summaryrefslogtreecommitdiffstats
path: root/playbooks
Commit message (Collapse)AuthorAgeFilesLines
* Cleanup etcd runtime variable.Michael Gugino2017-11-2113-99/+9
| | | | Cleaning out reference to etcd_runtime in openshift facts.
* Merge pull request #6202 from mgugino-upstream-stage/fix-any-sys-containersMichael Gugino2017-11-211-5/+6
|\ | | | | Fix logic for any sys containers
| * Fix logic for any sys containersMichael Gugino2017-11-211-5/+6
| | | | | | | | Remove set_fact in favor of the variables directly.
* | Merge pull request #6145 from mtnbikenc/consolidate-openshift-etcdScott Dodson2017-11-2133-39/+36
|\ \ | | | | | | Playbook Consolidation - openshift-etcd
| * | Playbook Consolidation - openshift-etcdRussell Teague2017-11-1633-39/+36
| | |
* | | Merge pull request #6148 from mtnbikenc/consolidate-openshift-nfsScott Dodson2017-11-218-6/+6
|\ \ \ | |_|/ |/| | Playbook Consolidation - openshift-nfs
| * | Playbook Consolidation - openshift-nfsRussell Teague2017-11-168-6/+6
| |/
* | Upgrade to etcd 3.2Scott Dodson2017-11-201-0/+8
| |
* | Merge pull request #6147 from mtnbikenc/consolidate-openshift-checksOpenShift Merge Robot2017-11-1725-25/+21
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Playbook Consolidation - openshift-checks - Create playbooks/openshift-checks directory - Move everything from playbooks/byo/openshift-checks to playbooks/openshift-checks - Move everything from playbooks/common/openshift-checks to playbooks/openshift-checks/private - Fix all include path references throughout playbooks/ Trello: https://trello.com/c/2Rx1uvjz/547-2-playbook-consolidation-openshift-checks
| * | Playbook Consolidation - openshift-checksRussell Teague2017-11-1625-25/+21
| |/
* | Merge pull request #6082 from mgugino-upstream-stage/combine-node-upgradeOpenShift Merge Robot2017-11-162-13/+15
|\ \ | |/ |/| | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Combine openshift_node and openshift_node_upgrade Currently, having openshift_node and openshift_node_upgrade as two distinct roles has created a duplication across handlers, templates, and some tasks. This commit combines the roles to reduce duplication and bugs encountered by not putting code in both places.
| * Combine openshift_node and openshift_node_upgradeMichael Gugino2017-11-162-13/+15
| | | | | | | | | | | | | | | | | | Currently, having openshift_node and openshift_node_upgrade as two distinct roles has created a duplication across handlers, templates, and some tasks. This commit combines the roles to reduce duplication and bugs encountered by not putting code in both places.
* | Fix openstack initRussell Teague2017-11-162-8/+3
|/
* Merge pull request #6039 from tomassedovic/openstack-provider-githistScott Dodson2017-11-1610-0/+1437
|\ | | | | Add the OpenStack provider
| * Namespace the docker volumesTomas Sedovic2017-11-071-7/+7
| |
| * Namespace the OpenStack varsTomas Sedovic2017-11-075-104/+104
| | | | | | | | | | This makes sure that all the variables used in the `openshift_openstack` role are prefixed with `openshift_openstack_` as is the convention.
| * Add the DNS updates and rename the openstack varsTomas Sedovic2017-11-075-27/+46
| | | | | | | | | | Most of the vars in `roles/openshift_openstack/defaults/main.yml` are now prefixed with `openstack_`.
| * Remove the static_inventory and bastion samplesTomas Sedovic2017-11-071-19/+0
| | | | | | | | | | These options will have no effect until we add static inventory and bastion support back in.
| * Use the existing ansible.cfg fileTomas Sedovic2017-11-072-32/+7
| |
| * Use correct host group in provision.ymlTomas Sedovic2017-11-071-1/+1
| |
| * Remove the post-install and scale-up playbooksTomas Sedovic2017-11-072-127/+0
| | | | | | | | | | They're not necessary for the initial PR so let's add them properly later.
| * Remove the openstack custom-actions for nowTomas Sedovic2017-11-074-128/+0
| | | | | | | | | | | | | | | | They're duplicating a lot of functionality that's already in openshift-ansible and they're not actually used from the provisioning playbooks. We'll revisit them later.
| * Add openshift_openstack role and move tasks thereTomas Sedovic2017-11-0719-533/+118
| | | | | | | | | | | | | | | | | | All the tasks that were previously in playbooks are now under `roles/openshift_openstack`. The `openshift-cluster` directory now only contains playbooks that include tasks from that role. This makes the structure much closer to that of the AWS provider.
| * Use the docker-storage-setup roleTomas Sedovic2017-11-071-1/+3
| |
| * Update readmeTomas Sedovic2017-11-071-17/+8
| |
| * Update lookup plugins pathTomas Sedovic2017-11-071-1/+1
| |
| * Move the OpenStack playbooksTomas Sedovic2017-11-0725-0/+0
| | | | | | | | | | We move them from `playbooks/provisioning/openstack` to `playbooks/openstack` to mirror `playbooks/aws`.
| * Merge ../openshift-ansible-contrib into openstack-provider-githistTomas Sedovic2017-11-0725-0/+2139
| |\ | | | | | | | | | | | | | | | | | | | | | This moves all the OpenStack-related code from the -contrib[1] repo including its git history to openshift-ansible. It will then be moved around and updated to fit the rest of the project's structure. [1]: https://github.com/openshift/openshift-ansible-contrib
| | * Remove bash highlightTomas Sedovic2017-10-181-1/+1
| | |
| | * Revert the console hostname changeTomas Sedovic2017-10-182-5/+5
| | | | | | | | | | | | We'll do it in a separate pull request.
| | * Merge branch 'master' into openstack-docsTomas Sedovic2017-10-1810-6/+271
| | |\
| | | * Add Extra CAs (custom post-provision action) (#801)Tlacenka2017-10-182-0/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add cas: playbook adding new CAs created * add CAs: README updated, bug fixes * README: improvements * README: minor fixes * README: removed code snippet * README: fix
| | | * Add Flannel support (#814)Bogdan Dobrelya2017-10-185-0/+108
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add flannel support * Document Flannel SDN use case for a separate data network. * Add post install step for flannel SDN * Configure iptables rules as described for OCP 3.4 refarch https://access.redhat.com/documentation/en-us/reference_architectures/2017/html/deploying_red_hat_openshift_container_platform_3.4_on_red_hat_openstack_platform_10/emphasis_manual_deployment_emphasis#run_ansible_installer * Configure flannel interface options Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com> * Use os_firewall from galaxy for required flannel rules For flannel SDN: * Add openshift-ansible as a galaxy dependency module. * Use openshift-ansible/roles/os_firewall to apply DNS rules for flanel SDN. * Apply the remaining advanced rules with direct iptables commands as os_firewall do not support advanced rules. * Persist only iptables rules w/o dynamic KUBe rules. Those are added runtime and need restoration after reboot or iptables restart. * Configure and enable the masked iptables service on the app nodes. Enable it to allow the in-memory rules to be persisted. Disable firewalld, which is the expected default behavior of the os_firewall module. Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com> * Allow access from nodes to masters' port 2379 when using flannel Flannel requires to gather information from etcd to configure and assign the subnets in the nodes, therefore, allow access from nodes to port 2379/tcp to the master security group. Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
| | | * Support separate data network for Flannel SDN (#757)Bogdan Dobrelya2017-10-165-1/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Support separate data network for Flannel SDN Document the use case for a separate flannel data network. Allow Nova servers for openshift cluster to be provisioned with that isolated data network created and connected to masters, computes and infra nodes. Do not configure dns nameservers and router for that network. Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com> * Fix flannel use cases with provider network Provider network cannot be used with flannel SDN as the latter requires a separate isolated network, while the provider network is an externally managed single network. Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com> * Drop unused data_net_name Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
| | | * Add Extra Docker Registry URLs (custom post-provision action) (#794)Tlacenka2017-10-132-0/+109
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add-docker-registry: playbook that adds docker registries to docker config file (in progress) * indentation fix * docker registries: add check for variable type * another type conversion * docker registry: try another unified formatting * another attempt * type error fix * quotation attempt * docker registry: bug fixes * docker registry: fixed formatting * docker registry: if docker is not available, skip the whole playbook * README updated * README: typo * docker registries: suggested changes applied (in progress) * docker registries: README updated, redundant check removed * removed redundant become:true
| | * | Merge branch 'master' into openstack-docsTomas Sedovic2017-10-135-5/+46
| | |\|
| | | * Allow the specification of server group policies when provisioning openstack ↵tzumainn2017-10-133-0/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#747) * Allow for the specifying of server policies during OpenStack provisioning * documentation for openstack server group policies * add doc link detailing allowed policies * changed default to anti-affinity
| | | * Attach additional RHN Pools (post-provision custom action) (#753)Tlacenka2017-10-122-4/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * README, add-rhn-pools.yml: Add new custom post-provision playbook that attaches additional RHN pools - also mention this example in the contrib README * added become true * README update
| | * | Make the private key examples consistentTomas Sedovic2017-10-131-7/+9
| | | | | | | | | | | | | | | | | | | | | | | | Just like in the README, the Advanced Configuration will now rely on the default `~/.ssh/id_rsa` key and mention Ansible's `--private-key` option when using a different file.
| | * | Streamline the OpenStack provider READMETomas Sedovic2017-10-124-532/+883
| | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This moves all the extra configuration options and deployment notes to a new `advanced-configuration.md` file and keeps the README much shorter. The README now presents the simplest workflow with minimal configuration and manual steps on part of the deployer. The advanced configuration is in need of a little more cleanup, but we can do that in another pull request.
| | * Merge pull request #776 from tomassedovic/dynamic-inventorytzumainn2017-10-064-2/+111
| | |\ | | | | | | | | Add dynamic inventory
| | | * Set public_v4 to private_v4 if it doesn't existTomas Sedovic2017-10-051-2/+3
| | | | | | | | | | | | | | | | | | | | The DNS code expects a `public_v4` even when we use the provider networks. Let's just always export it.
| | | * Fix flake8 errorsTomas Sedovic2017-10-051-16/+14
| | | |
| | | * Add dynamic inventoryTomas Sedovic2017-10-044-2/+112
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds an `inventory.py` script to the `sample-inventory` that lists all the necessary servers and groups dynamically, skipping the `static_inventory` role as well as the `hosts` creation. It also adds an `os_cinder` lookup function which is necessary for a seamless Cinder OpenShift registry integration without a static inventory.
| | * | Replace the CASL references (#778)Tomas Sedovic2017-10-061-1/+1
| | |/ | | | | | | | | | | | | | | | Following up on the initial port of the OpenStack roles from casl-ansible to openshift-ansible-contrib. One of the points that was brought up in the review was to drop the references to CASL in the code since the code has now wider reach.
| | * Fix public master cluster DNS record when using bastion (#752)Bogdan Dobrelya2017-09-261-0/+1
| | | | | | | | | | | | | | | When using a bastion and a single master, add the bastion node's public IP the public master's IP for the DNS record. Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
| | * Upscaling OpenShift application nodes (#571)Tlacenka2017-09-263-0/+100
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * scale-up: playbook for upscaling app nodes * scale-up: removed debug * scale-up: made suggested changes * scale-up: indentation fix * upscaling: process split into two playbooks that are executed by a bash script - upscaling_run.sh: bash script, usage displayed using -h parameter - upscaling_pre-tasks: check that new value is higher, change inventory variable - upscaling_scale-up: rerun provisioning and installation, verify change * upscaling_run: fixed openshift-ansible-contrib directory name * upscaling_run: inventory can be entered as relative path * upscaling_scale-up: fixed formatting * upscaling: minor changes * upscaling: moved to .../provisioning/openstack directory, README updated, minor changes made * README: minor changes * README: formatting * uspcaling: minor fix * upscaling: fix * upscaling: added customisations, fixes - openshift-ansible-contrib and openshift-ansible paths are customisable - fixed implicit incrementation by 1 * upscaling: fixes * upscaling: fixes * upscaling: another fix * upscaling: another fix * upscaling: fix * upscaling: back to a single playbook, README updated * minor fix * pre_tasks: added labels for autoscaling * scale-up: fixes * scale-up: fixed host variables, post-verification is only based on labels * scale-up: added openshift-ansible path customisation - path has to be absolute, cannot contain '/' at the end * scale-up: fix * scale-up: debug removed * README: added docs on openshift_ansible_dir, note about bastion * static_inventory: newly added nodes are added to new_nodes group - note: re-running provisioning fails when trying to install docker * removing new line * scale-up: running byo/config.yml or scaleup.yml based on the situation - (whether there is an existing deployment or not) * openstack.yml: indentation fix * added refresh inventory * upscaling: new_nodes only contains new does, it is not used during the first deployment * static_inventory: make sure that new nodes end up only in their new_nodes group * bug fixes * another fix * fixed condition * scale-up, static_inventory role: all app node data gathered before provisioning * upscaling: bug fixes * upscaling: another fixes * fixes * upscaling: fix * upscaling: fix * upscaling: another logic fix * bug fix for non-scaling deployments
| | * Docker ansible host (#742)Tomas Sedovic2017-09-191-0/+32
| | | | | | | | | | | | | | | | | | | | | | | | * Document using a Docker image for Ansible host * Fix the markdown url syntax * Mention keystonerc as well
| | * Empty ssh (#729)Tomas Sedovic2017-09-191-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Make `openstack_private_ssh_key` optional Before this, the deployer could not reasonably rely on their own SSH configuration or e.g. using the `--private-key` option to ansible-playbook because we always wrote the `ansible_private_key_file` value in the static inventory. This change makes the `openstack_private_ssh_key` variable truly optional: if it's not set, the static inventory will not configure the SSH key and will just rely on the existing configuration. * Update the openstack e2e CI It no longer sets the SSH keys explicitly -- which should just work with the previous commit. * Put back the `openstack_ssh_public_key` in CI This is the option we actually need to keep. This sholud fix the CI failures.
| | * Remove the `rhsm_register` value from inventoryTomas Sedovic2017-09-141-2/+3
| | | | | | | | | | | | It is now commented out since it's no longer necessary.