summaryrefslogtreecommitdiffstats
path: root/playbooks
Commit message (Collapse)AuthorAgeFilesLines
* Limit base-package install during master upgradesMichael Gugino2017-10-026-1/+9
| | | | | | | | | | | Currently, openshift_version installs RPM packages on all nodes and masters to aid in determining and setting the proper version across the cluster. This commit limits the host groups to only masters during upgrade_control_plane plays. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1495107
* Separate certificate playbooks.Andrew Butcher2017-10-0225-163/+216
|
* Merge pull request #5449 from abutcher/wildcard-router-cert-redeployOpenShift Merge Robot2017-09-306-119/+69
|\ | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Bug 1490186: Router pod not running after router certificates redeployment This carries https://github.com/openshift/openshift-ansible/pull/5417. More of the router cert redeploy logic could be moved into the `openshift_hosted` role with a flag. I may pull those over. https://bugzilla.redhat.com/show_bug.cgi?id=1490186
| * Include openshift_hosted when redeploying router certificates to handle ↵Andrew Butcher2017-09-291-71/+43
| | | | | | | | auto-generated wildcard certificate or custom openshift_hosted_router_certificate.
| * Check for router service annotations when redeploying router certificates.Andrew Butcher2017-09-291-3/+29
| |
| * Remove oo_option facts.Andrew Butcher2017-09-295-49/+1
| |
* | Merge pull request #5593 from ingvagabund/block-upgrade-if-etcd3-not-setJan Chaloupka2017-09-301-0/+4
|\ \ | | | | | | block 3.6->3.7 upgrade if storage backend is not set to etcd3
| * | block 3.6->3.7 upgrade if storage backend is not set to etcd3Jan Chaloupka2017-09-291-0/+4
| |/
* | Merge pull request #5565 from mgugino-upstream-stage/provisioning-centos-supportOpenShift Merge Robot2017-09-2910-98/+161
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Changes necessary to support AMI building Currently, AMI building does not work. These changes implement the necessary steps to build an AMI for usage as a 'golden node image'.
| * | Changes necessary to support AMI buildingMichael Gugino2017-09-2810-98/+161
| | | | | | | | | | | | | | | | | | | | | Currently, AMI building does not work. These changes implement the necessary steps to build an AMI for usage as a 'golden node image'.
* | | move health-checks and control-plane-verification before excludersJan Chaloupka2017-09-295-28/+28
| |/ |/|
* | Merge pull request #5544 from sdodson/aep-b-goneOpenShift Merge Robot2017-09-282-65/+2
|\ \ | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Remove some remnants of Atomic Enterprise Removes a few un-necessary uninstall steps
| * | Remove some reminants of Atomic EnterpriseScott Dodson2017-09-262-65/+2
| | |
* | | Merge pull request #5559 from mgugino-upstream-stage/readd-ent-registryOpenShift Merge Robot2017-09-281-9/+0
|\ \ \ | |_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Migrate enterprise registry logic to docker role Currently, the enterprise registry to forcefully added in openshift_facts. Recently, the docker role has been modified to consume registry variables directly, bypassing openshift_facts. This commit cleans up unused code in openshift_facts, and migrates enterprise registry logic to the docker role. Fixes: https://github.com/openshift/openshift-ansible/issues/5557
| * | Migrate enterprise registry logic to docker roleMichael Gugino2017-09-271-9/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, the enterprise registry to forcefully added in openshift_facts. Recently, the docker role has been modified to consume registry variables directly, bypassing openshift_facts. This commit cleans up unused code in openshift_facts, and migrates enterprise registry logic to the docker role. Fixes: https://github.com/openshift/openshift-ansible/issues/5557
* | | Merge pull request #5508 from sdodson/disable-image-streamsOpenShift Merge Robot2017-09-282-2/+4
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Allow examples management to be disabled By setting openshift_install_examples=false the image stream and quick start templates will not be installed https://trello.com/c/zLaSgxig/436-2-customers-need-a-way-to-opt-out-of-openshift-ansible-template-and-imagestream-mangement Fixes #5061
| * | | Allow examples management to be disabledScott Dodson2017-09-222-2/+4
| | | |
* | | | Merge pull request #5527 from mtnbikenc/installer-checkpointOpenShift Merge Robot2017-09-2816-41/+504
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Installer checkpointing This pull request adds an Ansible callback plugin to allow for 'checkpointing' the status of the OpenShift-Ansible installer. The installer is divided up into phases and each phase will start with a status of 'Not Started'. As the phase is performed the status will be updated to 'In Progress' and finally 'Complete'. Should the install fail or complete successfully, the callback plugin will report the status of all phases after the PLAY RECAP. The INSTALLER STATUS is also written to the Ansible log file. https://trello.com/c/VNEvT2Fo Changes: - Added installer_checkpoint role and callback plugin - Added checkpoint 'Start' and 'End' plays to each installation phase Additional items related to enabling proper checkpointing: - Removed openshift_set_hostname and related task (related to 3.0) - Added openshift-hosted entry point playbook - Moved openshift metrics and logging out of openshift_hosted playbook - Moved API Aggregation play to master install Example playbook output: ``` <- snip -> PLAY RECAP *********************************************************************************************************************************** ec2-34-207-180-218.compute-1.amazonaws.com : ok=158 changed=16 unreachable=0 failed=0 ec2-52-87-169-12.compute-1.amazonaws.com : ok=469 changed=74 unreachable=0 failed=0 ec2-52-90-209-20.compute-1.amazonaws.com : ok=157 changed=17 unreachable=0 failed=0 localhost : ok=24 changed=0 unreachable=0 failed=0 INSTALLER STATUS ***************************************************************************************************************************** Initialization : Complete etcd Install : Complete NFS Install : Not Started Load balancer Install : Not Started Master Install : Complete Master Additional Install : Complete Node Install : Complete GlusterFS Install : Not Started Hosted Install : Complete Metrics Install : Not Started Logging Install : Not Started Service Catalog Install : Not Started ```
| * | | | OpenShift-Ansible Installer CheckpointingRussell Teague2017-09-2716-41/+504
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Added installer_checkpoint role and callback plugin - Added checkpoint 'Start' and 'End' plays to each installation phase Additional items related to enabling proper checkpointing: - Removed openshift_set_hostname and related task (related to 3.0) - Added openshift-hosted entry point playbook - Moved openshift metrics and logging out of openshift_hosted playbook - Moved API Aggregation play to master install
* | | | | Merge pull request #5549 from ingvagabund/fix-etcd-backup-tagOpenShift Merge Robot2017-09-271-1/+1
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue evaluate etcd_backup_tag variable Bug: 1495545
| * | | | | evaluate etcd_backup_tag variableJan Chaloupka2017-09-271-1/+1
| |/ / / /
* | | | | Merge pull request #5518 from ingvagabund/set-quota-backend-bytes-explicitlyOpenShift Merge Robot2017-09-272-6/+6
|\ \ \ \ \ | |_|_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue set the etcd backend quota to 4GB by default Bug: 1492891
| * | | | Set the etcd backend quota to 4GB by defaultJan Chaloupka2017-09-262-6/+6
| | | | |
* | | | | Fix missing quotes on openshift_aws_build_ami_ssh_user defaultMichael Gugino2017-09-271-1/+1
| | | | |
* | | | | Merge pull request #5532 from mgugino-upstream-stage/centos-ami-provisionScott Dodson2017-09-271-1/+4
|\ \ \ \ \ | |_|/ / / |/| | | | More variables in AWS provisioning plays
| * | | | More variables in AWS provisioning playsMichael Gugino2017-09-261-1/+4
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | This commit adds more optional variables to provision hosts in AWS environments. These changes allow provisioning instances that utilize an ssh_user other than root.
* | | | Merge pull request #5470 from ingvagabund/consolidate-etcd-common-roleOpenShift Merge Robot2017-09-265-144/+74
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Consolidate etcd common role The last PR toward a single etcd role
| * | | | consolidate etcd_common roleJan Chaloupka2017-09-255-144/+74
| |/ / /
* | | | Merge pull request #5536 from ingvagabund/make-difference-output-list-3.7OpenShift Merge Robot2017-09-263-5/+5
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue make difference filter output a list for Python3 Fixes: #3934
| * | | | make difference filter output a list for Python3Jan Chaloupka2017-09-263-5/+5
| | |/ / | |/| |
* | | | Merge pull request #5472 from mgugino-upstream-stage/split-hosted-v2OpenShift Merge Robot2017-09-269-63/+78
|\ \ \ \ | |/ / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Refactor openshift_hosted plays and role (version 2) Currently, openshift_hosted role duplicates some logic across separate task chains. This commit cleans up the openshift_hosted role and converts it to be primarily used with include_role to give better logic to the playbooks that utilize this role. This commit also refactors the playbook that calls various openshift_hosted roles into individual playbooks. This allows more granularity for advanced users. ----- This version of the patch set rolls back some of the refactoring (removal of running fact roles as a dependency) and focuses on just realigning the roles and plays. Original PR: https://github.com/openshift/openshift-ansible/pull/5284 Once this merges, I will close the old PR. Leaving it open for now for reference.
| * | | Refactor openshift_hosted plays and roleMichael Gugino2017-09-259-63/+78
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, openshift_hosted role duplicates some logic across separate task chains. This commit cleans up the openshift_hosted role and converts it to be primarily used with include_role to give better logic to the playbooks that utilize this role. This commit also refactors the playbook that calls various openshift_hosted roles into individual playbooks. This allows more granularity for advanced users.
* | | | Merge pull request #5520 from ingvagabund/check-etcd-storage-backendOpenShift Merge Robot2017-09-252-0/+26
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue check if the storage backend is set to etcd3 before upgrading to 3.7 SSIA
| * | | check if the storage backend is set to etcd3 before upgrading to 3.7Jan Chaloupka2017-09-252-0/+26
| | | |
* | | | Merge pull request #5451 from ingvagabund/consolidate-etcd-upgradeOpenShift Merge Robot2017-09-253-15/+21
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Consolidate etcd upgrade Consolidates `etcd_upgrade` into the `etcd` role.
| * | | consolidate etcd_upgrade roleJan Chaloupka2017-09-213-15/+21
| | | |
* | | | Merge pull request #5513 from lucastheisen/masterOpenShift Merge Robot2017-09-251-1/+1
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue resolve #5428: python-dbus not found `python-dbus` is not available in centos standard repos, but: > It appears python-dbus is just a reference to dbus-python and `dbus-python` is.
| * | | resolve #5428: python-dbus not foundLucas Theisen2017-09-231-1/+1
| | | |
* | | | Merge pull request #5495 from abutcher/ca-redeploy-expired-etcdOpenShift Merge Robot2017-09-246-31/+100
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Improve CA redeploy restart logic Expired etcd certificates require special casing around restarts in the certificate redeploy playbooks. When etcd certificates are expired we can't restart masters or nodes. We also can't simply restart etcd because peers also had expired certificates so we must start/stop etcd when we detect expired etcd certificates. `openshift-ca.yml`: * No longer restart master services when etcd certificates were previously expired. * No longer restart node services when master or etcd certificates were previously expired. `etcd-ca.yml`: * No longer restart master services when etcd certificates were previously expired. Tested using [gen_expired_tls.sh](https://gist.github.com/abutcher/bdd20b9d582675d89fb22658689c49e4) on one of my master/etcd hosts to ensure that restart logic changes caused us to skip the right restarts and do a full start/stop of etcd in the `redeploy-certificates.yml` and `redeploy-etcd-certificates.yml` playbooks. Note: When this happens with a cluster and you want to replace all certificates, you can run: `redeploy-etcd-ca.yml`, `redeploy-openshift-ca.yml` (which will both skip restarts) and then run `redeploy-certificates.yml` which will now be able to full/stop start etcd.
| * | | | Do a full stop/start when etcd certificates had expired.Andrew Butcher2017-09-214-0/+42
| | | | |
| * | | | Improve CA playbook restart logic and skip restarts when related services ↵Andrew Butcher2017-09-212-31/+58
| | | | | | | | | | | | | | | | | | | | had previously expired certificates.
* | | | | Merge pull request #5507 from abutcher/etcd-scaleup-urlsOpenShift Merge Robot2017-09-231-9/+11
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Set master facts prior to adding new etcd client urls to master config. `openshift_master` role dependencies were moved out of the role in https://github.com/openshift/openshift-ansible/pull/5392 so we need to call `openshift_master_facts` prior to patching the master config in etcd scaleup. https://bugzilla.redhat.com/show_bug.cgi?id=1490304
| * | | | | Set master facts prior to adding new etcd client urls to master config.Andrew Butcher2017-09-221-9/+11
| | |_|_|/ | |/| | |
* | | | | Merge pull request #5460 from ingvagabund/consolidate-etcd-migrate-roleOpenShift Merge Robot2017-09-231-30/+37
|\ \ \ \ \ | |_|_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Consolidate etcd migrate role The PR is based on top of https://github.com/openshift/openshift-ansible/pull/5371 and https://github.com/openshift/openshift-ansible/pull/5451. Once both PRs are merged, I will rebase.
| * | | | consolidate etcd_migrate roleJan Chaloupka2017-09-221-30/+37
| | | | |
* | | | | Merge pull request #5413 from ingvagabund/disable-excluders-after-pre-checksOpenShift Merge Robot2017-09-233-20/+20
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Move some pre-checks before excluders are disabled Some pre-checks needs an OCP version which is detected by a set of tasks that need the excluders to be disabled. So at the best I can move some pre-checks before the excluders are disabled. However, there will be still some checks that can fail with excluders updated to the newer version. Bug: 1484304
| * | | | | disable excluders after all pre-checksJan Chaloupka2017-09-213-20/+20
| | | | | |
* | | | | | Merge pull request #5498 from mgugino-upstream-stage/fedora-pyyamlScott Dodson2017-09-221-1/+1
|\ \ \ \ \ \ | | | | | | | | | | | | | | Add python3-PyYAML for Fedora installs
| * | | | | | Add python3-PyYAML for Fedora installsMichael Gugino2017-09-211-1/+1
| | |_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fedora installs currently fail because nodes require the usage of python3. python3-PyYAML must be installed in order to support usage of python3. This commit adds the rpm python3-PyYAML to fedora nodes. Fixes: https://github.com/openshift/openshift-ansible/issues/5469
* | | | | | Add booleans to prevent unwanted install of nuage roles.Michael Gugino2017-09-221-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Recently, some role dependencies were removed from meta depends into playbooks. Particularly, the nuage role requires several roles. Currently, only the nuage_master role requires openshift_use_nuage to be true. This commit requires the other nuage roles to reference the variable openshift_use_nuage before install.