| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Attach and detach a volume, wait for it to be accessible
This is mostly just handling the attach/detach code, making sure the necessary
vars are accessible where they need to be as well as finding out the correct
device name the volume is attached as.
* Create temp directory for mounts, remove some debug info
* add the fs actions
* Remove debug
* Prepare the volume automatically if possible
* Add docs and sample inventory
* Read OS_* creds from shell in sample inventory
* Fix yamlint complaint
* Update readme
This mentions the potential pitfalls when using devstack.
* Better check for the router deployment in CI
* Set the openshift_hoster*_wait vars to True
* Fix typo
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Allow using a provider network
This adds a new option `openstack_provider_network_name` which will take
a name of an existing network and put the servers there. It will also
prevent creating floating IP addresses as the provider network's IPs
should already be accessible without any additional routing required.
Fixes #622
* Requested changes
Don't fail on external/private networks and use role defaults for the
provider network.
* Add missing endif
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Document global DNS security options
Related changes:
* Do not create a view if externally managed.
* Allow to specify the recursion settings for public/private
views defined by the dns-view role.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* Document public_dns_nameservers better
Also use it as the private view forwarder
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* node labels: add checks for custom labels
- README: add more info about customising labels
- pre_tasks: add checks for label values, set to empty dict if undefined
- group_vars: move labels customisation from OSEv3 to all
* pre_tasks: tried a new approach to updating variables
* pre_tasks: variable update fixed
* pre_tasks: rollback upscaling changes (to be added in upscaling PR)
* pre_tasks: blank line removed
* pre_tasks: add check for undefined variable (should not happen though)
* pre_tasks: be sure to have regions defined
|
|\
| |
| | |
[WIP] Add docs and defaults for multi-master setup
|
| |
| |
| |
| |
| |
| |
| |
| | |
Additionally, add the lb group to contain lb nodes to the
static inventory template. Include the lb group into the
OSEv3 group, in order to apply the cluster group vars to it.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|/
|
|
|
|
| |
This allows our users to keep the ansible.cfg file in the inventory as
well as putting e.g. LDAP certificates in.
Fixes #481
|
|
|
|
|
|
|
| |
* Update openshift_release in the sample inventory
This removes setting the version for Openshift Origin, because the
only the latest release is actually available. So if a new Origin
release comes up, the installation will fail.
|
|
|
|
|
|
|
|
|
|
|
|
| |
* README, all.yml, stack_params.yaml, openstack-stack: added docker volume size customisation
- app_volume_size changed to node_volume_size (it is node everywhere else)
* all.yml, stack_params.yaml,openstack-stack: added customisation for lb, etcd, dns
* README: updated
* README: updated info about ephemeral volumes
|
|
|
|
|
|
|
|
|
|
| |
* README, all.yml, stack_params.yml, heat_stack.yaml.j2: hostname customisation added
* hostnames customisation: default set in stack_params
* heat_stack: bug fix
* fixed commented defaults in group_vars/all.yml
|
|
|
|
| |
and documented (#638)
|
|
|
|
|
|
|
|
|
|
|
|
| |
* all.yml: set up new variables for specifying images for roles
* stack_params.yaml: add image name variables for different roles
* more roles added
* heat_stack.yaml.j2: openstack_image changed to updated image names
* README: updated documentation for specifying image names
|
|
|
|
|
|
| |
Add openstack_private_network_name to filter by a wanted private
network.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
|
|
|
|
|
|
| |
For testing cases it's sometimes useful to not create Cinder volumes for
the VMs. It can also sometimes be a little faster and more robust (but
unfit for production).
This adds an option called `ephemeral_volumes` that will use the VM's
storage instead of creating volumes when set to true.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the move to the static inventory, we don't need it anymore so it's
now just an unnecessary step in the deployment.
Note that the users may still want to use clouds.yaml for openstack
credentials instead of sourcing the `OS_*` environment variables, but
they can do that at their discression.
The reason we had the clouds.yaml here was because the `openstack.py`
dynamic inventory used the servers' UUID's as ansible hosts by default
and the options we put in caused it to use the hostnames (as desired).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* At the provisioning stage, allow users to auto-generate SSH config,
when using a static inventory.
* Run playbooks to provsion and post-provision as a separate, when
using a bastion. This re-applies the SSH config, which ansible can't
do on the fly.
* Support a pre-installed bastion node, colocated with the 1st infra
node.
* With a bastion enabled, reduce floating IP footprint to infra and
dns nodes only, effectively isolating a cluster in a private
network.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
|
|
|
|
|
|
|
| |
* At the provisioning stage, allow users to auto-generate a static
inventory w/o manual steps needed. The alternative to
go fully dynamic TBD.
* Move openshift pre-install playbook to the post provision playbook,
where the second part of the pre install tasks is already placed.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Autogenerate inventory/hosts when 'inventory: static' (Default),
with the shade-inventory tool.
* Drop unused anymore: openstack.py and associated GPL notes,
an example static inventory, omit manual updates for the
inventory DNS names in the deployment guide.
* Switch openstack.py formatted inventory hostvars
to the shade-inventory format (omit openstack.* from hostvars).
* Populate node labels from inventory vars instead of the heat
templates combined with inventory vars.
* Add app (k8s minions) nodes group for primary node labels.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Because openshift-ansible requires root on the cluster nodes, but it
doesn't explicitly set it in the playbooks (like we do), let's set it
in our inventory instead of requiring to pass `--become` to
`ansible-playbook`.
That will simplify the installation steps as well as let us include
the provisioning and openshift-ansible playbooks in a single playbook.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Switch the sample inventory to CentOS
This changes the image name and deployment types to use centos instead
of rhel and sets `rhsm_register` to false.
With these changes, the inventory should be immediately deployable
using the default values (assuming the image, network and flavor names
match).
Ideally, the upstream CI will just end up using this inventory with
little to no changes, too at some point.
* Specify the origin openshift_release
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add defaults values for some openstack vars
Ansible shows errors when the `rhsm_register` and
`openstack_flat_secgrp` values are not present in the inventory even
though they have sensible default values.
This makes them both default to false when they're not specified.
* Comment out the flat security group option in inv
It's no longer required to be there so let's comment it out.
|
|\
| |
| | |
Add node_removal_policies variable to openstack provisioning to allow for scaling down
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
|/ |
|
|
|
|
|
|
|
| |
Tune an example ansible.cfg to include
tasks profiling info and improve displaying
of skipped tasks.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
| |
|
| |
|
| |
|
|
|
|
| |
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Add a openstack_flat_secgroup, defaults to False.
When set, merges sec rules for master, node, etcd, infra nodes into a
single group. Less secure, but might help to mitigate quota limitations.
Update docs. Use timeout 30s to mitigate the error:
Timeout (12s) waiting for privilege escalation prompt.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
|