| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
| |
Adds service file templates for both maste and node. These will lay down
in /etc/system/systemd to override what may already be present from a
package. These instances take into account the name of the container
daemon (docker or container-engine).
|
|
|
|
|
|
|
| |
- If using a system container: container-engine
- If using a package install: docker
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1448800
|
|
|
|
|
|
|
| |
Using lineinfile and with_items, the items end up logged and in this
case include AWS credentials.
Simple us of no_log to hide them.
|
| |
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|\
| |
| | |
Merged by openshift-bot
|
| |
| |
| |
| |
| | |
Add parameters to allow overriding minTLSVersion and
cipherSuites in master and node servingInfo config stanzas.
|
| |
| |
| |
| | |
https://github.com/openshift/openshift-ansible/pull/2707)
|
|/
|
|
|
|
|
|
|
| |
d113f03 moved role dependencies out of playbooks. However, this ended up
causing the masters to not be configured before the nuage steps required
configured masters. This change moves the nuage specific change in
d113f03 back to the config.
Resolves #3583
|
|\
| |
| | |
Pull request for Contiv Ansible code integration into Openshift Ansible
|
| |
| |
| |
| | |
into Openshift Ansible. This is the first (beta) release of Contiv with Openshift and is only supported for Openshift Origin + Bare metal deployments at the time of this commit. Please refer to the Openshift and Contiv official documentation for details of the level of support for different features and modes of operation.
|
|/
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\
| |
| | |
System containers
|
| |
| |
| |
| |
| |
| |
| |
| | |
Upstream version has "atomic containers update ..." but the RHEL
version is still using "atomic update --container" so stick with this
for now.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Use use_system_containers=true in the inventory file
alternatively you can select each component as:
use_openvswitch_system_container=true
use_node_system_container=true
use_master_system_container=true
system_images_registry holds the registry from where to fetch system
containers.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/ |
|
| |
|
|\
| |
| | |
Set metrics url even if metrics_deploy is false
|
| | |
|
|/
|
|
| |
string everywhere it is used.
|
|\
| |
| | |
add configuration for build default+overrides settings
|
| | |
|
|/
|
|
|
|
|
|
|
| |
Sets the appropriate config field if openshift_node_port_range is set
and also configures filewalls on each node. firewalld already supports
port ranges like "30000-32000", while iptables needs that value
converted to the correct "30000:32000" form for use with `--dport`.
If not set, no node ports are opened.
|
|
|
|
| |
and openshift_hosted.
|
|
|
|
|
| |
* Added checks to make ci for yaml linting
* Modified y(a)ml files to pass lint checks
|
|\
| |
| | |
Fix metricsPublicURL only being set correctly on first master.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Problem was caused by facts not being set for that master. To fix this
patch cleans up the calculation of metricsPublicURL in general. Because
this value is used in openshift_master to template into the master
config file, we now define these facts more clearly in
openshift_master_facts, and add a dependency on this to
openshift_metrics.
The calculation of default sub-domain is also changed to remove it from
system facts (as neither of these are facts about the system) and
instead use plain variables.
|
| |
| |
| |
| |
| |
| |
| |
| | |
We did this for install but not upgrade, leading to situations where the
service restarts after upgrade could take much longer than expected as
docker pulls down the new image. Now the images are present when we
restart services and should allow them to come back online much more
quickly, equivalent to rpm service restarts.
|
|/
|
|
|
|
| |
- Introduce additional variables for current scheduler config and default
values to better determine if the values we are getting are user-defined,
coming from config or are the default values.
|
| |
|
|
|
|
|
|
| |
* Ansible systemd module used in place of service module
* Refactored command tasks which are no longer necessary
* Applying rules from openshift-ansible Best Practices Guide
|
|\
| |
| | |
Merge admission plugin configs
|
| |
| |
| |
| |
| |
| |
| |
| | |
Move the values in kube_admission_plugin_config up one level per
the new format from 1.3:
"The kubernetesMasterConfig.admissionConfig.pluginConfig should be moved
and merged into admissionConfig.pluginConfig."
|
|/
|
|
|
| |
The Ansible package module will call the correct package manager for the
underlying OS.
|
|\
| |
| | |
Prevent useless master restart by reworking template for master service enf file
|
| | |
|
|\ \
| | |
| | | |
Support 3rd party scheduler
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The roles/openshift_facts main task did not pass the cni plugin variable to the later role playbooks.
The master.yaml and node.yaml templates did not allow for a cni configuration without either installing openshift sdn or nuage.
This change will allow to use os_sdn_network_plugin_name=cni and set openshift_use_openshift_sdn=false for deployments that use a cni plugin that doesn't need and want openshift sdn to be installed
|
|\ \ \
| | | |
| | | | |
Restart API service always as well.
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
Recently applied this fix for controllers due to the systemd-journald
restart issue, it sounds as is this one is also sometimes affected.
Containerized already uses this, so we will apply the same restart
strategy here.
|
|/ /
| |
| |
| |
| |
| |
| | |
curl, prior to RHEL 7.2, did not properly negotiate up the TLS protocol, so
force it to use tlsv1.2
Fixes bug 1390869
|
|/
|
|
|
|
|
|
|
|
| |
Restarts of systemd-journald can cause the master controllers service to
die in HA environments, due to a SIGPIPE and how it's handled.
(seemingly by default in golang)
on-failure does not trigger in this situation, instead we set to
Restart=always in the systemd unit, which matches the non-HA service
definitions as well.
|
|
|
|
|
|
|
|
| |
Found bug syncing binaries to containerized hosts where if a symlink was
pre-existing, but pointing to the wrong destination, it would not be
corrected.
Switched to using oc adm instead of oadm.
|
|\
| |
| |
| | |
variable_with_no_default_2576
|