| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Currently, the node service is started before
aws credentials (if needed) are configured.
This commit ensures the aws credentials are placed
before the node service is started.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1497150
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, openshift-ansible supported various
types of deployments using the variable "openshift_deployment_type"
Currently, openshift-ansible only supports two deployment types,
"origin" and "openshift-enterprise".
This commit removes all logic and references to deprecated
deployment types.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, registry authentication credentials are not
produced until after docker systemd service files are
created.
This commit ensures the credentials are
created before the systemd service files to ensure
the proper boolean is set to include the read-only
mount of credentials inside containerized nodes and
masters.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Automatic merge from submit-queue
Move sysctl.conf customizations to a separate file
Move them from /etc/sysctl.conf to /etc/sysctl.d/99-openshift.conf
This is a good idea becuase:
1- /etc/sysctl.conf is evaluated later, so it can easily be overwritten by previous customizations
2- It's likely that there is an agent like puppet monitoring this file
3- It's easier to know what's being changed by OpenShift
|
| |
| |
| |
| | |
Move them from /etc/sysctl.conf to /etc/sysctl.d/99-openshift.conf
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently, openshift-anisble supports authentication to
container registries to pull down openshift container images.
The openshift_verison role uses the docker cli to gather
image information from container registries before authentication
credentials are provided by openshift-ansible.
This commit creates the necessary token to authenticate to
private registries during openshift_version. The token
is generated by the role 'docker' on all hosts where
docker is installed/configured when oreg_auth_users
is defined.
This commit also adds a read-only mount into the
openshift master and node container services. This
mount is '/var/lib/origin/.docker:/root/.docker:ro'.
This is because the container images do not currently
read the values in '/var/lib/origin/.docker' as this
may be a bug upstream.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Most of this role's purpose was to set facts. The vast majority
of these facts were simply redefining user-supplied variables.
This commit also removes various artifacts leftover from
previous versions, as well as variables that seem to be
entirely unused.
|
|\ \
| | |
| | | |
Merged by openshift-bot
|
| | | |
|
|\ \ \
| | | |
| | | | |
Add independent registry auth support
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Added the ability to support authentication for independent / 3rd party
registries. This commit will allow users to provide a `oreg_auth_user` and
`oreg_auth_password` to dynmically generate a docker config.json file.
The docker config.json file can be used by openshift to authenticate to
independent / 3rd party registries. `oreg_host` must supply endpoint connection
info in the form of 'hostname.com:port', with (optional) port 443 default.
To update the config.json on a later run, the user can specify
`oreg_auth_credentials_replace=False` to update the credentials.
These settings must be used in tandem with `oreg_url`
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
|
|\ \ \
| |/ /
|/| | |
crio: rename openshift_docker_use_crio to openshift_use_crio
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It is confusing to have _docker_ in the name, since they are two
different backends.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/ / |
|
| | |
|
| | |
|
| |
| |
| |
| |
| | |
cri-o currently requires SELinux to be off. This change disables the
SELinux check in the openshift_node role when cri-o is in use.
|
| | |
|
|\ \
| | |
| | | |
Sync all openshift.common.use_openshift_sdn uses in yaml files
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Most occurrences are in a form:
```yaml
openshift.common.use_openshift_sdn | default(true) | bool
```
Let's make all occurences this way given the use_openshift_sdn is set to true anyway.
See https://github.com/openshift/openshift-ansible/blob/0c350dcc7d06d62be5ba3a8e468dff85cdd96dd7/roles/openshift_facts/library/openshift_facts.py#L2035
|
|/ /
| |
| |
| | |
Also, add log dumping to master service startup too
|
| | |
|
| |
| |
| |
| |
| | |
At least in my smoke testing of a containerized install i had to
manually reload systemd
|
|/ |
|
|
|
|
|
|
|
| |
Fixes "Could not find the requested service atomic-openshift-master:
cannot enable" error during reinstall.
https://bugzilla.redhat.com/show_bug.cgi?id=1451693
|
|\
| |
| | |
Merged by openshift-bot
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This commit allows to specify imageConfig.format specifically for master
or for nodes.
One use case of this could be if you want to use customer builder
images. In this case imageConfig.format only needs to be changed in the
master-config.yml but not in the node-config.yml.
|
|/ |
|
| |
|
| |
|
|
|
|
|
|
| |
* Lines are commented out vice being removed
* Comment is added indicating why the change happened
* Variable openshift_disable_swap added to allow user control
|
| |
|
|
|
|
| |
https://github.com/openshift/openshift-ansible/pull/2707)
|
|\
| |
| | |
node: ensure conntrack-tools is installed
|
| |
| |
| |
| |
| |
| | |
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1420182
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use use_system_containers=true in the inventory file
alternatively you can select each component as:
use_openvswitch_system_container=true
use_node_system_container=true
use_master_system_container=true
system_images_registry holds the registry from where to fetch system
containers.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\
| |
| | |
Pre-pull master/node/ovs images during upgrade.
|
| |
| |
| |
| |
| |
| |
| |
| | |
We did this for install but not upgrade, leading to situations where the
service restarts after upgrade could take much longer than expected as
docker pulls down the new image. Now the images are present when we
restart services and should allow them to come back online much more
quickly, equivalent to rpm service restarts.
|
|/ |
|
|
|
|
|
|
| |
* Ansible systemd module used in place of service module
* Refactored command tasks which are no longer necessary
* Applying rules from openshift-ansible Best Practices Guide
|
|\
| |
| | |
Refactor to use Ansible package module
|
| |
| |
| |
| |
| | |
The Ansible package module will call the correct package manager for the
underlying OS.
|
|/
|
|
|
|
| |
Fedora Atomic Host does not have tuned installed.
Fixes #2809
|
|\
| |
| | |
Support 3rd party scheduler
|
| | |
|
| | |
|
|/
|
|
| |
* Node labels are parsed from openshift_node_labels if they exist
|