summaryrefslogtreecommitdiffstats
path: root/roles
Commit message (Collapse)AuthorAgeFilesLines
* Adding option for serviceAccountConfig.limitSecretReferencesKenny Woodson2017-06-202-13/+14
|
* Merge pull request #4292 from sdodson/push-via-dnsOpenShift Bot2017-06-205-0/+13
|\ | | | | Merged by openshift-bot
| * Update atomic-openshift-master.j2Scott Dodson2017-06-191-1/+1
| |
| * Enable push to registry via dns only on clean 3.6 installsScott Dodson2017-06-182-1/+4
| | | | | | | | | | We cannot assume that 3.5 to 3.6 upgrades were signed with the correct certs
| * Disable actually pushing to the registry via dns for nowScott Dodson2017-06-181-1/+1
| | | | | | | | | | | | | | We need to sort out how to know that the registry certificate has the proper hostnames attached to it. It will for 3.6 clean installs but not for 3.5 to 3.6 upgrades. For now make it opt in and come back to this.
| * Add openshift_node_dnsmasq role to upgradeScott Dodson2017-06-181-0/+3
| |
| * Push to the registry via dnsScott Dodson2017-06-183-0/+7
| | | | | | | | | | | | Configures OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc Adds 'cluster.local' to dns search on nodes via dispatcher script Adds '.svc' to NO_PROXY defaults
* | Merge pull request #4489 from rhcarvalho/image-availability-no-tlsOpenShift Bot2017-06-191-1/+1
|\ \ | | | | | | Merged by openshift-bot
| * | Disable TLS verification in skopeo inspectRodolfo Carvalho2017-06-191-1/+1
| | | | | | | | | | | | | | | | | | | | | Some registries are not configured with valid certificates and thus the check fails with 'http: server gave HTTP response to HTTPS client'. Since this is not fetching images, but only checking for existence, trade security for convenience.
* | | Merge pull request #4486 from sdodson/etcdv3-clean-installOpenShift Bot2017-06-193-20/+7
|\ \ \ | | | | | | | | Merged by openshift-bot
| * | | Preserve etcd3 storage if it's already in useScott Dodson2017-06-183-20/+7
| | |/ | |/| | | | | | | | | | This would be the case if for instance they'd upgraded and then migrated.
* | | Merge pull request #4484 from jarrpa/glusterfs-fixes-tooOpenShift Bot2017-06-1913-30/+82
|\ \ \ | | | | | | | | Merged by openshift-bot
| * | | GlusterFS: Generate better secret keysJose A. Rivera2017-06-162-4/+21
| | | | | | | | | | | | | | | | Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
| * | | GlusterFS: Fix error when groups.glusterfs_registry is undefined.Jose A. Rivera2017-06-161-3/+3
| | | | | | | | | | | | | | | | Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
| * | | GlusterFS: Use proper identity in heketi secretJose A. Rivera2017-06-162-5/+7
| | | | | | | | | | | | | | | | Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
| * | | GlusterFS: Allow configuration of heketi portJose A. Rivera2017-06-1610-12/+42
| | | | | | | | | | | | | | | | Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
| * | | GlusterFS: Fix variable typoJose A. Rivera2017-06-161-1/+1
| | | | | | | | | | | | | | | | Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
| * | | GlusterFS: Minor template fixesJose A. Rivera2017-06-163-6/+9
| | | | | | | | | | | | | | | | Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
| * | | registry: mount GlusterFS storage volume from correct hostJose A. Rivera2017-06-161-1/+1
| | | | | | | | | | | | | | | | Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
* | | | Merge pull request #4329 from srampal/rhel_ose_aciOpenShift Bot2017-06-1819-23/+260
|\ \ \ \ | |_|/ / |/| | | Merged by openshift-bot
| * | | Add support for rhel, aci, vxlanSanjeev Rampal2017-05-3119-23/+260
| | | |
* | | | Merge pull request #3954 from ingvagabund/etcd-migrateOpenShift Bot2017-06-189-0/+274
|\ \ \ \ | |_|_|/ |/| | | Merged by openshift-bot
| * | | Introduce etcd migrate roleJan Chaloupka2017-06-179-0/+274
| | | |
* | | | Merge pull request #4435 from sdodson/etcdv3-clean-installOpenShift Bot2017-06-162-2/+21
|\ \ \ \ | | | | | | | | | | Merged by openshift-bot
| * | | | etcd v3 for clean installsScott Dodson2017-06-162-2/+21
| | | | | | | | | | | | | | | | | | | | | | | | | If we have no master config assume that we're a clean install. If we're a clean install and we're 3.6 or greater use etcd v3 storage.
* | | | | Merge pull request #4466 from portante/rufusOpenShift Bot2017-06-161-0/+1
|\ \ \ \ \ | | | | | | | | | | | | Merged by openshift-bot
| * | | | | Ensure only one ES pod per PVPeter Portante2017-06-161-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | bug 1460564. Fixes [BZ #1460564](https://bugzilla.redhat.com/show_bug.cgi?id=1460564). Unfortunately, the defaults for Elasticsearch prior to v5 allow more than one "node" to access the same configured storage volume(s). This change forces this value to 1 to ensure we don't have an ES pod starting up accessing a volume while another ES pod is shutting down when reploying. This can lead to "1" directories being created in `/elasticsearch/persistent/${CLUSTER_NAME}/data/${CLUSTER_NAME}/nodes/`. By default ES uses a "0" directory there when only one node is accessing it.
* | | | | | Merge pull request #4474 from rhcarvalho/rename-cockpit-shellScott Dodson2017-06-162-2/+2
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | Rename cockpit-shell -> cockpit-system
| * | | | | Rename cockpit-shell -> cockpit-systemRodolfo Carvalho2017-06-162-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The package name has changed. See https://bugzilla.redhat.com/show_bug.cgi?id=1461689 https://bugzilla.redhat.com/show_bug.cgi?id=1419718
* | | | | | Merge pull request #4334 from simaishi/cf45Scott Dodson2017-06-167-101/+180
|\ \ \ \ \ \ | |/ / / / / |/| | | | | Update CloudForms templates for CF 4.5/CF 4.2
| * | | | | Update image repo name, images have been moved from 'cloudforms' toSatoe Imaishi2017-06-021-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | 'cloudforms42' for CF 4.2.
| * | | | | Update image repo name, images have been moved from 'cloudforms' toSatoe Imaishi2017-06-021-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | 'cloudforms45' for CF 4.5.
| * | | | | CloudForms 4.5 templatesSatoe Imaishi2017-05-316-98/+177
| | | | | |
* | | | | | Merge pull request #4294 from richm/fix-es-routes-for-new-logging-rolesOpenShift Bot2017-06-164-0/+129
|\ \ \ \ \ \ | | | | | | | | | | | | | | Merged by openshift-bot
| * | | | | | fix es routes for new logging rolesRich Megginson2017-06-074-0/+129
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | port the code that creates the external Elasticsearch routes to the new logging roles Have to suppress this error message: SSL Problem illegal change cipher spec msg, conn state = 6, handshake state = 1 which is coming from the router health check, until https://github.com/openshift/origin/issues/14515 is fixed - otherwise, the es log is spammed relentlessly
* | | | | | | Merge pull request #4402 from stevekuznetsov/skuznets/router-registry-rolloutOpenShift Bot2017-06-152-13/+61
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Merged by openshift-bot
| * | | | | | | Make rollout status check best-effort, add pollSteve Kuznetsov2017-06-132-2/+52
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We cannot rely on the `watch.Until` call in the `rollout status` subcommand for the time being, so we need to ignore the result of this call. This will make the rollout status check best-effort, so we need to follow it with a poll for the actual status of the rollout, which we can extract from the `openshift.io/deployment.phase` annotation on the ReplicationControllers. This annotation can have only three values -- `Running`, `Complete` and `Failed`. If we poll on this attribute until we stop seeing `Running`, we can then inspect the last result for `Failed`; if it's present, we have failed the deployment. Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>
| * | | | | | | Verify the rollout status of the hosted router and registrySteve Kuznetsov2017-06-092-14/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When deploying the hosted router and registry components, we need to ensure that they correctly roll out. The previous checks were weak in that they either simply waited for a set amount of time and/or did one replica check. They would fail if the router or registry took longer to deploy or if there were un-ready or failing replicas. The `oc rollout` command group contains the `status` endpoint for internalizing all of the logic for determining when a rollout has succeeded or failed, so simply using this client call will ensure that the router and registry correctly deploy. Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>
* | | | | | | | Merge pull request #4041 from tbielawa/cfmeScott Dodson2017-06-1516-4/+1355
|\ \ \ \ \ \ \ \ | |_|_|_|/ / / / |/| | | | | | | CFME as an OpenShift Pod
| * | | | | | | Add missing file. Remove debugging prompt.Tim Bielawa2017-06-151-0/+12
| | | | | | | |
| * | | | | | | Update readme one last timeTim Bielawa2017-06-141-12/+73
| | | | | | | |
| * | | | | | | Reconfigure masters in serial to avoid HA meltdownsTim Bielawa2017-06-141-16/+0
| | | | | | | |
| * | | | | | | First POC of a CFME turnkey solution in openshift-anisbleTim Bielawa2017-06-1415-4/+1298
| | |_|_|_|_|/ | |/| | | | |
* | | | | | | Merge pull request #4356 from nhosoi/mux_params-0OpenShift Bot2017-06-155-1/+26
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Merged by openshift-bot
| * | | | | | | Reverted most of this pr 4356 except:Noriko Hosoi2017-06-055-12/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | adding openshift_logging_fluentd_buffer_queue_limit: 1024 openshift_logging_fluentd_buffer_size_limit: 1m openshift_logging_mux_buffer_queue_limit: 1024 openshift_logging_mux_buffer_size_limit: 1m and setting the matched environment variables.
| * | | | | | | Adding the defaults for openshift_logging_fluentd_{cpu,memory}_limit to ↵Noriko Hosoi2017-06-053-6/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | roles/openshift_logging_fluentd/defaults/main.yml. Adding the description for openshift_hosted_logging_fluentd_{cpu,memory}_limit to README.md. Replaced openshift_hosted_logging_mux_.* with openshift_logging_mux_.*.
| * | | | | | | Adding environment variables FLUENTD_CPU_LIMIT, FLUENTD_MEMORY_LIMIT, ↵Noriko Hosoi2017-06-022-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | MUX_CPU_LIMIT, MUX_MEMORY_LIMIT.
| * | | | | | | Introducing fluentd/mux buffer_queue_limit, buffer_size_limit, cpu_limit, ↵Noriko Hosoi2017-06-024-4/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | and memory_limit. Default values: openshift_logging_fluentd_cpu_limit: 100m openshift_logging_fluentd_memory_limit: 512Mi openshift_logging_fluentd_buffer_queue_limit: 1024 openshift_logging_fluentd_buffer_size_limit: 16m openshift_logging_fluentd_buffer_size_limit: 1m openshift_logging_mux_cpu_limit: 500m openshift_logging_mux_memory_limit: 1Gi openshift_logging_mux_buffer_queue_limit: 1024 openshift_logging_mux_buffer_size_limit: 1m
* | | | | | | | Merge pull request #4397 from sosiouxme/20170608-include-more-install-checksOpenShift Bot2017-06-149-91/+184
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Merged by openshift-bot
| * | | | | | | | pre-install checks: add more during byo installLuke Meyer2017-06-149-91/+184
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add the docker and RPM checks to the list that run at install time. They can be disabled the same as the existing ones. Removed cockpit-kubernetes RPM requirement as it no longer is. Fixed up docker_image_availability to handle oreg_url and other nuances. Switched to using the openshift_image_tag that's set by openshift_version for both component and infrastructure images. Fixed a bug where execute_module was being called with incorrect positional arg "tmp" as a dict which caused errors down the call stack.