summaryrefslogtreecommitdiffstats
path: root/roles
Commit message (Collapse)AuthorAgeFilesLines
* Check for container runtime prior to restarting when updating system CA trust.Andrew Butcher2017-10-191-2/+14
|
* Merge pull request #5789 from zgalor/fix_limit_typoScott Dodson2017-10-181-1/+1
|\ | | | | Fix typo in setting prom-proxy memory limit
| * Fix typo in setting prom-proxy memory limitZohar Galor2017-10-181-1/+1
| | | | | | | | bz: https://bugzilla.redhat.com/show_bug.cgi?id=1493368
* | Fix pvc selector default to be empty dict instead of stringZohar Galor2017-10-181-3/+3
|/
* Merge pull request #5361 from kwoodson/fix_bootstrap_filesScott Dodson2017-10-1820-86/+421
|\ | | | | Provisioning updates.
| * Do not remove files for bootstrap if resolv or dns.Kenny Woodson2017-10-1720-86/+421
| |
* | Merge pull request #5459 from zgalor/nfs_fixScott Dodson2017-10-1812-166/+90
|\ \ | | | | | | Fix prometheus role nfs
| * | Fix prometheus role nfsZohar Galor2017-10-1612-166/+90
| | | | | | | | | | | | | | | | | | Allow for external or internal nfs. use facts as used for logging and metrics. Update prometheus-alertmanager image to v0.9.1
* | | Merge pull request #5774 from mgugino-upstream-stage/docker-option-fixScott Dodson2017-10-182-5/+7
|\ \ \ | | | | | | | | Fix missing docker option signature-verification
| * | | Fix missing docker option signature-verificationMichael Gugino2017-10-162-5/+7
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, docker 1.12 can be configured to use the run-time parameter of 'signature-verification' By default, rpm installation of docker results in '--signature-verification=false' being added to OPTIONS in /etc/sysconfig/docker Currently, openshift-ansible does not preserve that value. This can cause docker to be unable to pull images from a previously working source due to a change in configuration. This commit adds the option with the default as provided by the rpm installation. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1502560
* | | Merge pull request #5754 from ewolinetz/bz1501831Scott Dodson2017-10-175-87/+103
|\ \ \ | | | | | | | | Updating ES proxy image prefix and version to match other components
| * | | Reverting proxy image version to v1.0.0 to pass CIEric Wolinetz2017-10-161-1/+1
| | | |
| * | | Making travis happyEric Wolinetz2017-10-161-83/+83
| | | |
| * | | Updating pattern for elasticsearch_proxy imagesEric Wolinetz2017-10-134-3/+17
| | | |
| * | | Updating ES proxy image prefix and version to match other componentsEric Wolinetz2017-10-133-4/+6
| | | |
* | | | Merge pull request #5777 from wozniakjan/eventrouter_bug1501768Scott Dodson2017-10-171-2/+2
|\ \ \ \ | | | | | | | | | | Bug 1501768: fix eventrouter nodeSelector padding
| * | | | Bug 1501768: fix eventrouter nodeSelector paddingJan Wozniak2017-10-171-2/+2
| | |_|/ | |/| |
* | | | Merge pull request #5768 from giuseppe/crio-error-out-with-node-docker-containerOpenShift Merge Robot2017-10-171-0/+6
|\ \ \ \ | |/ / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. cri-o: error out when node is a Docker container Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1489555 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | cri-o: error out when node is a Docker containerGiuseppe Scrivano2017-10-161-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1489555 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #5687 from jim-minter/tsb_configOpenShift Merge Robot2017-10-173-8/+16
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Rewire openshift_template_service_broker_namespaces configurable @ewolinetz @bparees
| * | | | Rewire openshift_template_service_broker_namespaces configurableJim Minter2017-10-133-8/+16
| | | | |
* | | | | Merge pull request #5744 from mgugino-upstream-stage/latest-image-configOpenShift Merge Robot2017-10-174-2/+8
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Add ability to set node and master imageConfig to latest Currently, imageConfig.latest is hard-coded to false. This commit adds an appropriate boolean to enable setting to true. Fixes: https://github.com/openshift/openshift-ansible/issues/1422
| * | | | | Add ability to set node and master imageConfig to latestMichael Gugino2017-10-124-2/+8
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, imageConfig.latest is hard-coded to false. This commit adds an appropriate boolean to enable setting to true. Fixes: https://github.com/openshift/openshift-ansible/issues/1422
* | | | | Merge pull request #5704 from josefkarasek/docker-auditOpenShift Merge Robot2017-10-164-1/+32
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Add switch to enable/disable container engine's audit log being stored in elasticsearch If enabled, tho logs are stored in ES' operations index, accessible only by cluster admins.
| * | | | | Add switch to enable/disable container engine's audit log being stored in ES.Josef Karasek2017-10-114-1/+32
| | | | | | | | | | | | | | | | | | | | | | | | If enabled, tho logs are stored in ES' operations index, accesible only by cluster admins.
* | | | | | Merge pull request #5734 from mtnbikenc/refactor-mgmt-entryOpenShift Merge Robot2017-10-161-1/+1
|\ \ \ \ \ \ | |_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Refactor openshift-management entry point Moves checkpointing steps into path for both full cluster install and individual entry point playbook.
| * | | | | Refactor openshift-management entry pointRussell Teague2017-10-121-1/+1
| | | | | |
* | | | | | Merge pull request #5667 from jarrpa/deploy-heketi-fix-3.7Scott Dodson2017-10-161-8/+0
|\ \ \ \ \ \ | |_|_|_|_|/ |/| | | | | GlusterFS: remove topology reference from deploy-heketi
| * | | | | GlusterFS: remove topology reference from deploy-heketiJose A. Rivera2017-10-041-8/+0
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
* | | | | | set initial etcd cluster properly during system container scale upJan Chaloupka2017-10-132-2/+3
| |_|_|_|/ |/| | | |
* | | | | Merge pull request #5414 from ekuric/pvc_dynamic_metricsOpenShift Merge Robot2017-10-131-0/+1
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. updated dynamic storage section for openshift metrics updated dynamic storage section for openshift metrics to support storage class name Signed-off-by: Elvir Kuric <elvirkuric@gmail.com>
| * | | | | updated dynamic provision section for openshift metrics to supportElvir Kuric2017-09-141-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | storage class name Signed-off-by: Elvir Kuric <elvirkuric@gmail.com>
* | | | | | Merge pull request #5736 from ↵Michael Gugino2017-10-125-15/+6
|\ \ \ \ \ \ | |_|_|_|_|/ |/| | | | | | | | | | | | | | | | | mgugino-upstream-stage/fix-containerized-reg-auth-node Fix containerized node service unit placement order
| * | | | | Fix containerized node service unit placement orderMichael Gugino2017-10-125-15/+6
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, non-containerized nodes have systemd service unit files created after registry auth credentials are created. Containerized nodes place service unit files prior to creation of these credentials. This commit ensures systemd service units are created at the correct time for both containerized and non-containerized nodes. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1500642
* | | | | Merge pull request #5690 from mgugino-upstream-stage/provisioning-docsOpenShift Merge Robot2017-10-121-51/+26
|\ \ \ \ \ | |/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Provisioning Documentation Updates Updating provisioning documents. Also moved some steps from build_ami.yml to a new play for better reusability.
| * | | | Provisioning Documentation UpdatesMichael Gugino2017-10-111-51/+26
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | Updating provisioning documents. Also moved some steps from build_ami.yml to a new play for better reusability.
* | | | Merge pull request #5672 from ingvagabund/migrate-embedded-etcdOpenShift Merge Robot2017-10-1123-36/+167
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Migrate embedded etcd to external etcd Trello card: https://trello.com/c/9fnBfkT5/528-migrate-embedded-etcd-hosts-to-external-process?menu=filter&filter=label:committed-3.7 Tested on: - [x] embedded etcd -> external rpm etcd - [x] embedded etcd -> external docker etcd One needs to set the `openshift_image_tag` before running the migration to containerized docker etcd.
| * | | | migrate embedded etcd to external etcdJan Chaloupka2017-10-0623-36/+167
| | | | |
* | | | | Fix broken debug_levelMichael Gugino2017-10-1116-47/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, debug_level is documented as a way to change the debug output level for both masters and nodes. debug_level does not currently have any effect. This commit removes debug_level from openshift_facts and properly sets openshift_master_debug_level and openshift_node_debug_level to the value of debug_level specified in the inventory. This commit also reorganizes some set_fact tasks needed during master upgrades to put all work-around set-facts for undefined variables in one place, allowing for easier cleanup in the future. This includes an entry for openshift_master_debug_level. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1500164
* | | | | Merge pull request #5721 from mgugino-upstream-stage/fix-docker-iptablesScott Dodson2017-10-111-1/+8
|\ \ \ \ \ | |_|/ / / |/| | | | Ensure docker service status actually changes
| * | | | Ensure docker service status actually changesMichael Gugino2017-10-111-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, docker is started during the docker role. If docker is started during the run of the role, the handler to restart docker is not triggered to prevent excess restarts of the docker service. The systemd docker that starts the docker service may report the result of the task as 'changed' even though docker is already running and the state of the service itself does not change. This commit checks the status of the docker service before starting it to ensure that docker was not in an 'active' state according to systemd. If the docker service is already in the 'active' state, the restart handler will trigger and restart docker at the end of the run of the role. Fixes: https://github.com/openshift/origin/issues/16709
* | | | | Merge pull request #5659 from mtnbikenc/fix-checkpointingOpenShift Merge Robot2017-10-101-2/+1
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Allow checkpoint status to work across all groups Conditionals placed in inventories were not being applied to localhost causing the checkpoint status to not be updated properly. Moving to the `oo_all_hosts` group will correctly pick up the conditional and apply regardless of which group (or host) may have that conditional set.
| * | | | | Allow checkpoint status to work across all groupsRussell Teague2017-10-041-2/+1
| | | | | |
* | | | | | Merge pull request #5129 from maxamillion/fedora-compatOpenShift Merge Robot2017-10-101-2/+29
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Fedora compat fixes for package version checks and dnf bug workaround Fix a couple things that don't work with Fedora: - Don't attempt to version check components, they aren't going to match the hard coded RHEL package versions. - Work around a [bug in dnf](https://bugzilla.redhat.com/show_bug.cgi?id=1199432)'s python API that throws an error when a package spec has a `*` character in the Release field Once we're done with review, I'll squash commits.
| * | | | | Add fedora compatibilityAdam Miller2017-10-061-2/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - don't check pkg versions on Fedora, it won't work; they move faster than RHEL and it's not realistic to maintain that package list. - handle differences between yum and dnf pkgspec for excluder - work-around for a bug in dnf https://bugzilla.redhat.com/show_bug.cgi?id=1199432 - make requirement verify one play, don't run unnecessary checks on Fedora
* | | | | | Merge pull request #5693 from nhosoi/bz1490647OpenShift Merge Robot2017-10-101-3/+9
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Bug 1490647 - logging-fluentd deployed with openshift_logging_use_mux=false fails to start due to missing If openshift_logging_use_mux=False and openshift_logging_mux_allow_external=False, then all other mux related parameters should be set to False (if boolean) or removed (e.g. openshift_logging_mux_client_mode should be undefined).
| * | | | | | Bug 1490647 - logging-fluentd deployed with openshift_logging_use_mux=false ↵Noriko Hosoi2017-10-101-3/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fails to start due to missing If openshift_logging_use_mux=False and openshift_logging_mux_allow_external=False, then all other mux related parameters should be set to False (if boolean) or removed (e.g. openshift_logging_mux_client_mode should be undefined).
* | | | | | | Merge pull request #5645 from jmencak/tuned-role-lbOpenShift Merge Robot2017-10-108-9/+22
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Separate tuned daemon setup into a role. Also adding support for the loadbalancer. It is important to raise ARP cache limits on HA setups with loadbalancers serving 1k+ nodes.
| * | | | | | Separate tuned daemon setup into a role.Jiri Mencak2017-10-108-9/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, profiles for the tuned daemon are set only for OpenShift node(s). This excludes the OpenShift loadbalancer. As a result, ARP cache limits on loadbalancers are not raised. This causes problems with HA setups where loadbalancers serve 1k+ OpenShift nodes. This commit ensures the openshift-control-plane role is applied to loadbalancers, masters and OpenShift infra nodes. Regular OpenShift worker nodes get the openshift-node profile. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1498213
* | | | | | | Merge pull request #5585 from nak3/bz#1496593OpenShift Merge Robot2017-10-101-3/+3
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Add valid search when search does not exist on resolv.conf Current fix https://github.com/openshift/openshift-ansible/pull/5433 still misses to add `search cluster.local`. The logic needs to be: 1. When `search` does not exist, adds `search cluster.local`. 2. When `search.*.cluster.local` does not exist, adds(sed) `cluster.local`. in this order. cc @sdodson @caruccio