summaryrefslogtreecommitdiffstats
path: root/roles/openshift_master/tasks/main.yml
Commit message (Collapse)AuthorAgeFilesLines
* Upgrade to migrate to using push to DNS for registries.Kenny Woodson2018-02-011-11/+2
|
* Remove master_ha bool checksMichael Gugino2018-01-251-1/+1
| | | | | | | | | | Most of these checks are no longer applicable to the tasks on which they are applied. This commit removes incorrect ha checks to ensure services are restarted at appropriate times. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1500897
* Move more plugins to lib_utilsMichael Gugino2018-01-101-0/+1
| | | | | | | This commit continues moving plugins into lib_utils. This commit does not move any plugins for add-on roles such as logging and metrics.
* Remove openshift.common.{is_atomic|is_containerized}Michael Gugino2017-12-201-6/+6
| | | | | We set these variables using facts in init, no need to duplicate the logic all around the codebase.
* Relocate filter plugins to lib_utilsMichael Gugino2017-12-181-1/+1
| | | | | | | | | | | | | | This commit relocates filter_plugings to lib_utils, changes the namespacing to prevent unintended use of older versions that may be present in filter_plugins/ directory on existing installs. Add lib_utils to meta depends for roles Also consolidate some plugins into lib_utils from various other areas. Update rpm spec, obsolete plugin rpms.
* Deprecate using Ansible tests as filtersRussell Teague2017-12-141-12/+12
|
* Remove openshift.common.service_typeMichael Gugino2017-12-071-8/+8
| | | | | | | | This commit removes openshift.common.service_type in favor of openshift_service_type. This commit also removes r_openshift_excluder_service_type from plays in favor of using the role's defaults.
* Remove all references to pacemaker (pcs, pcsd) and ↵Andrew Butcher2017-12-051-51/+0
| | | | | | | openshift.master.cluster_method. With pacemaker removed there is no longer a need for openshift.master.cluster_method. We only have one option.
* retry package operationsLuke Meyer2017-11-301-0/+5
| | | | | | When a package install/update fails due to network blips or other spotty availability, retry it. If the failure is a real failure (e.g. package is really not there) it still fails after 3 tries (Ansible default).
* Simplify is_master_system_container logicMichael Gugino2017-11-271-1/+1
| | | | Simplify the variable is_master_system_container
* Include Deprecation - openshift-masterRussell Teague2017-11-221-9/+8
|
* Removed old version codeMichael Gugino2017-11-141-8/+0
| | | | | | This commit removes any references to versions < 1.5/3.5 We assume the version is always greater than or equal to 1.5/3.5.
* Bootstrap enhancements.Kenny Woodson2017-11-081-12/+1
|
* Remove pause from master service startupRussell Teague2017-10-251-27/+3
| | | | | Fixes 1505537 https://bugzilla.redhat.com/show_bug.cgi?id=1505537
* Ensure upgrades apply latest journald settingsMichael Gugino2017-10-181-22/+3
| | | | | | | | | | | Currently, existing clusters might not have journald configurations applied. This may result in a rate- limiting of important log messages on openshift-masters. This commit ensures that journald settings are applied during the upgrade process openshif-masters. Fixes: https://github.com/openshift/openshift-ansible/issues/5642
* migrate embedded etcd to external etcdJan Chaloupka2017-10-061-17/+1
|
* Fix registry_auth logic for upgradesMichael Gugino2017-09-221-2/+0
| | | | | | | | | | | | | | | Currently, the logic for registry authentication is not implemented correctly to account for upgrades of containerized hosts. Additionally, the logic to account for multiple runs of openshift-ansible might cause registry authentication credentials to not be mounted inside of containerized hosts. This commit adds the necessary logic to ensure containerized hosts retain registry credentials. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1494470
* Cleanup old deployment typesMichael Gugino2017-09-201-1/+1
| | | | | | | | | | | Previously, openshift-ansible supported various types of deployments using the variable "openshift_deployment_type" Currently, openshift-ansible only supports two deployment types, "origin" and "openshift-enterprise". This commit removes all logic and references to deprecated deployment types.
* Merge pull request #3753 from soltysh/issue12558OpenShift Merge Robot2017-09-201-0/+22
|\ | | | | | | | | | | | | | | | | Automatic merge from submit-queue Increase rate limiting in journald.conf @sdodson ptal, this is to address issues from https://github.com/openshift/origin/issues/12558 @smarterclayton @stevekuznetsov fyi
| * Increase rate limiting in journald.confMaciej Szulik2017-09-121-0/+22
| |
* | Fix registry auth task orderingMichael Gugino2017-09-181-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, registry authentication credentials are not produced until after docker systemd service files are created. This commit ensures the credentials are created before the systemd service files to ensure the proper boolean is set to include the read-only mount of credentials inside containerized nodes and masters. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
* | Fix: authenticated registry support for containerized hostsMichael Gugino2017-09-111-15/+1
|/ | | | | | | | | | | | | | | | | | | | | | | Currently, openshift-anisble supports authentication to container registries to pull down openshift container images. The openshift_verison role uses the docker cli to gather image information from container registries before authentication credentials are provided by openshift-ansible. This commit creates the necessary token to authenticate to private registries during openshift_version. The token is generated by the role 'docker' on all hosts where docker is installed/configured when oreg_auth_users is defined. This commit also adds a read-only mount into the openshift master and node container services. This mount is '/var/lib/origin/.docker:/root/.docker:ro'. This is because the container images do not currently read the values in '/var/lib/origin/.docker' as this may be a bug upstream. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
* Remove openshift-commonMichael Gugino2017-09-061-3/+3
| | | | | | | | | Most of this role's purpose was to set facts. The vast majority of these facts were simply redefining user-supplied variables. This commit also removes various artifacts leftover from previous versions, as well as variables that seem to be entirely unused.
* Merge pull request #5247 from mgugino-upstream-stage/fix-master-upgradesOpenShift Bot2017-08-301-3/+0
|\ | | | | Merged by openshift-bot
| * Fix openshift_master upgradeMichael Gugino2017-08-291-3/+0
| | | | | | | | | | | | | | | | Currently, openshift_master upgrade play imports tasks directly from the openshift_master role. This method does not honor role defaults. This commit changes sets openshift_master_config_dir if undefined.
* | Add independent registry auth supportMichael Gugino2017-08-281-0/+16
|/ | | | | | | | | | | | | | | | | Added the ability to support authentication for independent / 3rd party registries. This commit will allow users to provide a `oreg_auth_user` and `oreg_auth_password` to dynmically generate a docker config.json file. The docker config.json file can be used by openshift to authenticate to independent / 3rd party registries. `oreg_host` must supply endpoint connection info in the form of 'hostname.com:port', with (optional) port 443 default. To update the config.json on a later run, the user can specify `oreg_auth_credentials_replace=False` to update the credentials. These settings must be used in tandem with `oreg_url` Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
* First attempt at provisioning.Kenny Woodson2017-08-211-0/+18
|
* polish openshift-master roleJan Chaloupka2017-08-161-66/+125
|
* Merge pull request #4797 from kwoodson/os_firewall_refactorScott Dodson2017-08-111-0/+4
|\ | | | | Refactor the firewall workflow.
| * First attempt at refactor of os_firewallKenny Woodson2017-08-081-0/+4
| |
* | Disable old openshift-master.service on upgradeClayton Coleman2017-08-081-0/+3
| |
* | Remove the origin-master.service and associated filesClayton Coleman2017-08-081-67/+16
|/ | | | | | From now on, all master configurations use the api / controller split, regardless of HA mode or previous configuration. This will be our only supported configuration starting in 3.7 or 3.8.
* Tolerate non existence of /etc/sysconfig/atomic-openshift-masterScott Dodson2017-07-271-2/+2
|
* Merge pull request #4813 from sdodson/log-dumperScott Dodson2017-07-261-0/+20
|\ | | | | Fix log dumping on service failure
| * Fix log dumping on service failureScott Dodson2017-07-201-0/+20
| | | | | | | | Also, add log dumping to master service startup too
* | If proxy in effect, add etcd host IP addresses to NO_PROXY list on mastersTim Bielawa2017-07-211-0/+6
|/ | | | Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1466783
* Fix yamllintScott Dodson2017-07-061-10/+10
|
* Removed quotes and added env variable to be specific.Kenny Woodson2017-07-051-2/+2
|
* [BZ 1467786] Fix for OPENSHIFT_DEFAULT_REGISTRY setting.Kenny Woodson2017-07-051-2/+11
|
* Merge pull request #4292 from sdodson/push-via-dnsOpenShift Bot2017-06-201-0/+3
|\ | | | | Merged by openshift-bot
| * Enable push to registry via dns only on clean 3.6 installsScott Dodson2017-06-181-0/+3
| | | | | | | | | | We cannot assume that 3.5 to 3.6 upgrades were signed with the correct certs
* | Preserve etcd3 storage if it's already in useScott Dodson2017-06-181-20/+0
|/ | | | | This would be the case if for instance they'd upgraded and then migrated.
* etcd v3 for clean installsScott Dodson2017-06-161-0/+20
| | | | | If we have no master config assume that we're a clean install. If we're a clean install and we're 3.6 or greater use etcd v3 storage.
* Add daemon_reload parameter to service tasksTim Bielawa2017-06-011-0/+1
| | | | | | | Fixes "Could not find the requested service atomic-openshift-master: cannot enable" error during reinstall. https://bugzilla.redhat.com/show_bug.cgi?id=1451693
* Don't double quote when conditionsScott Dodson2017-05-011-1/+1
|
* Force to use TLSv1.2 (related to ↵Olivier Buisson2017-03-131-1/+1
| | | | https://github.com/openshift/openshift-ansible/pull/2707)
* atomic-openshift: install as a system containerGiuseppe Scrivano2017-02-101-0/+4
| | | | | | | | | | | | | | | Use use_system_containers=true in the inventory file alternatively you can select each component as: use_openvswitch_system_container=true use_node_system_container=true use_master_system_container=true system_images_registry holds the registry from where to fetch system containers. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Pre-pull master/node/ovs images during upgrade.Devan Goodwin2016-12-071-7/+0
| | | | | | | | We did this for install but not upgrade, leading to situations where the service restarts after upgrade could take much longer than expected as docker pulls down the new image. Now the images are present when we restart services and should allow them to come back online much more quickly, equivalent to rpm service restarts.
* Refactored to use Ansible systemd moduleRussell Teague2016-11-281-28/+36
| | | | | | * Ansible systemd module used in place of service module * Refactored command tasks which are no longer necessary * Applying rules from openshift-ansible Best Practices Guide
* Refactor to use Ansible package moduleRussell Teague2016-11-171-3/+5
| | | | | The Ansible package module will call the correct package manager for the underlying OS.
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-02 10:26:50 +0000