summaryrefslogtreecommitdiffstats
path: root/roles/openshift_master
Commit message (Collapse)AuthorAgeFilesLines
...
* | | Ensure servingInfo.clientCA is set as ca.crt rather than ca-bundle.crt.Andrew Butcher2017-10-091-4/+0
|/ /
* | Remove some reminants of Atomic EnterpriseScott Dodson2017-09-261-1/+1
| |
* | Fix registry_auth logic for upgradesMichael Gugino2017-09-225-15/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, the logic for registry authentication is not implemented correctly to account for upgrades of containerized hosts. Additionally, the logic to account for multiple runs of openshift-ansible might cause registry authentication credentials to not be mounted inside of containerized hosts. This commit adds the necessary logic to ensure containerized hosts retain registry credentials. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1494470
* | Merge pull request #5477 from mgugino-upstream-stage/hot-fix-oreg_urlOpenShift Merge Robot2017-09-211-2/+2
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Remove default value for oreg_url Due to some plays importing variables from roles directly, oreg_url was being set to a default value when it otherwise shouldn't be. This commit removes the default values for oreg_url to ensure existing logic works as desired. Fixes: https://github.com/openshift/openshift-ansible/issues/5455
| * | Remove default value for oreg_urlMichael Gugino2017-09-201-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Due to some plays importing variables from roles directly, oreg_url was being set to a default value when it otherwise shouldn't be. This commit removes the default values for oreg_url to ensure existing logic works as desired. Fixes: https://github.com/openshift/openshift-ansible/issues/5455
* | | Cleanup old deployment typesMichael Gugino2017-09-201-1/+1
|/ / | | | | | | | | | | | | | | | | | | | | Previously, openshift-ansible supported various types of deployments using the variable "openshift_deployment_type" Currently, openshift-ansible only supports two deployment types, "origin" and "openshift-enterprise". This commit removes all logic and references to deprecated deployment types.
* | Merge pull request #3753 from soltysh/issue12558OpenShift Merge Robot2017-09-202-0/+41
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Increase rate limiting in journald.conf @sdodson ptal, this is to address issues from https://github.com/openshift/origin/issues/12558 @smarterclayton @stevekuznetsov fyi
| * | Increase rate limiting in journald.confMaciej Szulik2017-09-122-0/+41
| | |
* | | Merge pull request #5441 from mgugino-upstream-stage/fix-reg-authOpenShift Merge Robot2017-09-181-2/+2
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Fix registry auth task ordering Currently, registry authentication credentials are not produced until after docker systemd service files are created. This commit ensures the credentials are created before the systemd service files to ensure the proper boolean is set to include the read-only mount of credentials inside containerized nodes and masters. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
| * | | Fix registry auth task orderingMichael Gugino2017-09-181-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, registry authentication credentials are not produced until after docker systemd service files are created. This commit ensures the credentials are created before the systemd service files to ensure the proper boolean is set to include the read-only mount of credentials inside containerized nodes and masters. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
* | | | Merge pull request #5392 from ↵OpenShift Merge Robot2017-09-181-16/+0
|\ \ \ \ | |/ / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ingvagabund/pull-openshift_master-deps-out-into-a-play Automatic merge from submit-queue Pull openshift_master deps out into a play The `openshift_master` role is called only in a single play. Thus, we can pull out all its dependencies without duplicating all dependency role invocations. Both `lib_openshift` and `lib_os_firewall` are required deps as they defined ansible modules used inside the `openshift_master` role. I have also rearranged definition of variables so variable used only inside a single role are part of the `include_role` statement. Atm, we can't use `include_role` due to https://github.com/ansible/ansible/issues/21890
| * | | pull openshift_master deps out into a playJan Chaloupka2017-09-131-16/+0
| |/ /
* | | Merge pull request #5367 from abutcher/etcd-scaleup-master-client-urlsScott Dodson2017-09-141-0/+8
|\ \ \ | | | | | | | | Bug 1490304: Etcd scale-up playbook should add new member to etcdClientInfo of master-config.yaml
| * | | Update master config with new client urls during etcd scaleup.Andrew Butcher2017-09-121-0/+8
| |/ /
* | | Fix: authenticated registry support for containerized hostsMichael Gugino2017-09-115-18/+51
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, openshift-anisble supports authentication to container registries to pull down openshift container images. The openshift_verison role uses the docker cli to gather image information from container registries before authentication credentials are provided by openshift-ansible. This commit creates the necessary token to authenticate to private registries during openshift_version. The token is generated by the role 'docker' on all hosts where docker is installed/configured when oreg_auth_users is defined. This commit also adds a read-only mount into the openshift master and node container services. This mount is '/var/lib/origin/.docker:/root/.docker:ro'. This is because the container images do not currently read the values in '/var/lib/origin/.docker' as this may be a bug upstream. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
* | Merge pull request #5208 from mgugino-upstream-stage/remove-openshift_commonOpenShift Bot2017-09-0710-23/+40
|\ \ | | | | | | Merged by openshift-bot
| * | Remove openshift-commonMichael Gugino2017-09-0610-23/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | Most of this role's purpose was to set facts. The vast majority of these facts were simply redefining user-supplied variables. This commit also removes various artifacts leftover from previous versions, as well as variables that seem to be entirely unused.
* | | Fix openshift_master_config_dirScott Dodson2017-09-061-1/+1
| | |
* | | Fix: set openshift_master_config_dir to the correct value.Michael Gugino2017-09-051-1/+1
|/ / | | | | | | | | | | | | Previous commit set 'openshift_master_config_dir' to '/var/lib/origin' if undefined during upgrades. This commit sets value to the proper directory '/etc/origin'
* | Merge pull request #5247 from mgugino-upstream-stage/fix-master-upgradesOpenShift Bot2017-08-302-3/+10
|\ \ | |/ |/| Merged by openshift-bot
| * Fix openshift_master upgradeMichael Gugino2017-08-292-3/+10
| | | | | | | | | | | | | | | | Currently, openshift_master upgrade play imports tasks directly from the openshift_master role. This method does not honor role defaults. This commit changes sets openshift_master_config_dir if undefined.
* | Add independent registry auth supportMichael Gugino2017-08-282-0/+21
|/ | | | | | | | | | | | | | | | | Added the ability to support authentication for independent / 3rd party registries. This commit will allow users to provide a `oreg_auth_user` and `oreg_auth_password` to dynmically generate a docker config.json file. The docker config.json file can be used by openshift to authenticate to independent / 3rd party registries. `oreg_host` must supply endpoint connection info in the form of 'hostname.com:port', with (optional) port 443 default. To update the config.json on a later run, the user can specify `oreg_auth_credentials_replace=False` to update the credentials. These settings must be used in tandem with `oreg_url` Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
* Default to global setting for firewall.Kenny Woodson2017-08-251-2/+2
|
* First attempt at provisioning.Kenny Woodson2017-08-212-0/+46
|
* polish openshift-master roleJan Chaloupka2017-08-167-112/+208
|
* Fix Restore Master AWS OptionsMichael Fraenkel2017-08-111-1/+1
| | | | - remove dangling bool
* Merge pull request #4797 from kwoodson/os_firewall_refactorScott Dodson2017-08-114-15/+62
|\ | | | | Refactor the firewall workflow.
| * Updated README to reflect refactor. Moved firewall initialize into separate ↵Kenny Woodson2017-08-102-2/+5
| | | | | | | | file.
| * Adding a default condition and removing unneeded defaults.Kenny Woodson2017-08-092-8/+4
| |
| * First attempt at refactor of os_firewallKenny Woodson2017-08-084-15/+63
| |
* | system_container.yml: fix bracesLuke Meyer2017-08-101-1/+1
| |
* | Remove remaining references to openshift-master.serviceClayton Coleman2017-08-083-31/+0
| | | | | | | | Prevents playbooks from accidentally restarting the master service.
* | Disable old openshift-master.service on upgradeClayton Coleman2017-08-082-0/+8
| |
* | Use the new election mode (client based) instead of direct etcd accessClayton Coleman2017-08-081-3/+2
| |
* | Remove the origin-master.service and associated filesClayton Coleman2017-08-086-188/+30
|/ | | | | | From now on, all master configurations use the api / controller split, regardless of HA mode or previous configuration. This will be our only supported configuration starting in 3.7 or 3.8.
* Merge pull request #4789 from ↵Jan Chaloupka2017-08-041-4/+4
|\ | | | | | | | | ingvagabund/allow-to-specify-docker-registry-for-system-containers Allow to specify docker registry for system containers
| * allow to specify docker registry for system containersJan Chaloupka2017-07-191-4/+4
| |
* | Merge pull request #4949 from carlpett/patch-1OpenShift Bot2017-08-011-1/+1
|\ \ | | | | | | Merged by openshift-bot
| * | Fix aws_secret_key checkCalle Pettersson2017-07-311-1/+1
| | |
* | | Merge pull request #4894 from tbielawa/reg-dns-scaleup-bz1469336OpenShift Bot2017-08-015-6/+16
|\ \ \ | | | | | | | | Merged by openshift-bot
| * | | Use existing OPENSHIFT_DEFAULT_REGISTRY setting during masters scaleupTim Bielawa2017-07-285-6/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes a bug which reported that AFTER a cluster upgrade from OCP 3.5 to 3.6, any masters which are later added via the scaleup playbooks are setting a value for OPENSHIFT_DEFAULT_REGISTRY which is inconsistent with the already configured masters. * OPENSHIFT_DEFAULT_REGISTRY value is saved from oo_first_master * The new scaleup master has a fact set noting it is a scaleup host * The saved OPENSHIFT_DEFAULT_REGISTRY value is used instead of the default for 3.6, which is to use a hard-coded registry value of 'docker-registry.default.svc:5000' Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1469336
* | | | Merge pull request #4700 from sdodson/rate-limitOpenShift Bot2017-08-011-4/+4
|\ \ \ \ | |_|/ / |/| | | Merged by openshift-bot
| * | | Add rate limit configurabilityScott Dodson2017-07-061-4/+4
| | |/ | |/|
* | | Tolerate non existence of /etc/sysconfig/atomic-openshift-masterScott Dodson2017-07-271-2/+2
| |/ |/|
* | Merge pull request #4813 from sdodson/log-dumperScott Dodson2017-07-261-0/+20
|\ \ | | | | | | Fix log dumping on service failure
| * | Fix log dumping on service failureScott Dodson2017-07-201-0/+20
| |/ | | | | | | Also, add log dumping to master service startup too
* | If proxy in effect, add etcd host IP addresses to NO_PROXY list on mastersTim Bielawa2017-07-211-0/+6
|/ | | | Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1466783
* Fix yamllintScott Dodson2017-07-061-10/+10
|
* Removed quotes and added env variable to be specific.Kenny Woodson2017-07-051-2/+2
|
* [BZ 1467786] Fix for OPENSHIFT_DEFAULT_REGISTRY setting.Kenny Woodson2017-07-051-2/+11
|
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-14 11:33:41 +0000