| Age | Commit message (Collapse) | Author |
|---|
|
Automatic merge from submit-queue
Passing in image parameter for tsb template
CC @jim-minter @deads2k @bparees
|
|
Automatic merge from submit-queue
Refactor openshift_hosted plays and role (version 2)
Currently, openshift_hosted role duplicates some logic
across separate task chains. This commit cleans up
the openshift_hosted role and converts it to be
primarily used with include_role to give better
logic to the playbooks that utilize this role.
This commit also refactors the playbook that calls
various openshift_hosted roles into individual playbooks.
This allows more granularity for advanced users.
-----
This version of the patch set rolls back some of the refactoring (removal of running fact roles as a dependency) and focuses on just realigning the roles and plays.
Original PR: https://github.com/openshift/openshift-ansible/pull/5284
Once this merges, I will close the old PR. Leaving it open for now for reference.
|
|
Automatic merge from submit-queue
Remove logging ES_COPY feature
This PR removes the ES_COPY feature that has been deprecated since 3.3
|
|
Automatic merge from submit-queue
Detect the proper version of the images when using CRI-O
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1494357
|
|
Automatic merge from submit-queue
Changes for Nuage atomic ansible install
|
|
Automatic merge from submit-queue
Move additional/block/insecure registires to /etc/containers/...
Move additional/block/insecure registires to /etc/containers/registries.conf
This commit moves additional/block/insecure registries to
/etc/containers/registries.conf and comments existing lines in
/etc/sysconfig/docker.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1460930
|
|
|
|
Automatic merge from submit-queue
#5362 GlusterFS fails to run more than once
#5362 Added the ability to have the GlusterFS ansible script run more than once. It also allows to update the topology of the Gluster cluster even if the Gluster cluster has already been deployed.
@dustymabe
|
|
Automatic merge from submit-queue
Consolidate etcd upgrade
Consolidates `etcd_upgrade` into the `etcd` role.
|
|
Currently, openshift_hosted role duplicates some logic
across separate task chains. This commit cleans up
the openshift_hosted role and converts it to be
primarily used with include_role to give better
logic to the playbooks that utilize this role.
This commit also refactors the playbook that calls
various openshift_hosted roles into individual playbooks.
This allows more granularity for advanced users.
|
|
Automatic merge from submit-queue
Add 3.7 scheduler predicates
In 3.7 we added NoVolumeNodeConflict and MaxAzureDiskVolumeCount predicate that needs to be installed.
Check carefully, I tested it on my virtual machine, but I did not manage to run the test.
|
|
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1494357
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
Automatic merge from submit-queue
crio: skip installation on lbs and nfs nodes
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1494461
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
Automatic merge from submit-queue
Fixed AnsibleUnsafeText by converting to int
Related to https://github.com/openshift/openshift-ansible/pull/5067
I've tested with custom values and it failed. This fixes the issue in my tests.
```
[cloud-user@bastion ~]$ grep -E 'osm|portal' /etc/ansible/hosts
osm_default_node_selector="role=app"
osm_use_cockpit=true
osm_cluster_network_cidr=10.130.0.0/14
osm_host_subnet_length=8
openshift_portal_net=10.111.0.0/16
```
After the installation:
```
[root@master-0 ~]# alias oetcdctl='etcdctl --cert-file=/etc/etcd/peer.crt --key-file=/etc/etcd/peer.key --ca-file=/etc/etcd/ca.crt --peers="https://master-0.edu.flannel.com:2379,https://master-1.edu.flannel.com:2379,https://master-2.edu.flannel.com:2379"'
[root@master-0 ~]# oetcdctl get /openshift.com/network/config
{
"Network": "10.130.0.0/14",
"SubnetLen": 24,
"Backend": {
"Type": "host-gw"
}
}
```
But, the subnets assigned to the nodes are on different subnet:
```
[root@master-0 ~]# oetcdctl ls /openshift.com/network/subnets
/openshift.com/network/subnets/10.128.83.0-24
/openshift.com/network/subnets/10.128.18.0-24
/openshift.com/network/subnets/10.128.77.0-24
/openshift.com/network/subnets/10.128.101.0-24
/openshift.com/network/subnets/10.128.20.0-24
/openshift.com/network/subnets/10.128.92.0-24
/openshift.com/network/subnets/10.128.58.0-24
/openshift.com/network/subnets/10.128.48.0-24
```
|
|
Automatic merge from submit-queue
Fix registry_auth logic for upgrades
Currently, the logic for registry authentication is
not implemented correctly to account for upgrades of
containerized hosts.
Additionally, the logic to account for multiple runs
of openshift-ansible might cause registry authentication
credentials to not be mounted inside of containerized hosts.
This commit adds the necessary logic to ensure containerized
hosts retain registry credentials.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1494470
|
|
Automatic merge from submit-queue
Consolidate etcd migrate role
The PR is based on top of https://github.com/openshift/openshift-ansible/pull/5371 and https://github.com/openshift/openshift-ansible/pull/5451. Once both PRs are merged, I will rebase.
|
|
Automatic merge from submit-queue
move (and rename) get_dns_ip filter into openshift_node_facts
Due to recent changes to filter_plugins/openshift_node.py, when trying to run a current version of the openshift_node_facts role on a system with an older version of the openshift-ansible-filter-plugins RPM, the new role will fail.
```
File "/usr/share/ansible_plugins/filter_plugins/openshift_node.py", line 30, in get_dns_ip
if bool(hostvars['openshift']['common']['use_dnsmasq']):
KeyError: 'use_dnsmasq'
```
It's not possible for us to have our current RPM version (presently openshift-ansible-filter-plugins-3.5.120-1.git.0.c60f69a.el7.noarch) and a newer RPM installed and run both current openshift-ansible code and older checked-out/vendored releases (for older clusters/releases).
Since only the openshift_node_facts role uses the get_dns_ip filter, move the functionality into a role-specific filter plugin.
In addition, rename the filter plugin to 'node_get_dns_ip' because Ansible is preffering the get_dns_ip from the RPM (ie /usr/share/ansible_plugins/filter_plugins/openshift_node.py) over the role-specific filter plugin of the same name. Ansile prefers the filter plugins in /usr/share/ansible_plugins/filter_plugins/* even when /etc/ansible/ansible.cfg is set to something like:
filter_plugins = filter_plugins:/usr/share/ansible_plugins/filter_plugins:filter_plugins <--- yes, 'filter_plugins' before and after /usr/share/ansible_plugins/filter_plugins (ansible 2.3.1.0) (perhaps this is because the /usr/share/ansible/plugins/filter symlink to /usr/share/ansible_plugins/filter_plugins takes precedence over everything???)
Renaming the filter plugin function ensures that versions of the openshift_node_facts role that depend on the old implementation can continue to use it through what the older RPM provides, and the new role can use it's role-specific filter plugin without any variable namespace collisions.
Lastly, remove filter_plugins/openshift_node.py since it is now self-contained in roles/openshift_node_facts.
https://bugzilla.redhat.com/show_bug.cgi?id=1494312
|
|
Automatic merge from submit-queue
health checks: add diagnostics check
Adds a health check that runs `oc adm diagnostics` with each individual diagnostic.
Also, moved `is_first_master` method into superclass for reuse. And look at `oo_first_master` and `ansible_host` instead of `masters` and `ansible_ssh_host`.
|
|
Automatic merge from submit-queue
Ensure that hostname is lowercase
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1396350
|
|
Updating default behavior for installing metrics and logging. Separat…
|
|
Automatic merge from submit-queue
Remove unused openshift_hosted_logging role
This role has not been used for several releases.
It is not tested by an checks, and no meaningful
updates have been made to this role in several months.
|
|
uninstall to own variable
|
|
|
|
Automatic merge from submit-queue
Creating structure to warn for use of deprecated variables and set th…
…em in a single location before they are no longer honored
Implementation of https://trello.com/c/XKOGHSkP/460-3-deprecate-openshifthostedloggingmetrics-installer-variables
Tried to implement this in a way such that we can easily and cleanly add/remove variables in the future for any role we choose.
Addresses:
https://bugzilla.redhat.com/show_bug.cgi?id=1449812
https://bugzilla.redhat.com/show_bug.cgi?id=1464349
|
|
Currently, the logic for registry authentication is
not implemented correctly to account for upgrades of
containerized hosts.
Additionally, the logic to account for multiple runs
of openshift-ansible might cause registry authentication
credentials to not be mounted inside of containerized hosts.
This commit adds the necessary logic to ensure containerized
hosts retain registry credentials.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1494470
|
|
Automatic merge from submit-queue
cri-o: Allow full image override
``openshift_crio_systemcontainer_image_registry_override`` has been replaced
with ``openshift_crio_systemcontainer_image_override``. The difference is
``openshift_crio_systemcontainer_image_override`` takes a full image path
including the tag.
Example:
```
openshift_crio_systemcontainer_image_override=gscrivano/cri-o-centos:latest
```
|
|
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1494461
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
Automatic merge from submit-queue
Default openshift_pkg_version to full version-release during upgrades
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1490677
The versioning scheme for 3.7 pre-releases has changed and now all
versions are 3.7.0 and the release is incremented on builds, ie:
3.7.0-0.124.0 upgraded to 3.7.0-0.125.0. If we know we're an upgrade and
they haven't requested a specific package version defer the defaulting
of openshift_pkg_version until the upgrade playbooks and there set it to
the available version including the release.
|
|
|
|
Automatic merge from submit-queue
Returning actual results of yedit query. Empty list was returning empty dict.
This is a simple change but since code generation happens it affects lots of files.
The only change that is happening here is the following:
```
- rval = yamlfile.get(params['key']) or {} 
+ rval = yamlfile.get(params['key'])
```
When something returned as 0, [], or None the query would return {}. This was unintended.
|
|
Automatic merge from submit-queue
Ensure valid search on resolv.conf
On cluster without internal name resolution there will be no `search XXX` on /etc/resolv.conf at all, thus this script will fail to add an entry for `cluster.local`.
Forward ports #5398
|
|
Automatic merge from submit-queue
Creating initial tsb role to consume and apply templates provided for…
… tsb
cc: @deads2k @sdodson
Addresses:
https://bugzilla.redhat.com/show_bug.cgi?id=1486623
https://bugzilla.redhat.com/show_bug.cgi?id=1470623
https://bugzilla.redhat.com/show_bug.cgi?id=1491626
|
|
Automatic merge from submit-queue
consolidate etcd certs roles
This is a starter for consolidation of all etcd like roles into a single `etcd` action-based role. I have intentionally started with the simplest one to demonstrate the steps needed to make it so and to make the review easy enough for everyone.
|
|
This commit moves additional/block/insecure registries to
/etc/containers/registries.conf and comments existing lines in
/etc/sysconfig/docker.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1460930
|
|
Also, moved is_first_master method into superclass for reuse. And look
at oo_first_master and ansible_host instead of masters and
ansible_ssh_host.
|
|
This role has not been used for several releases.
It is not tested by an checks, and no meaningful
updates have been made to this role in several months.
|
|
Automatic merge from submit-queue
Remove default value for oreg_url
Due to some plays importing variables from roles
directly, oreg_url was being set to a default
value when it otherwise shouldn't be.
This commit removes the default values for oreg_url
to ensure existing logic works as desired.
Fixes: https://github.com/openshift/openshift-ansible/issues/5455
|
|
Automatic merge from submit-queue
Fix deprecated subscription-manager command
`subscription-manager subscribe` is deprecated, use `attach` instead.
|
|
|
|
Set network facts using first master's config during scaleup.
|
|
|
|
Fixes Bug 1396350
|
|
Automatic merge from submit-queue
Support setting annotations on Hawkular route
Our setup uses annotations to request a separate component, namely the
ACME Controller[1], to request domain-validated certificates from the
Let's Encrypt CA. By setting the necessary annotation via Ansible rather
than manually the system will automatically retrieve a certificate.
[1] https://github.com/tnozicka/openshift-acme
|
|
Automatic merge from submit-queue
node: specify the DNS domain
|
|
|
|
Automatic merge from submit-queue
Updating to always configure api aggregation with installation
This moves the wiring of the aggregator up into the config playbook as we want to enable this by default with an installation.
Resolves https://github.com/openshift/openshift-ansible/issues/5056
|
|
|
|
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1490677
The versioning scheme for 3.7 pre-releases has changed and now all
versions are 3.7.0 and the release is incremented on builds, ie:
3.7.0-0.124.0 upgraded to 3.7.0-0.125.0. If we know we're an upgrade and
they haven't requested a specific package version defer the defaulting
of openshift_pkg_version until the upgrade playbooks and there set it to
the available version including the release.
|
|
single location before they are no longer honored
|
