| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Prevents playbooks from accidentally restarting the master service.
|
| |
|
|\
| |
| | |
Merged by openshift-bot
|
| | |
|
|\ \
| | |
| | | |
Merged by openshift-bot
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes a bug which reported that AFTER a cluster upgrade from OCP 3.5
to 3.6, any masters which are later added via the scaleup playbooks
are setting a value for OPENSHIFT_DEFAULT_REGISTRY which is
inconsistent with the already configured masters.
* OPENSHIFT_DEFAULT_REGISTRY value is saved from oo_first_master
* The new scaleup master has a fact set noting it is a scaleup host
* The saved OPENSHIFT_DEFAULT_REGISTRY value is used instead of the
default for 3.6, which is to use a hard-coded registry value of
'docker-registry.default.svc:5000'
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1469336
|
|/ |
|
|\
| |
| | |
Ensure that host pki tree is mounted in containerized components
|
| | |
|
| |
| |
| |
| | |
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1463498
|
| | |
|
|\ \
| | |
| | | |
Merged by openshift-bot
|
| | | |
|
| | |
| | |
| | |
| | |
| | | |
We cannot assume that 3.5 to 3.6 upgrades were signed with the correct
certs
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We need to sort out how to know that the registry certificate has the
proper hostnames attached to it. It will for 3.6 clean installs but not
for 3.5 to 3.6 upgrades. For now make it opt in and come back to
this.
|
| |/
| |
| |
| |
| |
| | |
Configures OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc
Adds 'cluster.local' to dns search on nodes via dispatcher script
Adds '.svc' to NO_PROXY defaults
|
|/
|
|
|
| |
This would be the case if for instance they'd upgraded and then
migrated.
|
|\
| |
| | |
Merged by openshift-bot
|
| | |
|
| |
| |
| |
| | |
Bug 1447019
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
Adds service file templates for both maste and node. These will lay down
in /etc/system/systemd to override what may already be present from a
package. These instances take into account the name of the container
daemon (docker or container-engine).
|
|/
|
|
|
|
|
| |
- If using a system container: container-engine
- If using a package install: docker
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1448800
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
|
| |
Add parameters to allow overriding minTLSVersion and
cipherSuites in master and node servingInfo config stanzas.
|
|
|
|
| |
into Openshift Ansible. This is the first (beta) release of Contiv with Openshift and is only supported for Openshift Origin + Bare metal deployments at the time of this commit. Please refer to the Openshift and Contiv official documentation for details of the level of support for different features and modes of operation.
|
| |
|
| |
|
|\
| |
| | |
Set metrics url even if metrics_deploy is false
|
| | |
|
|/
|
|
| |
string everywhere it is used.
|
|
|
|
|
|
|
|
|
| |
Sets the appropriate config field if openshift_node_port_range is set
and also configures filewalls on each node. firewalld already supports
port ranges like "30000-32000", while iptables needs that value
converted to the correct "30000:32000" form for use with `--dport`.
If not set, no node ports are opened.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Problem was caused by facts not being set for that master. To fix this
patch cleans up the calculation of metricsPublicURL in general. Because
this value is used in openshift_master to template into the master
config file, we now define these facts more clearly in
openshift_master_facts, and add a dependency on this to
openshift_metrics.
The calculation of default sub-domain is also changed to remove it from
system facts (as neither of these are facts about the system) and
instead use plain variables.
|
|
|
|
|
|
|
|
| |
Move the values in kube_admission_plugin_config up one level per
the new format from 1.3:
"The kubernetesMasterConfig.admissionConfig.pluginConfig should be moved
and merged into admissionConfig.pluginConfig."
|
|\
| |
| | |
Prevent useless master restart by reworking template for master service enf file
|
| | |
|
|\ \
| | |
| | | |
Support 3rd party scheduler
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The roles/openshift_facts main task did not pass the cni plugin variable to the later role playbooks.
The master.yaml and node.yaml templates did not allow for a cni configuration without either installing openshift sdn or nuage.
This change will allow to use os_sdn_network_plugin_name=cni and set openshift_use_openshift_sdn=false for deployments that use a cni plugin that doesn't need and want openshift sdn to be installed
|
| |/
|/|
| |
| |
| |
| |
| | |
Recently applied this fix for controllers due to the systemd-journald
restart issue, it sounds as is this one is also sometimes affected.
Containerized already uses this, so we will apply the same restart
strategy here.
|
|/
|
|
|
|
|
|
|
|
| |
Restarts of systemd-journald can cause the master controllers service to
die in HA environments, due to a SIGPIPE and how it's handled.
(seemingly by default in golang)
on-failure does not trigger in this situation, instead we set to
Restart=always in the systemd unit, which matches the non-HA service
definitions as well.
|
| |
|
|
|
|
| |
Signed-off-by: Mathias Merscher <Mathias.Merscher@dg-i.net>
|
|
|
|
| |
Signed-off-by: Mathias Merscher <Mathias.Merscher@dg-i.net>
|
| |
|
|\
| |
| | |
enable service-serving-cert-signer by default
|
| | |
|
|\ \
| |/
|/| |
Add externalIPNetworkCIDRs to config
|
| |
| |
| |
| |
| | |
Allow networkConfig.externalIPNetworkCIDRs to be set along with a
default to emulate the old 3.1 behavior.
|