summaryrefslogtreecommitdiffstats
path: root/roles
Commit message (Collapse)AuthorAgeFilesLines
* Add a flat sec group for openstack providerBogdan Dobrelya2017-06-151-10/+128
| | | | | | | | | | Add a openstack_flat_secgroup, defaults to False. When set, merges sec rules for master, node, etcd, infra nodes into a single group. Less secure, but might help to mitigate quota limitations. Update docs. Use timeout 30s to mitigate the error: Timeout (12s) waiting for privilege escalation prompt. Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* Always let the openshift nodes access the DNSTomas Sedovic2017-06-151-0/+15
| | | | | | | | | When `node_ingress_cidr` to limit the IP range for the DNS server, this can prevent the actual openshift nodes from accessing it as well. This commit makes the access from the `openstack_subnet_prefix` always pass through and uses `node_ingress_cidr` for additional access control.
* Move pre_tasks from to the openstack provisionerTomas Sedovic2017-06-141-38/+0
| | | | | We should probably not pollute the role namespace with a name as common as "common". Moving the pre_task.yml to provisioners/openstack instead.
* Merge redhat-cop/casl-ansible into openstack-providerTomas Sedovic2017-06-1423-0/+1418
|\ | | | | | | | | | | | | | | This imports the openstack provisioning bits of: https://github.com/redhat-cop/casl-ansible taking care to preserve the original history of those files.
| * Update CASL to use nsupdate for DNS records (#48)Øystein Bedin2017-06-135-9/+50
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Updated to use nsupdate for DNS records * Updated formatting of dict * Updating descriptive text * Support for external DNS config * Upgrading jinja2 to work correctly with latest templates * Latest update for nsupdate * Updated to use nsupdate for DNS records * Updated formatting of dict * Updating descriptive text * Support for external DNS config * Latest update for nsupdate * Updated to support external public/private DNS server(s) * Updated DNS server handling * Updated DNS server handling * Updated DNS server handling * Eliminated the from the sample inventories * Updated sample inventory to point to 2 separate DNS servers for private/public * Playbook clean-up * Adding 'python-dns' * splitting subscription manager calls to allow for a clean pre-install playbook
| * Conditionally set the openshift_master_default_subdomain to avoid overriding ↵Øystein Bedin2017-06-051-0/+2
| | | | | | | | it unecessary (#47)
| * First attempt at a simple multi-master support (#39)Eric Sauer2017-04-272-0/+71
| | | | | | | | | | | | | | | | * First attempt at a simple multi-master support * Removing unneeded inventory * adding default number of masters and lower number of nodes
| * Stack refactor (#38)Eric Sauer2017-04-255-286/+184
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Refactored openstack-stack role to: - Convert static heat template files to ansible templates - Include native ansible groups via openstack metadata. This removes the need for a playbook to map host groups - Some code cleanup * Deleting commentd out code and irrelevant plays * Refactored openstack-stack role to: - Convert static heat template files to ansible templates - Include native ansible groups via openstack metadata. This removes the need for a playbook to map host groups - Some code cleanup * Deleting commentd out code and irrelevant plays * Replacing stack parameters with jinja expressions * Updating sample inventory to work with latest dynamic inventory changes * updating inventory with host group mapping. making sync keys optional * Missing cluster_hosts group * Updating to add infra_hosts * Updating inventory per comments from oybed and sabre1041
| * Ensure DNS configuration has wildcards set for infra nodes (#24)Øystein Bedin2017-02-201-0/+10
| | | | | | | | | | | | * Ensure DNS configuration has wildcards set for infra nodes * Updated to include all cluster hosts for DNS entries
| * Fixing two significant bugs in the HEAT deployment (#13)Eric Sauer2017-02-061-0/+3
| |
| * Openstack heat (#2)Eric Sauer2016-12-2110-0/+956
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Adding a role to invoke openstack heat * Adding readme * Pulling parameters out to inventory file * start of end-to-end playbook * More enhancements and refactoring to make dynamic inventory the driver for an openshift install * Switching to variable substituted path to config.yaml playbook * Changes to allow defining of number of nodes/infranodes. * Added labels to inventory * Start of end-to-end functionality * Enhancements to support openstack heat provisioning * Updating inventory sample to remove some deprecation warnings * Working towards making the secure-registry role 'become' aware * Fixing node labels and removing secure-registry as it's no longer needed * No longer need insecure registry line, as installer will secure our registry * Adjusted dynamic inventory to filter by clusterid * Minor updates to dynamic inventory bug * Adding a refactored sample inventory directory * Refactoring playbooks for better directory structure, and to narrow down host groups * Adding volume mounts to heat template * Moving dns playbooks back to original location * Fixing incorrect file path * Cleaning up inventory samples * One more hostname to clean up * Changing var name * changed openshift-provision to openshift-prep * Adjusting current provision script to avoid breakage by new openstack-heat code
| * Fixing ansible impl to work with OSP9 and ansible 2.2Øystein Bedin2016-11-151-1/+1
| |
| * Updated env_id to be a sub-domain + make the logic a bit more flexibleØystein Bedin2016-08-212-4/+21
| |
| * Fixes Issue #163 if rhsm_password is not definedVinny Valdez2016-07-151-5/+1
| |
| * Merge pull request #157 from vvaldez/satellite-with-orgEric Sauer2016-06-211-0/+12
| |\ | | | | | | Add org parameter to Satellite with user/pass
| | * Add org parameter to Satellite with user/passVinny Valdez2016-04-231-0/+12
| | |
| * | Cleande up hostname role to make it more genericØystein Bedin2016-06-172-50/+21
| | |
| * | Updated to run as root rather than cloud-user, for now...Øystein Bedin2016-06-091-1/+1
| | |
| * | Channging hard coded host groups to match openshift-ansible expected host ↵Eric Sauer2016-06-082-13/+12
| | | | | | | | | | | | groups. Importing byo playbook now instead of nested ansible run. Need to refactor how we generate hostnames to make it fit this.
| * | Subscription manager role should accomodate orgs with spacesEric Sauer2016-06-031-1/+1
| | |
| * | Reverting previous commit and making template adjustmentsEric Sauer2016-06-031-0/+8
| | |
| * | Changes to allow runs from inside a container. Also allows for running ↵Eric Sauer2016-06-031-0/+3
| | | | | | | | | | | | upstream openshift-ansible installer
| * | Changes by JayKayy for a full provision of OpenShift on OpenStackEric Sauer2016-05-139-1/+113
| | |
| * | Fix typo in task nameVinny Valdez2016-04-271-1/+1
| |/
| * Remove vars_prompt, add info to README to re-enable and for ansible-vaultVinny Valdez2016-04-203-30/+79
| |
| * Cosmetic changes to task names and move yum clean all to prereqsVinny Valdez2016-04-201-18/+15
| |
| * Refactor use of rhsm_password to prevent display to CLIVinny Valdez2016-04-203-12/+50
| |
| * Fix bad syntax with extra 'and' in when using rhsm_poolVinny Valdez2016-04-201-2/+7
| |
| * Refactor role to dynamically determine rhsm_methodVinny Valdez2016-04-203-45/+46
| | | | | | | | | | | | | | | | | | * Removes rhsm_method * Renames rhsm_server to rhsm_satellite * Add additional pre_task checks (hosted + key) * Change conditionals from rhsm_method check to rhsm_satellite defined * Change repos disable/enable from key to if repos are defined * Update README and examples in inventory file
| * Add subscription-manager support for Hosted or SatelliteVinny Valdez2016-04-203-0/+225
| |
| * New OSE3 docker host builder and OpenStack ansible provisioning supportAndrew Block2016-02-081-0/+4
|
* More ansible migration and deploy OCP from local workstation (#376)Peter Schiffer2017-05-181-1/+1
| | | | | | | | | | | | * Create registry bucket with deployment manager * Migrate ssh proxy to Ansible * Update gce dynamic inventory script, use instance name for ssh * Fix variable name in docker storage setup role * Deploy OCP from local workstation, and not from the bastion host
* Removed hardcoded values from ansible rolesEduardo Minguez Perez2017-05-164-6/+11
|
* update for yamllint errorsJason DeTiberus2017-01-261-5/+5
|
* Making providers common (#126)Ryan Cook2017-01-132-0/+12
* Making providers common * moving directory locations * using links and removal of vars file callout * rename of file * went block crazy * cleanup * add to remove * missing Pyyaml package in README * let docker actually setup docker storage and start the service * name change * Fix for vmware. Will variablize in the future * catchup to test common providers against master * should only be schedulable nodes