| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* [openshift_projects] Add openshift_projects role
* [openshift_hosted] hosted deployments use openshift_hosted_infra_selector if openshift_hosted_<component>_selector is not defined
* [openshift_hosted] move openshift_projects, openshift_serviceaccounts and openshift_metrics to dependencies of openshift_hosted
* [router] improve router deployment
- add router option to force subdomain
- add CA to router certificate options
* [registry] move registry config into openshift_hosted role
- additional registry fixes/tweaks
- add s3 storage support for registry
* [serviceaccount] fix up serviceaccount creation
|
| |
|
| |
|
|\
| |
| | |
add unit in seconds for metrics resolution
|
| | |
|
| | |
|
| | |
|
|\ \
| | |
| | | |
Separate master and haproxy config playbooks.
|
| |/
| |
| |
| |
| |
| | |
* Move haproxy configuration to a separate openshift-loadbalancer play.
* Move the haproxy role to openshift_loadbalancer.
* Add openshift_loadbalancer* facts which drive haproxy configuration.
|
|/ |
|
|\
| |
| | |
Fixes for openshift_docker_hosted_registry_insecure var.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes a failure on masters if you explicitly set
openshift_docker_hosted_registry_insecure=true. This is the default but
if you tried to set it an error would trigger as a relevant variable was
not passed in the master playbooks.
Fixes setting the variable to false being ignored.
master/node playbooks were referencing the docker fact, which was not
set at that point and thus we were always getting the default of true,
regardless what was in your inventory.
Stop passing registry insecure in via playbooks, we can access it when running
openshift_facts itself. Add a new default in openshift facts.
|
| |
| |
| |
| | |
openshift_master_max_requests_inflight.
|
| | |
|
|\ \
| | |
| | | |
Add support for Openstack based persistent volumes
|
| | |
| | |
| | |
| | | |
Signed-off-by: Sylvain Baubeau <sbaubeau@redhat.com>
|
|\ \ \
| |_|/
|/| | |
Fix openshift_generate_no_proxy_hosts boolean
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fixing this also made it obvious that we weren't adding even the current host's
name to the no_proxy list. This is absolutely necessary or the master won't be
able to reach etcd. So even if they request not to have the list of all hosts
and cluster dns zone added we should add the current host's hostname to the
no_proxy list.
|
|\ \ \
| | | |
| | | |
| | | | |
Tagging package [openshift-ansible] version [3.0.88-1] in directory [./].
|
| |/ / |
|
| | |
| | |
| | |
| | |
| | |
| | | |
controller
Also, improve commenting
|
|\ \ \
| |/ /
|/| | |
Fix inventory properties with raw booleans, again...
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The fix earlier in this affected method was only being applied when
merging old and new facts. In a first run on a clean system with no
pre-existing openshift facts cache, the yaml safe load was not applied
resulting in the same broken master config. (which would fix itself if
you just reran the config playbook)
Apply the same check on new facts not previously applied on the system.
|
|/ / |
|
|\ \
| | |
| | | |
Global Proxy Config
|
| | | |
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Configures HTTP_PROXY, HTTPS_PROXY, NO_PROXY for master and docker services.
Configugres BuildDefaults Admission controller for master to automatically
insert proxy environment configuration into build environments.
To use set at least these variables
- openshift_http_proxy
- openshift_https_proxy
NO_PROXY entries will automatically be configured for hostnames of all openshift
hosts. You may specify additional NO_PROXY hosts or patterns by setting
`openshift_no_proxy`
If you wish to disable automatic generation of NO_PROXY hosts you may set
`openshift_generate_no_proxy_hosts` to False.
If you wish to have different builddefaults proxy configuration than baseline
proxy configuration set these variables
- openshift_builddefaults_http_proxy
- openshift_builddefaults_https_proxy
- openshift_builddefaults_no_proxy
- openshift_builddefaults_git_http_proxy
- openshift_builddefaults_git_https_proxy
|
|/ |
|
|\
| |
| | |
Fix use of JSON inventory vars with raw booleans.
|
| |
| |
| |
| |
| |
| | |
Thought this was fixed in recent patch but somehow backed out a critical
change to the isinstance, we need to check for basestring to also have
this work with unicode strings.
|
| |
| |
| |
| |
| |
| |
| | |
Previously we expected you to comma separate, but this wasn't really
clear. Insted we will use an explicit JSON list going forward.
The comma separated list will be supported for backwards compatability.
|
|\ \
| | |
| | | |
Bug 1328119 - router selector not obeyed
|
| | | |
|
| | |
| | |
| | |
| | | |
counting nodes.
|
|\ \ \
| |/ /
|/| | |
added new openshift-metrics service
|
| |/ |
|
| | |
|
|/
|
|
|
| |
Conflicts:
roles/openshift_facts/library/openshift_facts.py
|
|
|
|
|
|
| |
QE found that for fresh installs we were basing the docker version facts of the
images that could be pulled prior to configuring /etc/sysconfig/docker. This
is an edge case but something we need to fix.
|
|\
| |
| | |
Support setting imagePolicyConfig JSON in inventory.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
For flexibility this is another pure JSON field to translate directly to
yaml in the master config.
Also updated to more safely handle JSON inventory variables as this
uncovered a bug with booleans where you end up with a string containing
json in your yaml.
|
| |
| |
| |
| | |
containerized env
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Move openshift_router to openshift_hosted role which will eventually
contain registry, metrics and logging.
* Adds option for specifying an openshift_hosted_router_certificate
cert and key pair.
* Removes dependency on node label variables and retrieves the node
list from the API s.t. this role can be applied to any cluster with
existing nodes. I've added an openshift_hosted playbook that occurs
after node install to account for this.
* Infrastructure nodes are selected using
openshift_hosted_router_selector which is based on deployment type
by default; openshift-enterprise -> "region=infra" and online ->
"type=infra".
|
|\
| |
| | |
Check for kind in cloudprovider facts prior to accessing.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow users who wish to deploy configs with ansible to define templates for
oauth screens, and control the alwaysShowProviderSelection setting.
There are currently three supported oauth templates, and we have a pre-existing
'oauth_template' variable, but it is assumed to mean you are controlling the
'login' screen, and this is the only one you can configure.
To work around this, supporting all current and future templates, introduce a
pluralized variable 'oauth_templates', which contains a JSON dict allowing the
admin to control any template they wish. If both new and old variables are
defined, the old one is ignored. (and can be considered deprecated)
Internally the old value will be converted to the new dict, so the template
just references one value.
Example:
openshift_master_oauth_always_show_provider_selection=true
openshift_master_oauth_templates={"providerSelection": "provider-selection.html", "error": "oauth-error.html"}
Yeilds:
oauthConfig:
alwaysShowProviderSelection: true
templates:
error: oauth-error.html
providerSelection: provider-selection.html
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds four new inventory variables for setting sections in "admissionConfig" and
"kubernetesMasterConfig.admissionConfig".
openshift_master_admission_plugin_order allows configuring the list of origin
admission controller plugins to enable and what order to run them in. This must
be a JSON formatted list of strings:
openshift_master_admission_plugin_order=["RunOnceDuration", "NamespaceLifecycle", "OriginPodNodeEnvironment", "ClusterResourceOverride", "LimitRanger", "ServiceAccount", "SecurityContextConstraint", "ResourceQuota", "SCCExecRestrictions"]
openshift_master_kube_admission_plugin_order is identical but for the
kubernetes admission controller plugins which appear beneath
kubernetesMasterConfig.
openshift_master_admission_plugin_config allows setting free-form configuration
stanzas that match up with enabled admission controller plugins. This must be a
JSON formatted hash:
openshift_master_admission_plugin_config={"RunOnceDuration":{"configuration":{"apiVersion":"v1","kind":"RunOnceDurationConfig","activeDeadlineSecondsOverride":3600}},"ClusterResourceOverride":{"configuration":{"apiVersion":"v1","kind":"ClusterResourceOverrideConfig","limitCPUToMemoryPercent":200,"cpuRequestToLimitPercent":6,"memoryRequestToLimitPercent":60}}}
openshift_master_kube_admission_plugin_config is the equivalent for kubernetes
admission controller plugins.
Contains a change to merge_facts to fix issues with modifying inventory
variables that contain JSON dicts. If you modified a previously set variable,
the result would be a merge of old and new, which is completely wrong in this
case. Addded new overwrite_facts to shortcut to just taking the new values.
This differs from the pre-existing concept of "protected" in that we're not
protecting an old value, we're trashing it and taking the new.
|
|
|
|
|
|
|
|
|
| |
- introduce openshift_master_scheduler_predicates and
openshift_master_scheduler_priorities to override the default scheduler
predicates and priorities
- switch default scheduler priorities to use SelectorSpreadPriority instead
of ServiceSpreadingPriority
|
|
|
|
|
|
| |
- gather facts requiring docker only if docker is present and running
- Update reference to etcd role in playbooks/common/openshift-etcd/config.yml
to use openshift_etcd
|
| |
|