| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Automatic merge from submit-queue.
escape corsAllowedOrigins regexp strings and anchor them
`corsAllowedOrigins` parameter got interpreted by OpenShift/Kubernetes as a regular expression (there is a bug about that: https://bugzilla.redhat.com/show_bug.cgi?id=1482903).
It leads to some vague behaviour, like for `127.0.0.1` value `127a0b0c1` will be matched as valid, as well as `localhost.example.com` for `localhost`.
I've added regexp escaping here, as well as value anchoring to the begin and end of the string.
I've also added case-insensitive flag `(?i)` to match values like `LocalHost` for `localhost`.
|
| | |
|
| | |
|
| | |
|
| | |
|
|\ \
| | |
| | |
| | |
| | | |
Automatic merge from submit-queue.
Add arbitrary firewall port config to master too
|
| | | |
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
ingvagabund/remove-master-service-during-non-ha-to-ha-upgrade
Automatic merge from submit-queue.
remove master.service during the non-ha to ha upgrade
Bug: 1506165
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Automatic merge from submit-queue.
GCP cannot use growpart utils from AWS due to conflicting package
Allow cloud provider specific packages to be specified. Also, fix a wait condition in openshift_gcp to allow masters to be bootstrapped nodes.
@kwoodson
|
| | | | | |
|
| | |/ /
| |/| |
| | | |
| | | | |
Consistent with other use
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Automatic merge from submit-queue.
Add retry logic to docker auth credentials
This commit enables retry on docker login commands.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1506931
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | | |
This commit enables retry on docker login commands.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1506931
|
|\ \ \ \
| | | | |
| | | | | |
Retry restarting journald
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Sometimes journald fails to restart cleanly during upgrades.
This commit retries restarting 3 times.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1506141
|
| |/ /
|/| | |
|
|\ \ \
| |/ /
|/| |
| | |
| | |
| | |
| | |
| | | |
Automatic merge from submit-queue.
add new clusterNetworks fields to new installs
add clusterNetworks field to the networkConfig so that the new fields
appear in new installs
|
| | |
| | |
| | |
| | |
| | | |
add clusterNetworks field to the networkConfig so that the new fields
appear in new installs when openshift version is greater then 3.7
|
|\ \ \
| | | |
| | | | |
Ensure journald persistence directories exist
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently, we configure openshfit masters to modify journald
to use persistent storage. The directory structure must be
created manually according to documentation.
This commit ensures the needed directory is created.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1506141
|
|/ /
| |
| |
| |
| | |
Fixes 1505537
https://bugzilla.redhat.com/show_bug.cgi?id=1505537
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Automatic merge from submit-queue.
Ensure upgrades apply latest journald settings
Currently, existing clusters might not have journald
configurations applied. This may result in a rate-
limiting of important log messages on openshift-masters.
This commit ensures that journald settings are applied
during the upgrade process openshif-masters.
Fixes: https://github.com/openshift/openshift-ansible/issues/5642
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently, existing clusters might not have journald
configurations applied. This may result in a rate-
limiting of important log messages on openshift-masters.
This commit ensures that journald settings are applied
during the upgrade process openshif-masters.
Fixes: https://github.com/openshift/openshift-ansible/issues/5642
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Automatic merge from submit-queue.
Avoid undefined variable in master sysconfig template
When "openshift_master_controllers_env_vars" is set, but
"openshift_master_api_env_vars" isn't, the template for the sysconfig
file of atomic-openshift-master fails:
AnsibleUndefinedVariable: 'dict object' has no attribute 'api_env_vars'
Avoid this issue by applying "default({})" to the dict and always
calling ".items()".
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When "openshift_master_controllers_env_vars" is set, but
"openshift_master_api_env_vars" isn't, the template for the sysconfig
file of atomic-openshift-master fails:
AnsibleUndefinedVariable: 'dict object' has no attribute 'api_env_vars'
Avoid this issue by applying "default({})" to the dict and always
calling ".items()".
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Automatic merge from submit-queue.
Always ensure atomic.conf is configured for system containers.
A new openshift_atomic role has been created for atomic specific tasks.
The first task added is proxy which handles updating /etc/atomic.conf to
ensure the proper proxy configuration is configured. This task file is
then included (via include_role) in system container related task files.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1503903
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
A new openshift_atomic role has been created for atomic specific tasks.
The first task added is proxy which handles updating /etc/atomic.conf to
ensure the proper proxy configuration is configured. This task file is
then included (via include_role) in system container related task files.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1503903
Signed-off-by: Steve Milner <smilner@redhat.com>
|
|\ \ \
| | | |
| | | | |
Fix undefined variable for master upgrades
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently, oreg_auth_credentials_replace is undefined
during master upgrades.
This commit ensures this variable is defined during
upgrades.
|
|/ /
| |
| |
| |
| |
| |
| |
| | |
This commit enables deploying Kuryr networking on top of OpenShift in
containers. kuryr-controller is a Deployment and kuryr-cni is deployed
as DaemonSet (container will drop all CNI configuration files).
Co-Authored-By: Antoni Segura Puimedon <celebdor@gmail.com>
|
| | |
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Automatic merge from submit-queue.
Rewire openshift_template_service_broker_namespaces configurable
@ewolinetz
@bparees
|
| | | |
|
|\ \ \
| |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Automatic merge from submit-queue.
Add ability to set node and master imageConfig to latest
Currently, imageConfig.latest is hard-coded to false.
This commit adds an appropriate boolean to enable
setting to true.
Fixes: https://github.com/openshift/openshift-ansible/issues/1422
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently, imageConfig.latest is hard-coded to false.
This commit adds an appropriate boolean to enable
setting to true.
Fixes: https://github.com/openshift/openshift-ansible/issues/1422
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently, non-containerized nodes have systemd
service unit files created after registry auth
credentials are created. Containerized nodes
place service unit files prior to creation of
these credentials.
This commit ensures systemd service units
are created at the correct time for both
containerized and non-containerized nodes.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1500642
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Automatic merge from submit-queue.
Migrate embedded etcd to external etcd
Trello card: https://trello.com/c/9fnBfkT5/528-migrate-embedded-etcd-hosts-to-external-process?menu=filter&filter=label:committed-3.7
Tested on:
- [x] embedded etcd -> external rpm etcd
- [x] embedded etcd -> external docker etcd
One needs to set the `openshift_image_tag` before running the migration to containerized docker etcd.
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently, debug_level is documented as a way to change
the debug output level for both masters and nodes.
debug_level does not currently have any effect.
This commit removes debug_level from openshift_facts
and properly sets openshift_master_debug_level and
openshift_node_debug_level to the value of debug_level
specified in the inventory.
This commit also reorganizes some set_fact tasks
needed during master upgrades to put all work-around
set-facts for undefined variables in one place, allowing
for easier cleanup in the future. This includes an
entry for openshift_master_debug_level.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1500164
|
|/ / |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently, the logic for registry authentication is
not implemented correctly to account for upgrades of
containerized hosts.
Additionally, the logic to account for multiple runs
of openshift-ansible might cause registry authentication
credentials to not be mounted inside of containerized hosts.
This commit adds the necessary logic to ensure containerized
hosts retain registry credentials.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1494470
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Automatic merge from submit-queue
Remove default value for oreg_url
Due to some plays importing variables from roles
directly, oreg_url was being set to a default
value when it otherwise shouldn't be.
This commit removes the default values for oreg_url
to ensure existing logic works as desired.
Fixes: https://github.com/openshift/openshift-ansible/issues/5455
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Due to some plays importing variables from roles
directly, oreg_url was being set to a default
value when it otherwise shouldn't be.
This commit removes the default values for oreg_url
to ensure existing logic works as desired.
Fixes: https://github.com/openshift/openshift-ansible/issues/5455
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, openshift-ansible supported various
types of deployments using the variable "openshift_deployment_type"
Currently, openshift-ansible only supports two deployment types,
"origin" and "openshift-enterprise".
This commit removes all logic and references to deprecated
deployment types.
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Automatic merge from submit-queue
Increase rate limiting in journald.conf
@sdodson ptal, this is to address issues from https://github.com/openshift/origin/issues/12558
@smarterclayton @stevekuznetsov fyi
|
| | | |
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Automatic merge from submit-queue
Fix registry auth task ordering
Currently, registry authentication credentials are not
produced until after docker systemd service files are
created.
This commit ensures the credentials are
created before the systemd service files to ensure
the proper boolean is set to include the read-only
mount of credentials inside containerized nodes and
masters.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Currently, registry authentication credentials are not
produced until after docker systemd service files are
created.
This commit ensures the credentials are
created before the systemd service files to ensure
the proper boolean is set to include the read-only
mount of credentials inside containerized nodes and
masters.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
|