| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| | |
Check for kind in cloudprovider facts prior to accessing.
|
| | |
|
|\ \
| | |
| | | |
Add support for templating master admissionConfig.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Allow users who wish to deploy configs with ansible to define templates for
oauth screens, and control the alwaysShowProviderSelection setting.
There are currently three supported oauth templates, and we have a pre-existing
'oauth_template' variable, but it is assumed to mean you are controlling the
'login' screen, and this is the only one you can configure.
To work around this, supporting all current and future templates, introduce a
pluralized variable 'oauth_templates', which contains a JSON dict allowing the
admin to control any template they wish. If both new and old variables are
defined, the old one is ignored. (and can be considered deprecated)
Internally the old value will be converted to the new dict, so the template
just references one value.
Example:
openshift_master_oauth_always_show_provider_selection=true
openshift_master_oauth_templates={"providerSelection": "provider-selection.html", "error": "oauth-error.html"}
Yeilds:
oauthConfig:
alwaysShowProviderSelection: true
templates:
error: oauth-error.html
providerSelection: provider-selection.html
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Adds four new inventory variables for setting sections in "admissionConfig" and
"kubernetesMasterConfig.admissionConfig".
openshift_master_admission_plugin_order allows configuring the list of origin
admission controller plugins to enable and what order to run them in. This must
be a JSON formatted list of strings:
openshift_master_admission_plugin_order=["RunOnceDuration", "NamespaceLifecycle", "OriginPodNodeEnvironment", "ClusterResourceOverride", "LimitRanger", "ServiceAccount", "SecurityContextConstraint", "ResourceQuota", "SCCExecRestrictions"]
openshift_master_kube_admission_plugin_order is identical but for the
kubernetes admission controller plugins which appear beneath
kubernetesMasterConfig.
openshift_master_admission_plugin_config allows setting free-form configuration
stanzas that match up with enabled admission controller plugins. This must be a
JSON formatted hash:
openshift_master_admission_plugin_config={"RunOnceDuration":{"configuration":{"apiVersion":"v1","kind":"RunOnceDurationConfig","activeDeadlineSecondsOverride":3600}},"ClusterResourceOverride":{"configuration":{"apiVersion":"v1","kind":"ClusterResourceOverrideConfig","limitCPUToMemoryPercent":200,"cpuRequestToLimitPercent":6,"memoryRequestToLimitPercent":60}}}
openshift_master_kube_admission_plugin_config is the equivalent for kubernetes
admission controller plugins.
Contains a change to merge_facts to fix issues with modifying inventory
variables that contain JSON dicts. If you modified a previously set variable,
the result would be a merge of old and new, which is completely wrong in this
case. Addded new overwrite_facts to shortcut to just taking the new values.
This differs from the pre-existing concept of "protected" in that we're not
protecting an old value, we're trashing it and taking the new.
|
|/ |
|
|
|
|
|
|
|
|
|
| |
- introduce openshift_master_scheduler_predicates and
openshift_master_scheduler_priorities to override the default scheduler
predicates and priorities
- switch default scheduler priorities to use SelectorSpreadPriority instead
of ServiceSpreadingPriority
|
|
|
|
|
|
| |
- gather facts requiring docker only if docker is present and running
- Update reference to etcd role in playbooks/common/openshift-etcd/config.yml
to use openshift_etcd
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Currently there's no good way to install from a registry that requires
authentication. This applies both to RPM and containerized installs:
https://bugzilla.redhat.com/show_bug.cgi?id=1316341
The workaround is to 'docker login' as root and then have ansible pull the
images to the image cache.
|
| |
|
|
|
|
|
| |
Adds a new inventory var "openshift_node_local_quota_per_fsgroup", which will
set the perFSGroup quota node-config.yaml.
|
|\
| |
| | |
Bug 1317755 - Set insecure-registry for internal registry by default
|
| | |
|
|/ |
|
|
|
|
|
|
|
| |
- Prevents roles that need common facts from needing to require
openshift_common, which pulls in the openshift binary.
- Add dependency on openshift_facts to os_firewall, since it uses
openshift.common facts
|
|\
| |
| | |
Add support for Openstack integration
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- refactors the docker role to push generic config into docker role and wrap
openshift specific variables into an openshift_docker role and it's
dependent openshift_docker_facts role
- adds support for setting --confirm-def-push flag (Resolves
https://github.com/openshift/openshift-ansible/issues/1014)
- moves docker related facts from common/node roles to a new docker role
- renames cli_docker_* role varialbes to openshift_docker-* (maintaining
backward compatibility)
- update role dependencies to pull in openshift_docker conditionally based on
is_containerized
- remove playbooks/common/openshift-docker since the docker role is now
conditionally included
|
| | |
|
| | |
|
| |
| |
| |
| |
| | |
Centralize the very weird process for converting strings to booleans
to help keep the code consistent.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is the containerized openshift_pkg_version equivalent. Originally I was
hoping to reuse openshift_pkg_version for containerized installs but the fact
that it's very coupled to yum made that pretty ugly.
However, I did opt to rely on the previously existing 'openshift_version'
variable. Containerized and RPM installs can both use that variable and it
will be set appropriately if either openshift_pkg_version or
openshift_image_tag are set. I suspect someday containerized installs will be
the only option and I didn't can to have thinkgs like openshift_pkg_version and
openshift_image_tag in the playbooks anymore the necessary.
|
| | |
|
| | |
|
|/ |
|
|\
| |
| | |
Support for adding new masters
|
| | |
|
| | |
|
|/ |
|
|\
| |
| | |
Fix loopback cluster name, context name, and user
|
| | |
|
| | |
|
|\ \
| |/
|/| |
Remove fluentd_master and fluentd_node roles
|
| | |
|
|\ \
| | |
| | | |
add iscsi storage_plugin dependency
|
| | | |
|
| | | |
|
|/ / |
|
| | |
|
|/ |
|
|\
| |
| | |
Update Docs and test for testing ansible version
|
| | |
|
|\ \
| | |
| | | |
Nuage
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Added variables
Made changes for node configuration
Add service restart logic to node
Fixed ansible syntax errors
Add cert and key info for nodes
Added active and standby controller ip configuration information
Uncommented the nuage sdn check
Changed ca_crt -> ca_cert
Added restarting of atomic openshift master
Removed service account dependencies
Fixes
Fixed the api server url
Removed redundant restart of atomic openshift master
Configure nuagekubemon on all of the master nodes
Restart master api and controllers as well on nuagekubemon installation
Converted plugin config into template
Add template for nuagekubemon
Removed uplink interface from vars
Able to copy cert keys
Uninstall default ovs
Add the kubemon template
Do not install rdo sdn rpms in case of nuage
Addressed latest review comments
Set the networkPluginName for nuage
|
|\ \ \
| | | |
| | | | |
Fix client and admin wrapper pathing for non-root user install.
|
| | |/
| |/| |
|
|\ \ \
| |/ /
|/| | |
Ha port fixes
|
| | | |
|
| | | |
|