| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
with sdn configuration
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Add support to bin/cluster for specifying etcd hosts
- defaults to 0, if no etcd hosts are selected, then configures embedded
etcd
- Updates for the byo inventory file for etcd and master as node by default
- Consolidation of cluster logic more centrally into common playbook
- Added etcd config support to playbooks
- Restructured byo playbooks to leverage the common openshift-cluster playbook
- Added support to common master playbook to generate and apply external etcd
client certs from the etcd ca
- start of refactor for better handling of master certs in a multi-master
environment.
- added the openshift_master_ca and openshift_master_certificates roles to
manage master certs instead of generating them in the openshift_master
role
- added etcd host groups to the cluster update playbooks
- aded better handling of host groups when they are either not present or are
empty.
- Update AWS readme
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- fix firewall conflict issues with co-located etcd and openshift hosts
- added os_firewall dependency to etcd role
- updated etcd template to better handle clustered and non-clustered installs
- added etcd_ca role
- generates a self-signed cert to manage etcd certificates, since etcd peer
certificates are required to be client and server certs and the openshift
ca will only generate client or server certs (not one authorized for
both).
- renamed openshift_etcd_certs role to etcd_certificates and updated it to
manage certificates generated from the CA managed by the etcd_ca role
- remove hard coded etcd_port in openshift_facts
- updates for the openshift-etcd common playbook
- removed etcd and openshift-etcd playbooks from the byo playbooks directory
- added a common playbook for setting etcd launch facts
- added an openshift-etcd common service playbook
- removed unused variables
- fixed tests for embedded_{etcd,dns,kube} in openshift_master
- removed old workaround for reloading systemd units
|
| |
|
|
|
|
| |
checking schedulable state
|
|
|
|
|
|
|
|
|
|
|
| |
For idempotency it first checks the output of 'oc get node <hostname>' to see
if any action needs to be taken. The trick was waiting to make sure that the
node autoregistration had actually happened.
If you set openshift_scheduleable=False in the inventory then the node will be
marked as unscheduleable. Likewise setting it to True undoes the change.
Having openshift_scheduleable undefined is the same as True since that is the
default state of a Node.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove openshift-deployer.kubeconfig from master template
Sync config template
Update enterprise image names
Switch to node auto registration
Add deployer to list of serviceAccountConfig.managedNames
Move package installation before registering facts
change default kubeconfig location
Change system:openshift-client to system:openshift-master
Rename node cert/key/kubeconfig per openshift/origin#3160
Update references to /var/lib/openshift/openshift.local.certificates
|
| |
|
|
|
|
| |
* TODO: update to secure when 'add volume' feature available in origin
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Templatize node config
- Templatize master config
- Integrated sdn changes
- Updates for openshift_facts
- Added support for node, master and sdn related changes
- registry_url
- added identity provider facts
- Removed openshift_sdn_* roles
- Install httpd-tools if configuring htpasswd auth
- Remove references to external_id
- Setting external_id interferes with nodes associating with the generated
node object when pre-registering nodes.
- osc/oc and osadm/oadm binary detection in openshift_facts
Misc Changes:
- make non-errata puddle default for byo example
- comment out master in list of nodes in inventory/byo/hosts
- remove non-error errors from fluentd_* roles
- Use admin kubeconfig instead of openshift-client
|
|
|
|
|
|
|
|
|
|
| |
- Master config and certificates are now in /etc/openshift/master
- Node config is now in /etc/openshift/node
- Several certificates have been renamed to accomodate a flattening of
structure to accomodate secret storage
- Add openshift_data_dir to ensure etcd and volumes are stored in
/var/lib/openshift
- Add openshift_generated_configs_dir
|
| |
|
| |
|
|
|
|
| |
* rename option_images to _{oreg|ortr}_images
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Configuration updates for latest builds
- Switch to using create-node-config
- Switch sdn services to use etcd over SSL
- This re-uses the client certificate deployed on each node
- Additional node registration changes
- Do not assume that metadata service is available in openshift_facts module
- Call systemctl daemon-reload after installing openshift-master, openshift-sdn-master, openshift-node, openshift-sdn-node
- Fix bug overriding openshift_hostname and openshift_public_hostname in byo playbooks
- Start moving generated configs to /etc/openshift
- Some custom module cleanup
- Add known issue with ansible-1.9 to README_OSE.md
- Update to genericize the kubernetes_register_node module
- Default to use kubectl for commands
- Allow for overriding kubectl_cmd
- In openshift_register_node role, override kubectl_cmd to openshift_kube
- Set default openshift_registry_url for enterprise when deployment_type is enterprise
- Fix openshift_register_node for client config change
- Ensure that master certs directory is created
- Add roles and filter_plugin symlinks to playbooks/common/openshift-master and node
- Allow non-root user with sudo nopasswd access
- Updates for README_OSE.md
- Update byo inventory for adding additional comments
- Updates for node cert/config sync to work with non-root user using sudo
- Move node config/certs to /etc/openshift/node
- Don't use path for mktemp. addresses: https://github.com/openshift/openshift-ansible/issues/154
Create common playbooks
- create common/openshift-master/config.yml
- create common/openshift-node/config.yml
- update playbooks to use new common playbooks
- update launch playbooks to call update playbooks
- fix openshift_registry and openshift_node_ip usage
Set default deployment type to origin
- openshift_repo updates for enabling origin deployments
- also separate repo and gpgkey file structure
- remove kubernetes repo since it isn't currently needed
- full deployment type support for bin/cluster
- honor OS_DEPLOYMENT_TYPE env variable
- add --deployment-type option, which will override OS_DEPLOYMENT_TYPE if set
- if neither OS_DEPLOYMENT_TYPE or --deployment-type is set, defaults to
origin installs
Additional changes:
- Add separate config action to bin/cluster that runs ansible config but does
not update packages
- Some more duplication reduction in cluster playbooks.
- Rename task files in playbooks dirs to have tasks in their name for clarity.
- update aws/gce scripts to use a directory for inventory (otherwise when
there are no hosts returned from dynamic inventory there is an error)
libvirt refactor and update
- add libvirt dynamic inventory
- updates to use dynamic inventory for libvirt
|
|
|
|
|
|
|
|
| |
- added byo playbooks
- added byo (example) inventory
- added a README_OSE.md for getting started with Enterprise deployments
- Added an ansible.cfg as an example for configuration helpful for
playbooks/roles
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Add openshift_facts role and module
- Created new role openshift_facts that contains an openshift_facts module
- Refactor openshift_* roles to use openshift_facts instead of relying on
defaults
- Refactor playbooks to use openshift_facts
- Cleanup inventory group_vars
- Update defaults
- update openshift_master role firewall defaults
- remove etcd peer port, since we will not be supporting clustered embedded
etcd
- remove 8444 since console now runs on the api port by default
- add 8444 and 7001 to disabled services to ensure removal if updating
- Add new role os_env_extras_node that is a subset of the docker role
- previously, we were starting/enabling docker which was causing issues with some
installations
- Does not install or start docker, since the openshift-node role will
handle that for us
- Only adds root to the dockerroot group
- Update playbooks to use ops_env_extras_node role instead of docker role
- os_firewall bug fixes
- ignore ip6tables for now, since we are not configuring any ipv6 rules
- if installing package do a daemon-reload before starting/enabling service
- Add aws support to bin/cluster
- Add list action to bin/cluster
- Add update action to bin/cluster
- cleanup some stray debug statements
- some variable renaming for clarity
|
|
|
|
| |
on inventory/playbook variables for openshift_hostname
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Remove default value for openshift_hostname and make it required
- Remove workarounds that are no longer needed
- Remove resources parameter from openshift_register_node module
- pre-create node certificates for each node before registering node
- distribute created node certificates to each node
- Move node registration logic to a new openshift_register_nodes role
- This is because we now have to run the steps on a master as opposed to on
the nodes like we were previously doing.
- Rename openshift_register_node module to kubernetes_register_node, one more
step to genericizing enough for upstreaming, however there are still plenty
of openshift specific commands that still need to be genericized.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Set --hostname flag in node config in openshift_node role
- Support some additional node attributes in openshift_node role
- podCIDR
- labels
- annotations
- Support both output types for openshift ex config view in
openshift_register_node module
- Support multiple api versions in openshift_register_node module
- Support additional attributes in openshift_register_node module
- annotations
- labels
- pod_cidr
- external_ips (v1beta3, will be available after next kube rebase)
- internal_ips (v1beta3, will be available after next kube rebase)
- hostnames (v1beta3, will be available after next kube rebase)
- external_id (v1beta3, will be available after next kube rebase)
|
|
|
|
| |
following latest kubernetes rebase
|
|
|
|
|
|
|
|
|
|
| |
- add variable openshift_node_resources to openshift_node role
- set default value for openshift_node_resources to
{ capacity: { cpu: ,memory: }}
- If cpu is not set, then the default value will be chosen by the
openshift_register_node module (num logical cpus)
- If memory is not set, then the default value will be chosen by the
openshift_register_node module (75% MemTotal according to /proc/meminfo)
|
|\
| |
| | |
Random cleanup
|
| | |
|
| | |
|
| |
| |
| |
| | |
- missing leading 0 on mode
|
| |
| |
| |
| |
| | |
- Fix missed references to old firewall scripts
- Fix variable name references that didn't get updated
|
|\ \
| | |
| | | |
openshift_register_node module fixes
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- Set parameters resources and cpu/memory as mutually exclusive
- Add parameters for setting the client_user, client_context and client_cluster
- This allows the module to ensure it is using the proper context for operation
- Node resources weren't properly being registered
- wrapped node definition object in a config object to rectify
- Reduce default to 75% Total Memory instead of 80%
- Don't bother running osc create node if node is already in osc get nodes
output
|
|/
|
|
|
|
|
| |
- instead of setting KUBECONFIG, copy the admin kubeconfig to
/root/.kube/.kubeconfig in the openshift_master and openshift_node roles
- pause for 30 seconds if the openshift-master service has changed state,
since the file we are copying is generated by the master
|
| |
|
|\
| |
| | |
Prefer YAML style datastructures over JSON
|
| |
| |
| |
| | |
- Switch JSON style datastructures to YAML for debuggability
|
|/
|
|
|
| |
- add openshift_register_node module to openshift_node role
- verifies that node isn't already registered before attempting to register it
|
| |
|
| |
|
|\
| |
| | |
Disable master,node services when externally managed
|
| | |
|
|/
|
|
|
|
|
|
| |
- Fix failed attempt to cleanup service notify on creds changes
- Fix master URL for node to use https
- Set openshift_debug_level in vars.yml for playbooks
- This puts us closer to the original debug settings, where after the
openshift-common changes the debug settings were defaulting back to 0
|
|
|
|
|
|
|
|
|
|
|
| |
- move common openshift logic into openshift_common
- set openshift_common as a dependency for openshift_node and openshift_master
- rename role variables to openshift_* to be more descriptive
- start recording local_facts on the openshift hosts
- clean up firewalld config to be a bit more dry
- Update firewall ports for https, make sure http rules are removed
- Replace references to ansible_eth0.ipv4.address with
ansible_default_ipv4.address
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
* Use mktemp for scratch directory
|
| |
|
|
- Update playbooks to support latest code
|