| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| | |
Remove is_openvswitch_system_container from facts
|
| |
| |
| |
| | |
Simply logic for this variable.
|
|/ |
|
|
|
|
| |
Simplify the logic for this variable.
|
|
|
|
| |
Fix logic, make it simpler.
|
|
|
|
|
|
|
|
|
| |
Currently, having openshift_node and openshift_node_upgrade
as two distinct roles has created a duplication across
handlers, templates, and some tasks.
This commit combines the roles to reduce duplication
and bugs encountered by not putting code in both places.
|
|\
| |
| |
| |
| |
| |
| | |
Automatic merge from submit-queue.
Ensure node service is started.
When bootstrapping nodes we need to restart networkmanager so that the /etc/resolv.conf is properly populated. We also restart the node service after making changes to the unit files.
|
| | |
|
|\ \
| |/
|/| |
Removed old version code
|
| |
| |
| |
| |
| |
| | |
This commit removes any references to versions < 1.5/3.5
We assume the version is always greater than or equal to 1.5/3.5.
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
mgugino-upstream-stage/syscontainers-docker-login-module
Automatic merge from submit-queue.
Alternative method to create docker registry auth creds
Currently, the command 'docker login' is run when using
oreg with authentication.
On some hosts, such as hosts configured to use system containers,
the docker service is not running. 'docker login' will fail
without the docker service running.
This commit adds a module to idempotently add credentials
to the registry credentials file without the use of
'docker login'
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1511374
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently, the command 'docker login' is run when using
oreg with authentication.
On some hosts, such as hosts configured to use system containers,
the docker service is not running. 'docker login' will fail
without the docker service running.
This commit adds a module to idempotently add credentials
to the registry credentials file without the use of
'docker login'
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1511374
|
|/ |
|
| |
|
| |
|
|\
| |
| |
| |
| |
| |
| |
| |
| | |
Automatic merge from submit-queue.
GCP cannot use growpart utils from AWS due to conflicting package
Allow cloud provider specific packages to be specified. Also, fix a wait condition in openshift_gcp to allow masters to be bootstrapped nodes.
@kwoodson
|
| |
| |
| |
| | |
Make the required package optional
|
|/
|
|
|
|
| |
This commit enables retry on docker login commands.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1506931
|
| |
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Automatic merge from submit-queue.
Always ensure atomic.conf is configured for system containers.
A new openshift_atomic role has been created for atomic specific tasks.
The first task added is proxy which handles updating /etc/atomic.conf to
ensure the proper proxy configuration is configured. This task file is
then included (via include_role) in system container related task files.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1503903
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
A new openshift_atomic role has been created for atomic specific tasks.
The first task added is proxy which handles updating /etc/atomic.conf to
ensure the proper proxy configuration is configured. This task file is
then included (via include_role) in system container related task files.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1503903
Signed-off-by: Steve Milner <smilner@redhat.com>
|
|/
|
|
|
|
|
|
| |
This commit enables deploying Kuryr networking on top of OpenShift in
containers. kuryr-controller is a Deployment and kuryr-cni is deployed
as DaemonSet (container will drop all CNI configuration files).
Co-Authored-By: Antoni Segura Puimedon <celebdor@gmail.com>
|
| |
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Automatic merge from submit-queue.
Add ability to set node and master imageConfig to latest
Currently, imageConfig.latest is hard-coded to false.
This commit adds an appropriate boolean to enable
setting to true.
Fixes: https://github.com/openshift/openshift-ansible/issues/1422
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently, imageConfig.latest is hard-coded to false.
This commit adds an appropriate boolean to enable
setting to true.
Fixes: https://github.com/openshift/openshift-ansible/issues/1422
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, non-containerized nodes have systemd
service unit files created after registry auth
credentials are created. Containerized nodes
place service unit files prior to creation of
these credentials.
This commit ensures systemd service units
are created at the correct time for both
containerized and non-containerized nodes.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1500642
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, debug_level is documented as a way to change
the debug output level for both masters and nodes.
debug_level does not currently have any effect.
This commit removes debug_level from openshift_facts
and properly sets openshift_master_debug_level and
openshift_node_debug_level to the value of debug_level
specified in the inventory.
This commit also reorganizes some set_fact tasks
needed during master upgrades to put all work-around
set-facts for undefined variables in one place, allowing
for easier cleanup in the future. This includes an
entry for openshift_master_debug_level.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1500164
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, profiles for the tuned daemon are set only for
OpenShift node(s). This excludes the OpenShift loadbalancer.
As a result, ARP cache limits on loadbalancers are not raised.
This causes problems with HA setups where loadbalancers serve
1k+ OpenShift nodes.
This commit ensures the openshift-control-plane role is applied
to loadbalancers, masters and OpenShift infra nodes. Regular
OpenShift worker nodes get the openshift-node profile.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1498213
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 7f805f9a0c41477365dd88b0ac73f0d221bd654a causes the behavior seen in
https://bugzilla.redhat.com/show_bug.cgi?id=1453113 because openshift-node
is no longer restarted when openvswitch is, due to the change from Requires
to Wants.
Turns out that making the openshift node service PartOf the OVS service
can achieve the same result and ensure openshift-node gets restarted whenever
OVS does, which ensures that networking doesn't break underneath the node.
Suggested by Giuseppe Scrivano
|
|
|
|
|
|
|
|
|
|
| |
Currently, the node service is started before
aws credentials (if needed) are configured.
This commit ensures the aws credentials are placed
before the node service is started.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1497150
|
| |
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Automatic merge from submit-queue.
openshift_node: Set DOCKER_SERVICE for system container
The node system container was being installed with the ```DOCKER_SERVICE```
holding to it's ```manifest.json``` default of docker.service. This chage
adds the ```DOCKER_SERVICE``` parameter on node system container install
so that it uses the same value from the installer stored in
```openshift.docker.service_name```.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1496707
|
| |
| |
| |
| |
| |
| | |
Setting the MASTER_SERVICE to openshift.common.service_type.
Signed-off-by: Steve Milner <smilner@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The node system container was being installed with the DOCKER_SERVICE
holding to it's manifest.json default of docker.service. This change
adds the DOCKER_SERVICE parameter on node system container install
so that it uses the same value from the installer stored in
openshift.docker.service_name.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1496707
Signed-off-by: Steve Milner <smilner@redhat.com>
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Automatic merge from submit-queue.
Changes necessary to support AMI building
Currently, AMI building does not work.
These changes implement the necessary steps to build
an AMI for usage as a 'golden node image'.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently, AMI building does not work.
These changes implement the necessary steps to build
an AMI for usage as a 'golden node image'.
|
| |/
|/|
| |
| |
| |
| |
| |
| | |
There is currently a bug in registry auth
credential creation logic for openshift_node
and openshift_node_upgrade
This commit fixes the logic.
|
|/ |
|
|\
| |
| |
| |
| | |
Automatic merge from submit-queue
Changes for Nuage atomic ansible install
|
| | |
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Automatic merge from submit-queue
Move additional/block/insecure registires to /etc/containers/...
Move additional/block/insecure registires to /etc/containers/registries.conf
This commit moves additional/block/insecure registries to
/etc/containers/registries.conf and comments existing lines in
/etc/sysconfig/docker.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1460930
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This commit moves additional/block/insecure registries to
/etc/containers/registries.conf and comments existing lines in
/etc/sysconfig/docker.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1460930
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently, the logic for registry authentication is
not implemented correctly to account for upgrades of
containerized hosts.
Additionally, the logic to account for multiple runs
of openshift-ansible might cause registry authentication
credentials to not be mounted inside of containerized hosts.
This commit adds the necessary logic to ensure containerized
hosts retain registry credentials.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1494470
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Automatic merge from submit-queue
Remove default value for oreg_url
Due to some plays importing variables from roles
directly, oreg_url was being set to a default
value when it otherwise shouldn't be.
This commit removes the default values for oreg_url
to ensure existing logic works as desired.
Fixes: https://github.com/openshift/openshift-ansible/issues/5455
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Due to some plays importing variables from roles
directly, oreg_url was being set to a default
value when it otherwise shouldn't be.
This commit removes the default values for oreg_url
to ensure existing logic works as desired.
Fixes: https://github.com/openshift/openshift-ansible/issues/5455
|
|\ \ \ \
| |_|/ /
|/| | |
| | | |
| | | | |
Automatic merge from submit-queue
node: specify the DNS domain
|
| |/ /
| | |
| | |
| | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, openshift-ansible supported various
types of deployments using the variable "openshift_deployment_type"
Currently, openshift-ansible only supports two deployment types,
"origin" and "openshift-enterprise".
This commit removes all logic and references to deprecated
deployment types.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently, registry authentication credentials are not
produced until after docker systemd service files are
created.
This commit ensures the credentials are
created before the systemd service files to ensure
the proper boolean is set to include the read-only
mount of credentials inside containerized nodes and
masters.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Automatic merge from submit-queue
Move sysctl.conf customizations to a separate file
Move them from /etc/sysctl.conf to /etc/sysctl.d/99-openshift.conf
This is a good idea becuase:
1- /etc/sysctl.conf is evaluated later, so it can easily be overwritten by previous customizations
2- It's likely that there is an agent like puppet monitoring this file
3- It's easier to know what's being changed by OpenShift
|