions"]
openshift_master_kube_admission_plugin_order is identical but for the
kubernetes admission controller plugins which appear beneath
kubernetesMasterConfig.
openshift_master_admission_plugin_config allows setting free-form configuration
stanzas that match up with enabled admission controller plugins. This must be a
JSON formatted hash:
openshift_master_admission_plugin_config={"RunOnceDuration":{"configuration":{"apiVersion":"v1","kind":"RunOnceDurationConfig","activeDeadlineSecondsOverride":3600}},"ClusterResourceOverride":{"configuration":{"apiVersion":"v1","kind":"ClusterResourceOverrideConfig","limitCPUToMemoryPercent":200,"cpuRequestToLimitPercent":6,"memoryRequestToLimitPercent":60}}}
openshift_master_kube_admission_plugin_config is the equivalent for kubernetes
admission controller plugins.
Contains a change to merge_facts to fix issues with modifying inventory
variables that contain JSON dicts. If you modified a previously set variable,
the result would be a merge of old and new, which is completely wrong in this
case. Addded new overwrite_facts to shortcut to just taking the new values.
This differs from the pre-existing concept of "protected" in that we're not
protecting an old value, we're trashing it and taking the new.
|
|\ \
| | |
| | | |
Fixing bugs 1322788 and 1323123
|
| |/
| |
| |
| | |
and atomic-openshift-master-controllers
|
|/ |
|