summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/docker/vars/main.yml1
-rw-r--r--roles/openshift_docker_facts/vars/main.yml2
-rw-r--r--roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-centos7.json130
-rw-r--r--roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-rhel7.json146
-rw-r--r--roles/openshift_node/tasks/storage_plugins/nfs.yml7
-rwxr-xr-xroles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh7
-rw-r--r--roles/openshift_node_dnsmasq/handlers/main.yml7
-rw-r--r--roles/openshift_node_dnsmasq/tasks/main.yml11
-rwxr-xr-xroles/os_firewall/library/os_firewall_manage_iptables.py10
-rw-r--r--roles/rhel_subscribe/tasks/enterprise.yml2
10 files changed, 264 insertions, 59 deletions
diff --git a/roles/docker/vars/main.yml b/roles/docker/vars/main.yml
index 606cdb9b9..f81f99e2b 100644
--- a/roles/docker/vars/main.yml
+++ b/roles/docker/vars/main.yml
@@ -1,3 +1,2 @@
---
-repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery' }}"
udevw_udevd_dir: /etc/systemd/system/systemd-udevd.service.d
diff --git a/roles/openshift_docker_facts/vars/main.yml b/roles/openshift_docker_facts/vars/main.yml
index f7ad1b329..55c04b0c1 100644
--- a/roles/openshift_docker_facts/vars/main.yml
+++ b/roles/openshift_docker_facts/vars/main.yml
@@ -1,2 +1,2 @@
---
-repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery' }}"
+repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery --plugins' }}"
diff --git a/roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-centos7.json
index 719aee772..d971e5e7a 100644
--- a/roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-centos7.json
+++ b/roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-centos7.json
@@ -7,8 +7,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "ruby",
- "creationTimestamp": null
+ "name": "ruby"
},
"spec": {
"tags": [
@@ -23,7 +22,7 @@
},
"from": {
"kind": "ImageStreamTag",
- "name": "2.2"
+ "name": "2.3"
}
},
{
@@ -55,6 +54,21 @@
"kind": "DockerImage",
"name": "centos/ruby-22-centos7:latest"
}
+ },
+ {
+ "name": "2.3",
+ "annotations": {
+ "description": "Build and run Ruby 2.3 applications",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby:2.3,ruby",
+ "version": "2.3",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/ruby-23-centos7:latest"
+ }
}
]
}
@@ -63,8 +77,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "nodejs",
- "creationTimestamp": null
+ "name": "nodejs"
},
"spec": {
"tags": [
@@ -104,8 +117,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "perl",
- "creationTimestamp": null
+ "name": "perl"
},
"spec": {
"tags": [
@@ -161,8 +173,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "php",
- "creationTimestamp": null
+ "name": "php"
},
"spec": {
"tags": [
@@ -217,8 +228,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "python",
- "creationTimestamp": null
+ "name": "python"
},
"spec": {
"tags": [
@@ -233,7 +243,7 @@
},
"from": {
"kind": "ImageStreamTag",
- "name": "3.4"
+ "name": "3.5"
}
},
{
@@ -280,6 +290,21 @@
"kind": "DockerImage",
"name": "centos/python-34-centos7:latest"
}
+ },
+ {
+ "name": "3.5",
+ "annotations": {
+ "description": "Build and run Python 3.5 applications",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python:3.5,python",
+ "version": "3.5",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/python-35-centos7:latest"
+ }
}
]
}
@@ -288,8 +313,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "wildfly",
- "creationTimestamp": null
+ "name": "wildfly"
},
"spec": {
"tags": [
@@ -359,8 +383,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "mysql",
- "creationTimestamp": null
+ "name": "mysql"
},
"spec": {
"tags": [
@@ -409,8 +432,43 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "postgresql",
- "creationTimestamp": null
+ "name": "mariadb"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "description": "Provides a MariaDB database",
+ "iconClass": "icon-mariadb",
+ "tags": "mariadb"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "10.1"
+ }
+ },
+ {
+ "name": "10.1",
+ "annotations": {
+ "description": "Provides a MariaDB v10.1 database",
+ "iconClass": "icon-mariadb",
+ "tags": "mariadb",
+ "version": "10.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/mariadb-101-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "postgresql"
},
"spec": {
"tags": [
@@ -423,7 +481,7 @@
},
"from": {
"kind": "ImageStreamTag",
- "name": "9.4"
+ "name": "9.5"
}
},
{
@@ -451,6 +509,19 @@
"kind": "DockerImage",
"name": "centos/postgresql-94-centos7:latest"
}
+ },
+ {
+ "name": "9.5",
+ "annotations": {
+ "description": "Provides a PostgreSQL v9.5 database",
+ "iconClass": "icon-postgresql",
+ "tags": "postgresql",
+ "version": "9.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/postgresql-95-centos7:latest"
+ }
}
]
}
@@ -459,8 +530,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "mongodb",
- "creationTimestamp": null
+ "name": "mongodb"
},
"spec": {
"tags": [
@@ -473,7 +543,7 @@
},
"from": {
"kind": "ImageStreamTag",
- "name": "2.6"
+ "name": "3.2"
}
},
{
@@ -501,6 +571,19 @@
"kind": "DockerImage",
"name": "centos/mongodb-26-centos7:latest"
}
+ },
+ {
+ "name": "3.2",
+ "annotations": {
+ "description": "Provides a MongoDB v3.2 database",
+ "iconClass": "icon-mongodb",
+ "tags": "mongodb",
+ "version": "3.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/mongodb-32-centos7:latest"
+ }
}
]
}
@@ -509,8 +592,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jenkins",
- "creationTimestamp": null
+ "name": "jenkins"
},
"spec": {
"tags": [
diff --git a/roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-rhel7.json
index 00635ec78..56c63263b 100644
--- a/roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-rhel7.json
+++ b/roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-rhel7.json
@@ -7,8 +7,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "ruby",
- "creationTimestamp": null
+ "name": "ruby"
},
"spec": {
"tags": [
@@ -18,12 +17,12 @@
"description": "Build and run Ruby applications",
"iconClass": "icon-ruby",
"tags": "builder,ruby",
- "supports": "ruby,ruby",
+ "supports": "ruby",
"sampleRepo": "https://github.com/openshift/ruby-ex.git"
},
"from": {
"kind": "ImageStreamTag",
- "name": "2.2"
+ "name": "2.3"
}
},
{
@@ -55,6 +54,21 @@
"kind": "DockerImage",
"name": "registry.access.redhat.com/rhscl/ruby-22-rhel7:latest"
}
+ },
+ {
+ "name": "2.3",
+ "annotations": {
+ "description": "Build and run Ruby 2.3 applications",
+ "iconClass": "icon-ruby",
+ "tags": "builder,ruby",
+ "supports": "ruby:2.3,ruby",
+ "version": "2.3",
+ "sampleRepo": "https://github.com/openshift/ruby-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/ruby-23-rhel7:latest"
+ }
}
]
}
@@ -63,8 +77,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "nodejs",
- "creationTimestamp": null
+ "name": "nodejs"
},
"spec": {
"tags": [
@@ -79,7 +92,7 @@
},
"from": {
"kind": "ImageStreamTag",
- "name": "0.10"
+ "name": "4"
}
},
{
@@ -96,6 +109,21 @@
"kind": "DockerImage",
"name": "registry.access.redhat.com/openshift3/nodejs-010-rhel7:latest"
}
+ },
+ {
+ "name": "4",
+ "annotations": {
+ "description": "Build and run NodeJS 4.x applications",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs:4,nodejs",
+ "version": "4",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/nodejs-4-rhel7:latest"
+ }
}
]
}
@@ -104,8 +132,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "perl",
- "creationTimestamp": null
+ "name": "perl"
},
"spec": {
"tags": [
@@ -161,8 +188,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "php",
- "creationTimestamp": null
+ "name": "php"
},
"spec": {
"tags": [
@@ -217,8 +243,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "python",
- "creationTimestamp": null
+ "name": "python"
},
"spec": {
"tags": [
@@ -233,7 +258,7 @@
},
"from": {
"kind": "ImageStreamTag",
- "name": "3.4"
+ "name": "3.5"
}
},
{
@@ -280,6 +305,21 @@
"kind": "DockerImage",
"name": "registry.access.redhat.com/rhscl/python-34-rhel7:latest"
}
+ },
+ {
+ "name": "3.5",
+ "annotations": {
+ "description": "Build and run Python 3.5 applications",
+ "iconClass": "icon-python",
+ "tags": "builder,python",
+ "supports":"python:3.5,python",
+ "version": "3.5",
+ "sampleRepo": "https://github.com/openshift/django-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/python-35-rhel7:latest"
+ }
}
]
}
@@ -288,8 +328,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "mysql",
- "creationTimestamp": null
+ "name": "mysql"
},
"spec": {
"tags": [
@@ -338,8 +377,43 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "postgresql",
- "creationTimestamp": null
+ "name": "mariadb"
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "description": "Provides a MariaDB database",
+ "iconClass": "icon-mariadb",
+ "tags": "mariadb"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "10.1"
+ }
+ },
+ {
+ "name": "10.1",
+ "annotations": {
+ "description": "Provides a MariaDB v10.1 database",
+ "iconClass": "icon-mariadb",
+ "tags": "mariadb",
+ "version": "10.1"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/mariadb-101-rhel7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "postgresql"
},
"spec": {
"tags": [
@@ -352,7 +426,7 @@
},
"from": {
"kind": "ImageStreamTag",
- "name": "9.4"
+ "name": "9.5"
}
},
{
@@ -380,6 +454,19 @@
"kind": "DockerImage",
"name": "registry.access.redhat.com/rhscl/postgresql-94-rhel7:latest"
}
+ },
+ {
+ "name": "9.5",
+ "annotations": {
+ "description": "Provides a PostgreSQL v9.5 database",
+ "iconClass": "icon-postgresql",
+ "tags": "postgresql",
+ "version": "9.5"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/postgresql-95-rhel7:latest"
+ }
}
]
}
@@ -388,8 +475,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "mongodb",
- "creationTimestamp": null
+ "name": "mongodb"
},
"spec": {
"tags": [
@@ -402,7 +488,7 @@
},
"from": {
"kind": "ImageStreamTag",
- "name": "2.6"
+ "name": "3.2"
}
},
{
@@ -430,6 +516,19 @@
"kind": "DockerImage",
"name": "registry.access.redhat.com/rhscl/mongodb-26-rhel7:latest"
}
+ },
+ {
+ "name": "3.2",
+ "annotations": {
+ "description": "Provides a MongoDB v3.2 database",
+ "iconClass": "icon-mongodb",
+ "tags": "mongodb",
+ "version": "3.2"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/mongodb-32-rhel7:latest"
+ }
}
]
}
@@ -438,8 +537,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jenkins",
- "creationTimestamp": null
+ "name": "jenkins"
},
"spec": {
"tags": [
diff --git a/roles/openshift_node/tasks/storage_plugins/nfs.yml b/roles/openshift_node/tasks/storage_plugins/nfs.yml
index 14a613786..8380714d4 100644
--- a/roles/openshift_node/tasks/storage_plugins/nfs.yml
+++ b/roles/openshift_node/tasks/storage_plugins/nfs.yml
@@ -9,3 +9,10 @@
state: yes
persistent: yes
when: ansible_selinux and ansible_selinux.status == "enabled"
+
+- name: Set seboolean to allow nfs storage plugin access from containers(sandbox)
+ seboolean:
+ name: virt_sandbox_use_nfs
+ state: yes
+ persistent: yes
+ when: ansible_selinux and ansible_selinux.status == "enabled"
diff --git a/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh b/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh
index 51a43d113..5a187710b 100755
--- a/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh
+++ b/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh
@@ -47,11 +47,14 @@ EOF
# zero out our upstream servers list and feed it into dnsmasq
echo -n > /etc/dnsmasq.d/origin-upstream-dns.conf
for ns in ${IP4_NAMESERVERS}; do
- echo "server=${ns}" >> /etc/dnsmasq.d/origin-upstream-dns.conf
+ if [[ ! -z $ns ]]; then
+ echo "server=${ns}" >> /etc/dnsmasq.d/origin-upstream-dns.conf
+ fi
done
systemctl restart dnsmasq
- sed -i 's/^nameserver.*$/nameserver '"${def_route_ip}"'/g' /etc/resolv.conf
+ sed -i '0,/^nameserver/ s/^nameserver.*$/nameserver '"${def_route_ip}"'/g' /etc/resolv.conf
+
if ! grep -q '99-origin-dns.sh' /etc/resolv.conf; then
echo "# nameserver updated by /etc/NetworkManager/dispatcher.d/99-origin-dns.sh" >> /etc/resolv.conf
fi
diff --git a/roles/openshift_node_dnsmasq/handlers/main.yml b/roles/openshift_node_dnsmasq/handlers/main.yml
index 7e9e4d299..7d43b6106 100644
--- a/roles/openshift_node_dnsmasq/handlers/main.yml
+++ b/roles/openshift_node_dnsmasq/handlers/main.yml
@@ -1,5 +1,10 @@
---
- name: restart NetworkManager
- service:
+ service:
name: NetworkManager
state: restarted
+
+- name: restart dnsmasq
+ service:
+ name: dnsmasq
+ state: restarted
diff --git a/roles/openshift_node_dnsmasq/tasks/main.yml b/roles/openshift_node_dnsmasq/tasks/main.yml
index 7147b78f5..bd9a0ffb6 100644
--- a/roles/openshift_node_dnsmasq/tasks/main.yml
+++ b/roles/openshift_node_dnsmasq/tasks/main.yml
@@ -17,6 +17,17 @@
template:
src: origin-dns.conf.j2
dest: /etc/dnsmasq.d/origin-dns.conf
+ notify: restart dnsmasq
+
+- name: Deploy additional dnsmasq.conf
+ template:
+ src: "{{ openshift_node_dnsmasq_additional_config_file }}"
+ dest: /etc/dnsmasq.d/openshift-ansible.conf
+ owner: root
+ group: root
+ mode: 0644
+ when: openshift_node_dnsmasq_additional_config_file is defined
+ notify: restart dnsmasq
# Dynamic NetworkManager based dispatcher
- include: ./network-manager.yml
diff --git a/roles/os_firewall/library/os_firewall_manage_iptables.py b/roles/os_firewall/library/os_firewall_manage_iptables.py
index 1cb539a8c..190016c14 100755
--- a/roles/os_firewall/library/os_firewall_manage_iptables.py
+++ b/roles/os_firewall/library/os_firewall_manage_iptables.py
@@ -37,14 +37,14 @@ class IpTablesSaveError(IpTablesError):
class IpTablesCreateChainError(IpTablesError):
- def __init__(self, chain, msg, cmd, exit_code, output): # pylint: disable=too-many-arguments, line-too-long
+ def __init__(self, chain, msg, cmd, exit_code, output): # pylint: disable=too-many-arguments, line-too-long, redefined-outer-name
super(IpTablesCreateChainError, self).__init__(msg, cmd, exit_code,
output)
self.chain = chain
class IpTablesCreateJumpRuleError(IpTablesError):
- def __init__(self, chain, msg, cmd, exit_code, output): # pylint: disable=too-many-arguments, line-too-long
+ def __init__(self, chain, msg, cmd, exit_code, output): # pylint: disable=too-many-arguments, line-too-long, redefined-outer-name
super(IpTablesCreateJumpRuleError, self).__init__(msg, cmd, exit_code,
output)
self.chain = chain
@@ -152,11 +152,11 @@ class IpTablesManager(object): # pylint: disable=too-many-instance-attributes
continue
last_rule_target = rule[1]
- # Naively assume that if the last row is a REJECT rule, then
- # we can add insert our rule right before it, otherwise we
+ # Naively assume that if the last row is a REJECT or DROP rule,
+ # then we can insert our rule right before it, otherwise we
# assume that we can just append the rule.
if (last_rule_num and last_rule_target
- and last_rule_target == 'REJECT'):
+ and last_rule_target in ['REJECT', 'DROP']):
# insert rule
cmd = self.cmd + ['-I', self.jump_rule_chain,
str(last_rule_num)]
diff --git a/roles/rhel_subscribe/tasks/enterprise.yml b/roles/rhel_subscribe/tasks/enterprise.yml
index c4aa7db6a..8d11276d0 100644
--- a/roles/rhel_subscribe/tasks/enterprise.yml
+++ b/roles/rhel_subscribe/tasks/enterprise.yml
@@ -7,7 +7,7 @@
when: deployment_type == 'enterprise'
- set_fact:
- default_ose_version: '3.1'
+ default_ose_version: '3.2'
when: deployment_type in ['atomic-enterprise', 'openshift-enterprise']
- set_fact: