summaryrefslogtreecommitdiffstats
path: root/roles/openshift_master/tasks
Commit message (Collapse)AuthorAgeFilesLines
...
* | Remove pause from master service startupRussell Teague2017-10-251-27/+3
|/ | | | | Fixes 1505537 https://bugzilla.redhat.com/show_bug.cgi?id=1505537
* Merge pull request #5796 from mgugino-upstream-stage/journald-masters-upgradesOpenShift Merge Robot2017-10-242-22/+25
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Ensure upgrades apply latest journald settings Currently, existing clusters might not have journald configurations applied. This may result in a rate- limiting of important log messages on openshift-masters. This commit ensures that journald settings are applied during the upgrade process openshif-masters. Fixes: https://github.com/openshift/openshift-ansible/issues/5642
| * Ensure upgrades apply latest journald settingsMichael Gugino2017-10-182-22/+25
| | | | | | | | | | | | | | | | | | | | | | Currently, existing clusters might not have journald configurations applied. This may result in a rate- limiting of important log messages on openshift-masters. This commit ensures that journald settings are applied during the upgrade process openshif-masters. Fixes: https://github.com/openshift/openshift-ansible/issues/5642
* | Merge pull request #5813 from ashcrow/1503903OpenShift Merge Robot2017-10-231-0/+5
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Always ensure atomic.conf is configured for system containers. A new openshift_atomic role has been created for atomic specific tasks. The first task added is proxy which handles updating /etc/atomic.conf to ensure the proper proxy configuration is configured. This task file is then included (via include_role) in system container related task files. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1503903
| * | systemcontainers: Verify atomic.conf proxy is always configuredSteve Milner2017-10-191-0/+5
| |/ | | | | | | | | | | | | | | | | | | | | A new openshift_atomic role has been created for atomic specific tasks. The first task added is proxy which handles updating /etc/atomic.conf to ensure the proper proxy configuration is configured. This task file is then included (via include_role) in system container related task files. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1503903 Signed-off-by: Steve Milner <smilner@redhat.com>
* | Fix undefined variable for master upgradesMichael Gugino2017-10-181-0/+4
|/ | | | | | | | Currently, oreg_auth_credentials_replace is undefined during master upgrades. This commit ensures this variable is defined during upgrades.
* Do not remove files for bootstrap if resolv or dns.Kenny Woodson2017-10-171-0/+63
|
* Fix containerized node service unit placement orderMichael Gugino2017-10-121-0/+3
| | | | | | | | | | | | | | Currently, non-containerized nodes have systemd service unit files created after registry auth credentials are created. Containerized nodes place service unit files prior to creation of these credentials. This commit ensures systemd service units are created at the correct time for both containerized and non-containerized nodes. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1500642
* Merge pull request #5672 from ingvagabund/migrate-embedded-etcdOpenShift Merge Robot2017-10-113-17/+32
|\ | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Migrate embedded etcd to external etcd Trello card: https://trello.com/c/9fnBfkT5/528-migrate-embedded-etcd-hosts-to-external-process?menu=filter&filter=label:committed-3.7 Tested on: - [x] embedded etcd -> external rpm etcd - [x] embedded etcd -> external docker etcd One needs to set the `openshift_image_tag` before running the migration to containerized docker etcd.
| * migrate embedded etcd to external etcdJan Chaloupka2017-10-063-17/+32
| |
* | Fix broken debug_levelMichael Gugino2017-10-113-37/+40
|/ | | | | | | | | | | | | | | | | | | | Currently, debug_level is documented as a way to change the debug output level for both masters and nodes. debug_level does not currently have any effect. This commit removes debug_level from openshift_facts and properly sets openshift_master_debug_level and openshift_node_debug_level to the value of debug_level specified in the inventory. This commit also reorganizes some set_fact tasks needed during master upgrades to put all work-around set-facts for undefined variables in one place, allowing for easier cleanup in the future. This includes an entry for openshift_master_debug_level. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1500164
* Fix registry_auth logic for upgradesMichael Gugino2017-09-223-13/+21
| | | | | | | | | | | | | | | Currently, the logic for registry authentication is not implemented correctly to account for upgrades of containerized hosts. Additionally, the logic to account for multiple runs of openshift-ansible might cause registry authentication credentials to not be mounted inside of containerized hosts. This commit adds the necessary logic to ensure containerized hosts retain registry credentials. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1494470
* Cleanup old deployment typesMichael Gugino2017-09-201-1/+1
| | | | | | | | | | | Previously, openshift-ansible supported various types of deployments using the variable "openshift_deployment_type" Currently, openshift-ansible only supports two deployment types, "origin" and "openshift-enterprise". This commit removes all logic and references to deprecated deployment types.
* Merge pull request #3753 from soltysh/issue12558OpenShift Merge Robot2017-09-201-0/+22
|\ | | | | | | | | | | | | | | | | Automatic merge from submit-queue Increase rate limiting in journald.conf @sdodson ptal, this is to address issues from https://github.com/openshift/origin/issues/12558 @smarterclayton @stevekuznetsov fyi
| * Increase rate limiting in journald.confMaciej Szulik2017-09-121-0/+22
| |
* | Fix registry auth task orderingMichael Gugino2017-09-181-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, registry authentication credentials are not produced until after docker systemd service files are created. This commit ensures the credentials are created before the systemd service files to ensure the proper boolean is set to include the read-only mount of credentials inside containerized nodes and masters. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
* | Merge pull request #5367 from abutcher/etcd-scaleup-master-client-urlsScott Dodson2017-09-141-0/+8
|\ \ | | | | | | Bug 1490304: Etcd scale-up playbook should add new member to etcdClientInfo of master-config.yaml
| * | Update master config with new client urls during etcd scaleup.Andrew Butcher2017-09-121-0/+8
| |/
* | Fix: authenticated registry support for containerized hostsMichael Gugino2017-09-112-15/+28
|/ | | | | | | | | | | | | | | | | | | | | | | Currently, openshift-anisble supports authentication to container registries to pull down openshift container images. The openshift_verison role uses the docker cli to gather image information from container registries before authentication credentials are provided by openshift-ansible. This commit creates the necessary token to authenticate to private registries during openshift_version. The token is generated by the role 'docker' on all hosts where docker is installed/configured when oreg_auth_users is defined. This commit also adds a read-only mount into the openshift master and node container services. This mount is '/var/lib/origin/.docker:/root/.docker:ro'. This is because the container images do not currently read the values in '/var/lib/origin/.docker' as this may be a bug upstream. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
* Merge pull request #5208 from mgugino-upstream-stage/remove-openshift_commonOpenShift Bot2017-09-072-3/+10
|\ | | | | Merged by openshift-bot
| * Remove openshift-commonMichael Gugino2017-09-062-3/+10
| | | | | | | | | | | | | | | | | | Most of this role's purpose was to set facts. The vast majority of these facts were simply redefining user-supplied variables. This commit also removes various artifacts leftover from previous versions, as well as variables that seem to be entirely unused.
* | Fix openshift_master_config_dirScott Dodson2017-09-061-1/+1
| |
* | Fix: set openshift_master_config_dir to the correct value.Michael Gugino2017-09-051-1/+1
|/ | | | | | | Previous commit set 'openshift_master_config_dir' to '/var/lib/origin' if undefined during upgrades. This commit sets value to the proper directory '/etc/origin'
* Merge pull request #5247 from mgugino-upstream-stage/fix-master-upgradesOpenShift Bot2017-08-302-3/+10
|\ | | | | Merged by openshift-bot
| * Fix openshift_master upgradeMichael Gugino2017-08-292-3/+10
| | | | | | | | | | | | | | | | Currently, openshift_master upgrade play imports tasks directly from the openshift_master role. This method does not honor role defaults. This commit changes sets openshift_master_config_dir if undefined.
* | Add independent registry auth supportMichael Gugino2017-08-281-0/+16
|/ | | | | | | | | | | | | | | | | Added the ability to support authentication for independent / 3rd party registries. This commit will allow users to provide a `oreg_auth_user` and `oreg_auth_password` to dynmically generate a docker config.json file. The docker config.json file can be used by openshift to authenticate to independent / 3rd party registries. `oreg_host` must supply endpoint connection info in the form of 'hostname.com:port', with (optional) port 443 default. To update the config.json on a later run, the user can specify `oreg_auth_credentials_replace=False` to update the credentials. These settings must be used in tandem with `oreg_url` Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
* First attempt at provisioning.Kenny Woodson2017-08-212-0/+46
|
* polish openshift-master roleJan Chaloupka2017-08-166-105/+192
|
* Fix Restore Master AWS OptionsMichael Fraenkel2017-08-111-1/+1
| | | | - remove dangling bool
* Merge pull request #4797 from kwoodson/os_firewall_refactorScott Dodson2017-08-112-0/+44
|\ | | | | Refactor the firewall workflow.
| * Updated README to reflect refactor. Moved firewall initialize into separate ↵Kenny Woodson2017-08-101-2/+2
| | | | | | | | file.
| * Adding a default condition and removing unneeded defaults.Kenny Woodson2017-08-091-4/+4
| |
| * First attempt at refactor of os_firewallKenny Woodson2017-08-082-0/+44
| |
* | system_container.yml: fix bracesLuke Meyer2017-08-101-1/+1
| |
* | Remove remaining references to openshift-master.serviceClayton Coleman2017-08-081-12/+0
| | | | | | | | Prevents playbooks from accidentally restarting the master service.
* | Disable old openshift-master.service on upgradeClayton Coleman2017-08-082-0/+8
| |
* | Remove the origin-master.service and associated filesClayton Coleman2017-08-083-135/+28
|/ | | | | | From now on, all master configurations use the api / controller split, regardless of HA mode or previous configuration. This will be our only supported configuration starting in 3.7 or 3.8.
* Merge pull request #4789 from ↵Jan Chaloupka2017-08-041-4/+4
|\ | | | | | | | | ingvagabund/allow-to-specify-docker-registry-for-system-containers Allow to specify docker registry for system containers
| * allow to specify docker registry for system containersJan Chaloupka2017-07-191-4/+4
| |
* | Merge pull request #4894 from tbielawa/reg-dns-scaleup-bz1469336OpenShift Bot2017-08-011-3/+3
|\ \ | | | | | | Merged by openshift-bot
| * | Use existing OPENSHIFT_DEFAULT_REGISTRY setting during masters scaleupTim Bielawa2017-07-281-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes a bug which reported that AFTER a cluster upgrade from OCP 3.5 to 3.6, any masters which are later added via the scaleup playbooks are setting a value for OPENSHIFT_DEFAULT_REGISTRY which is inconsistent with the already configured masters. * OPENSHIFT_DEFAULT_REGISTRY value is saved from oo_first_master * The new scaleup master has a fact set noting it is a scaleup host * The saved OPENSHIFT_DEFAULT_REGISTRY value is used instead of the default for 3.6, which is to use a hard-coded registry value of 'docker-registry.default.svc:5000' Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1469336
* | | Tolerate non existence of /etc/sysconfig/atomic-openshift-masterScott Dodson2017-07-271-2/+2
|/ /
* | Merge pull request #4813 from sdodson/log-dumperScott Dodson2017-07-261-0/+20
|\ \ | | | | | | Fix log dumping on service failure
| * | Fix log dumping on service failureScott Dodson2017-07-201-0/+20
| |/ | | | | | | Also, add log dumping to master service startup too
* | If proxy in effect, add etcd host IP addresses to NO_PROXY list on mastersTim Bielawa2017-07-211-0/+6
|/ | | | Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1466783
* Fix yamllintScott Dodson2017-07-061-10/+10
|
* Removed quotes and added env variable to be specific.Kenny Woodson2017-07-051-2/+2
|
* [BZ 1467786] Fix for OPENSHIFT_DEFAULT_REGISTRY setting.Kenny Woodson2017-07-051-2/+11
|
* Merge pull request #4292 from sdodson/push-via-dnsOpenShift Bot2017-06-201-0/+3
|\ | | | | Merged by openshift-bot
| * Enable push to registry via dns only on clean 3.6 installsScott Dodson2017-06-181-0/+3
| | | | | | | | | | We cannot assume that 3.5 to 3.6 upgrades were signed with the correct certs
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-15 21:49:52 +0000