From 8d80cf21e73a1015617c9ec8cd183602436e54fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9na=C3=AFc=20Huard?= Date: Fri, 17 Jul 2015 16:46:13 +0200 Subject: Make the playbooks friendlier with SELinux disabled hosts --- roles/openshift_node/tasks/main.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'roles') diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index e18846db8..5188df973 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -63,11 +63,13 @@ lineinfile: dest: /etc/sysconfig/docker regexp: '^OPTIONS=.*' - line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} --selinux-enabled'" + line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} \ +{% if ansible_selinux and ansible_selinux.status == '''enabled''' %}--selinux-enabled{% endif %}'" when: docker_check.stat.isreg - name: Allow NFS access for VMs seboolean: name=virt_use_nfs state=yes persistent=yes + when: ansible_selinux and ansible_selinux.status == "enabled" - name: Start and enable openshift-node service: name=openshift-node enabled=yes state=started -- cgit v1.2.3 From b497f7a2a77c3ef1434a5f0bd11fccf9d81b44aa Mon Sep 17 00:00:00 2001 From: Diego Castro Date: Tue, 4 Aug 2015 11:10:35 -0300 Subject: Fix node labeling. Issue #305 --- roles/openshift_manage_node/tasks/main.yml | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'roles') diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index d17f3f532..e64d6e713 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -16,3 +16,10 @@ command: > {{ openshift.common.admin_binary }} manage-node {{ item }} --schedulable=true with_items: openshift_scheduleable_nodes + +- name: Tag schedulable nodes + command: > + {{ openshift.common.client_binary }} label --overwrite node {{ item.0 }} {{ item.1 | oo_combine_dict }} + with_nested: + - openshift_scheduleable_nodes + - openshift_node_labels \ No newline at end of file -- cgit v1.2.3 From 6be237602331e88a330c1f46d31aeb97d9af1aa2 Mon Sep 17 00:00:00 2001 From: "Diego Castro (dscastro)" Date: Tue, 4 Aug 2015 11:53:07 -0300 Subject: Applying changes suggested by @sdodson --- roles/openshift_manage_node/tasks/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'roles') diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index e64d6e713..257bcee2c 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -17,9 +17,9 @@ {{ openshift.common.admin_binary }} manage-node {{ item }} --schedulable=true with_items: openshift_scheduleable_nodes -- name: Tag schedulable nodes +- name: Label nodes command: > {{ openshift.common.client_binary }} label --overwrite node {{ item.0 }} {{ item.1 | oo_combine_dict }} with_nested: - - openshift_scheduleable_nodes - - openshift_node_labels \ No newline at end of file + - openshift_nodes + - openshift_node_labels -- cgit v1.2.3 From c17efa0172a11f79cb28d3c5740b7c16ed70c3b8 Mon Sep 17 00:00:00 2001 From: Diego Castro Date: Sun, 9 Aug 2015 12:40:28 -0300 Subject: Fix node labels --- roles/openshift_manage_node/tasks/main.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'roles') diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index 257bcee2c..c488af723 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -19,7 +19,6 @@ - name: Label nodes command: > - {{ openshift.common.client_binary }} label --overwrite node {{ item.0 }} {{ item.1 | oo_combine_dict }} - with_nested: - - openshift_nodes - - openshift_node_labels + {{ openshift.common.client_binary }} label --overwrite node {{ item }} {{ hostvars[item]['openshift_node_labels'] | oo_combine_dict }} + with_items: + - "{{ openshift_nodes }}" -- cgit v1.2.3 From 9a41d23f553ab638af22f54fbd30c4de3b0eae18 Mon Sep 17 00:00:00 2001 From: Diego Castro Date: Mon, 10 Aug 2015 11:50:57 -0300 Subject: Don't try to label node if there's no labels --- roles/openshift_manage_node/tasks/main.yml | 2 ++ 1 file changed, 2 insertions(+) (limited to 'roles') diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index c488af723..472d63efe 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -22,3 +22,5 @@ {{ openshift.common.client_binary }} label --overwrite node {{ item }} {{ hostvars[item]['openshift_node_labels'] | oo_combine_dict }} with_items: - "{{ openshift_nodes }}" + when: + "'openshift_node_labels' in hostvars[item]" -- cgit v1.2.3 From 7a12b210856a2abefb2a7d70448975c7f2ce14af Mon Sep 17 00:00:00 2001 From: "Diego Castro (dscastro)" Date: Wed, 12 Aug 2015 11:44:34 -0300 Subject: Notes for schedule behavior. --- roles/openshift_node/README.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'roles') diff --git a/roles/openshift_node/README.md b/roles/openshift_node/README.md index 5edb3b8dd..300e6b495 100644 --- a/roles/openshift_node/README.md +++ b/roles/openshift_node/README.md @@ -34,6 +34,18 @@ openshift_common Example Playbook ---------------- +Notes +----- + +Currently we support re-labeling nodes but we don't re-schedule running pods nor remove existing labels. That means you will have to trigger the re-schedulling manually. To re-schedule your pods, just follow the steps below: + +``` +oadm manage-node --schedulable=false ${NODE} +oadm manage-node --evacuate ${NODE} +oadm manage-node --schedulable=true ${NODE} +```` + + TODO License -- cgit v1.2.3 From dcdb74b61cd49bee70da5997b9990da86cc3b1c8 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Wed, 12 Aug 2015 09:33:02 -0400 Subject: Add support for setting default node selector --- roles/openshift_master/tasks/main.yml | 1 + roles/openshift_master/templates/master.yaml.v1.j2 | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'roles') diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 151d0662f..f90f526c9 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -55,6 +55,7 @@ sdn_host_subnet_length: "{{ osm_host_subnet_length | default(None) }}" default_subdomain: "{{ osm_default_subdomain | default(None) }}" custom_cors_origins: "{{ osm_custom_cors_origins | default(None) }}" + default_node_selector: "{{ osm_default_node_selector | default(None) }}" # TODO: These values need to be configurable - name: Set dns OpenShift facts diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index c4d319c87..b5e3d2f05 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -95,7 +95,7 @@ policyConfig: openshiftSharedResourcesNamespace: openshift {# TODO: Allow users to override projectConfig items #} projectConfig: - defaultNodeSelector: "" + defaultNodeSelector: "{{ openshift.master.default_node_selector | default("") }}" projectRequestMessage: "" projectRequestTemplate: "" securityAllocator: -- cgit v1.2.3 From db0078cd9631d841bef5c176aed18a7907871d1d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9na=C3=AFc=20Huard?= Date: Wed, 12 Aug 2015 15:26:12 +0200 Subject: Force SELinux on "enterprise" deployment type --- roles/openshift_node/tasks/main.yml | 3 +++ 1 file changed, 3 insertions(+) (limited to 'roles') diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 5188df973..f9c3d10e9 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -6,6 +6,9 @@ - fail: msg: This role requres that osn_cluster_dns_ip is set when: osn_cluster_dns_ip is not defined or not osn_cluster_dns_ip +- fail: + msg: "SELinux is disabled, This deployment type requires that SELinux is enabled." + when: (not ansible_selinux or ansible_selinux.status != 'enabled') and deployment_type in ['enterprise', 'online'] - name: Install OpenShift Node package yum: pkg=openshift-node state=present -- cgit v1.2.3 From 800256e451b112d3cd7c2356615572c0de3c3840 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Wed, 12 Aug 2015 22:01:06 -0400 Subject: Add support for setting kubeletArguments, controllerArguments, and apiServerArguments --- roles/openshift_master/tasks/main.yml | 2 ++ roles/openshift_master/templates/master.yaml.v1.j2 | 6 ++++++ roles/openshift_node/tasks/main.yml | 1 + roles/openshift_node/templates/node.yaml.v1.j2 | 3 +++ 4 files changed, 12 insertions(+) (limited to 'roles') diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index f90f526c9..3ee21b902 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -56,6 +56,8 @@ default_subdomain: "{{ osm_default_subdomain | default(None) }}" custom_cors_origins: "{{ osm_custom_cors_origins | default(None) }}" default_node_selector: "{{ osm_default_node_selector | default(None) }}" + api_server_args: "{{ osm_api_server_args | default(None) }}" + controller_args: "{{ osm_controller_args | default(None) }}" # TODO: These values need to be configurable - name: Set dns OpenShift facts diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index b5e3d2f05..44567aa22 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -2,6 +2,9 @@ apiLevels: - v1beta3 - v1 apiVersion: v1 +{% if api_server_args is defined and api_server_args %} +apiServerArguments: {{ api_server_args }} +{% endif %} assetConfig: logoutURL: "" masterPublicURL: {{ openshift.master.public_api_url }} @@ -13,6 +16,9 @@ assetConfig: keyFile: master.server.key maxRequestsInFlight: 0 requestTimeoutSeconds: 0 +{% if controller_args is defined and controller_args %} +controllerArguments: {{ controller_args }} +{% endif %} corsAllowedOrigins: {% for origin in ['127.0.0.1', 'localhost', openshift.common.hostname, openshift.common.ip, openshift.common.public_hostname, openshift.common.public_ip] %} - {{ origin }} diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index e84e74b40..3225645a2 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -33,6 +33,7 @@ registry_url: "{{ oreg_url | default(none) }}" debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}" portal_net: "{{ openshift_master_portal_net | default(None) }}" + kubelet_args: "{{ openshift_node_kubelet_args | default(None) }}" # TODO: add the validate parameter when there is a validation command to run - name: Create the Node config diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index 7778a2a61..e6f75a4c0 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -8,6 +8,9 @@ imageConfig: format: {{ openshift.node.registry_url }} latest: false kind: NodeConfig +{% if openshift.common.kubelet_args is defined and openshift.common.kubelet_args %} +kubeletArguments: {{ kubelet_args }} +{% endif %} masterKubeConfig: system:node:{{ openshift.common.hostname }}.kubeconfig networkPluginName: {{ openshift.common.sdn_network_plugin_name }} nodeName: {{ openshift.common.hostname }} -- cgit v1.2.3 From 6248101e89cb2feb63692b7ff396d2cf4f6466fb Mon Sep 17 00:00:00 2001 From: Stefanie Forrester Date: Thu, 13 Aug 2015 11:15:16 -0700 Subject: pause for a minimum of 15 seconds --- roles/fluentd_master/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'roles') diff --git a/roles/fluentd_master/tasks/main.yml b/roles/fluentd_master/tasks/main.yml index d64900eb0..9c21c06fe 100644 --- a/roles/fluentd_master/tasks/main.yml +++ b/roles/fluentd_master/tasks/main.yml @@ -40,7 +40,7 @@ mode: 0444 - name: "Pause before restarting td-agent and openshift-master, depending on the number of nodes." - pause: seconds={{ num_nodes|int * 5 }} + pause: seconds={{ ( num_nodes|int < 3 ) | ternary(15, (num_nodes * 5)) }} - name: ensure td-agent is running service: -- cgit v1.2.3 From 089d368d2976818d08c656f45711e25e70cf7a35 Mon Sep 17 00:00:00 2001 From: Stefanie Forrester Date: Thu, 13 Aug 2015 12:14:02 -0700 Subject: make sure that number is an int --- roles/fluentd_master/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'roles') diff --git a/roles/fluentd_master/tasks/main.yml b/roles/fluentd_master/tasks/main.yml index 9c21c06fe..d592dc306 100644 --- a/roles/fluentd_master/tasks/main.yml +++ b/roles/fluentd_master/tasks/main.yml @@ -40,7 +40,7 @@ mode: 0444 - name: "Pause before restarting td-agent and openshift-master, depending on the number of nodes." - pause: seconds={{ ( num_nodes|int < 3 ) | ternary(15, (num_nodes * 5)) }} + pause: seconds={{ ( num_nodes|int < 3 ) | ternary(15, (num_nodes|int * 5)) }} - name: ensure td-agent is running service: -- cgit v1.2.3 From a5a75ed355b02d6729c492ac14091a6c8ff29514 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Thu, 13 Aug 2015 15:47:24 -0400 Subject: Require etcd 2.* Fixes #422 When etcd-2.1 is available in RHEL7 / Centos 7 we'll bumpt to that as it's considerably more stable with regard to WAL corruption and recovery. --- roles/etcd/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'roles') diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml index 79a91dfde..27bfb7de9 100644 --- a/roles/etcd/tasks/main.yml +++ b/roles/etcd/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Install etcd - yum: pkg=etcd state=present + yum: pkg=etcd-2.* state=present - name: Validate permissions on the config dir file: -- cgit v1.2.3 From 000e179cb3d39756d9bf5f846e2be3a7d3759f5f Mon Sep 17 00:00:00 2001 From: Avesh Agarwal Date: Wed, 12 Aug 2015 16:19:25 -0400 Subject: Changes to make documentation less specific to OSE or AE and also adds README_AEP.md. --- roles/openshift_common/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'roles') diff --git a/roles/openshift_common/README.md b/roles/openshift_common/README.md index eb4ef26e8..1eb04626f 100644 --- a/roles/openshift_common/README.md +++ b/roles/openshift_common/README.md @@ -1,7 +1,7 @@ -OpenShift Common -================ +OpenShift/Atomic Enterprise Common +=================================== -OpenShift common installation and configuration tasks. +OpenShift/Atomic Enterprise common installation and configuration tasks. Requirements ------------ -- cgit v1.2.3 From 65f9922028595c36eb10c8f43b4db51817d64c32 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Thu, 13 Aug 2015 16:15:44 -0400 Subject: Fix for node labeling where internal node name != inventory_hostname --- roles/openshift_manage_node/tasks/main.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'roles') diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index 472d63efe..cbf1c667f 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -19,8 +19,7 @@ - name: Label nodes command: > - {{ openshift.common.client_binary }} label --overwrite node {{ item }} {{ hostvars[item]['openshift_node_labels'] | oo_combine_dict }} + {{ openshift.common.client_binary }} label --overwrite node {{ item.openshift.common.hostname }} {{ item.openshift.node.labels | oo_combine_dict }} with_items: - - "{{ openshift_nodes }}" - when: - "'openshift_node_labels' in hostvars[item]" + - "{{ openshift_node_vars }}" + when: "'labels' in item.openshift.node" -- cgit v1.2.3 From a82ae49cdf7b44b74da9f19cac313f496cfe4e04 Mon Sep 17 00:00:00 2001 From: Wesley Hearn Date: Fri, 14 Aug 2015 14:47:15 -0400 Subject: Skip node label if labels are empty --- roles/openshift_manage_node/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'roles') diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index cbf1c667f..74e702248 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -22,4 +22,4 @@ {{ openshift.common.client_binary }} label --overwrite node {{ item.openshift.common.hostname }} {{ item.openshift.node.labels | oo_combine_dict }} with_items: - "{{ openshift_node_vars }}" - when: "'labels' in item.openshift.node" + when: "'labels' in item.openshift.node and item.openshift.node.labels != {}" -- cgit v1.2.3