summaryrefslogtreecommitdiffstats
path: root/roles/openshift_master
Commit message (Collapse)AuthorAgeFilesLines
...
* Merge pull request #4414 from sdodson/bz1460626Scott Dodson2017-06-263-3/+3
|\ | | | | Ensure that host pki tree is mounted in containerized components
| * Ensure that host pki tree is mounted in containerized componentsScott Dodson2017-06-123-3/+3
| |
* | Also configure default registry on HA mastersScott Dodson2017-06-232-0/+6
| | | | | | | | Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1463498
* | Fixed readme doc.Kenny Woodson2017-06-211-12/+12
| |
* | Adding option for serviceAccountConfig.limitSecretReferencesKenny Woodson2017-06-202-13/+14
| |
* | Merge pull request #4292 from sdodson/push-via-dnsOpenShift Bot2017-06-202-0/+6
|\ \ | | | | | | Merged by openshift-bot
| * | Update atomic-openshift-master.j2Scott Dodson2017-06-191-1/+1
| | |
| * | Enable push to registry via dns only on clean 3.6 installsScott Dodson2017-06-182-1/+4
| | | | | | | | | | | | | | | We cannot assume that 3.5 to 3.6 upgrades were signed with the correct certs
| * | Disable actually pushing to the registry via dns for nowScott Dodson2017-06-181-1/+1
| | | | | | | | | | | | | | | | | | | | | We need to sort out how to know that the registry certificate has the proper hostnames attached to it. It will for 3.6 clean installs but not for 3.5 to 3.6 upgrades. For now make it opt in and come back to this.
| * | Push to the registry via dnsScott Dodson2017-06-181-0/+3
| | | | | | | | | | | | | | | | | | Configures OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc Adds 'cluster.local' to dns search on nodes via dispatcher script Adds '.svc' to NO_PROXY defaults
* | | Preserve etcd3 storage if it's already in useScott Dodson2017-06-183-20/+7
|/ / | | | | | | | | This would be the case if for instance they'd upgraded and then migrated.
* | etcd v3 for clean installsScott Dodson2017-06-162-2/+21
|/ | | | | If we have no master config assume that we're a clean install. If we're a clean install and we're 3.6 or greater use etcd v3 storage.
* Add daemon_reload parameter to service tasksTim Bielawa2017-06-011-0/+1
| | | | | | | Fixes "Could not find the requested service atomic-openshift-master: cannot enable" error during reinstall. https://bugzilla.redhat.com/show_bug.cgi?id=1451693
* Merge pull request #4234 from vshn/feature/oreg_url_masternodeOpenShift Bot2017-05-261-10/+11
|\ | | | | Merged by openshift-bot
| * allow to configure oreg_url specifically for node or master. refs #4233Tobias Brunner2017-05-191-10/+11
| | | | | | | | | | | | | | | | | | This commit allows to specify imageConfig.format specifically for master or for nodes. One use case of this could be if you want to use customer builder images. In this case imageConfig.format only needs to be changed in the master-config.yml but not in the node-config.yml.
* | Merge pull request #3982 from jim-minter/trello131-broker-configurationOpenShift Bot2017-05-221-0/+7
|\ \ | | | | | | Merged by openshift-bot
| * | add template service broker configurableJim Minter2017-04-241-0/+7
| | |
* | | Fix auditConfig for non-HA environmentsRussell Teague2017-05-181-1/+1
| |/ |/| | | | | Bug 1447019
* | Fix templating of static service filesRussell Teague2017-05-124-1/+2
| |
* | Add service file templates for master and nodeSteve Milner2017-05-093-0/+55
| | | | | | | | | | | | | | Adds service file templates for both maste and node. These will lay down in /etc/system/systemd to override what may already be present from a package. These instances take into account the name of the container daemon (docker or container-engine).
* | Update systemd units to use proper container service nameSteve Milner2017-05-093-12/+12
| | | | | | | | | | | | | | - If using a system container: container-engine - If using a package install: docker Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1448800
* | Stop logging AWS credentials in master role.Devan Goodwin2017-05-031-0/+1
| | | | | | | | | | | | | | Using lineinfile and with_items, the items end up logged and in this case include AWS credentials. Simple us of no_log to hide them.
* | Don't double quote when conditionsScott Dodson2017-05-011-1/+1
|/
* master-api: add mount for /var/logGiuseppe Scrivano2017-04-061-1/+1
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* master: add mount for /var/logGiuseppe Scrivano2017-04-061-1/+1
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Use meta/main.yml for role dependenciesRussell Teague2017-03-272-4/+1
|
* Merge pull request #3599 from martineg/min_tls_versionOpenShift Bot2017-03-141-0/+18
|\ | | | | Merged by openshift-bot
| * Allow overriding minTLSVersion and cipherSuitesMartin Eggen2017-03-091-0/+18
| | | | | | | | | | Add parameters to allow overriding minTLSVersion and cipherSuites in master and node servingInfo config stanzas.
* | Force to use TLSv1.2 (related to ↵Olivier Buisson2017-03-131-1/+1
| | | | | | | | https://github.com/openshift/openshift-ansible/pull/2707)
* | nuage: Move role back to configSteve Milner2017-03-101-2/+0
|/ | | | | | | | | d113f03 moved role dependencies out of playbooks. However, this ended up causing the masters to not be configured before the nuage steps required configured masters. This change moves the nuage specific change in d113f03 back to the config. Resolves #3583
* Merge pull request #3393 from srampal/contivScott Dodson2017-03-012-1/+4
|\ | | | | Pull request for Contiv Ansible code integration into Openshift Ansible
| * Combined (squashed) commit for all changes related to adding Contiv support ↵Sanjeev Rampal2017-02-272-1/+4
| | | | | | | | into Openshift Ansible. This is the first (beta) release of Contiv with Openshift and is only supported for Openshift Origin + Bare metal deployments at the time of this commit. Please refer to the Openshift and Contiv official documentation for details of the level of support for different features and modes of operation.
* | master: use the new oc_atomic_container moduleGiuseppe Scrivano2017-02-282-57/+23
|/ | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* master, vars/main.yml: define l_is_ha and l_is_same_versionGiuseppe Scrivano2017-02-142-12/+15
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* master: support HA deployments with system containersGiuseppe Scrivano2017-02-102-2/+47
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #3109 from giuseppe/system-containersGiuseppe Scrivano2017-02-103-3/+43
|\ | | | | System containers
| * system-containers: implement idempotent updateGiuseppe Scrivano2017-02-101-2/+21
| | | | | | | | | | | | | | | | Upstream version has "atomic containers update ..." but the RHEL version is still using "atomic update --container" so stick with this for now. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * atomic-openshift: install as a system containerGiuseppe Scrivano2017-02-103-3/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use use_system_containers=true in the inventory file alternatively you can select each component as: use_openvswitch_system_container=true use_node_system_container=true use_master_system_container=true system_images_registry holds the registry from where to fetch system containers. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Ensure embedded etcd config uses CA bundle.Andrew Butcher2017-02-091-0/+12
|/
* Restructure certificate redeploy playbooksAndrew Butcher2017-02-021-0/+8
|
* Merge pull request #2973 from AlbertoPeon/metrics_urlScott Dodson2017-01-261-2/+2
|\ | | | | Set metrics url even if metrics_deploy is false
| * Set metrics url even if metrics_deploy is falseAlberto Peon2017-01-201-2/+2
| |
* | Comma separate no_proxy host list in openshift_facts so that it appears as a ↵Andrew Butcher2017-01-253-3/+3
|/ | | | string everywhere it is used.
* Merge pull request #3086 from bparees/build_nodesScott Dodson2017-01-171-0/+1
|\ | | | | add configuration for build default+overrides settings
| * add configuration for build default+overrides settingsBen Parees2017-01-161-0/+1
| |
* | Support openshift_node_port_range for configuring service NodePortsClayton Coleman2017-01-101-1/+1
|/ | | | | | | | | Sets the appropriate config field if openshift_node_port_range is set and also configures filewalls on each node. firewalld already supports port ranges like "30000-32000", while iptables needs that value converted to the correct "30000:32000" form for use with `--dport`. If not set, no node ports are opened.
* Move role dependencies out of playbooks for openshift_master, openshift_node ↵Andrew Butcher2017-01-091-1/+30
| | | | and openshift_hosted.
* YAML LintingRussell Teague2016-12-121-0/+1
| | | | | * Added checks to make ci for yaml linting * Modified y(a)ml files to pass lint checks
* Merge pull request #2902 from dgoodwin/fix-metrics-urlScott Dodson2016-12-081-3/+3
|\ | | | | Fix metricsPublicURL only being set correctly on first master.
| * Fix metricsPublicURL only being set correctly on first master.Devan Goodwin2016-12-011-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | Problem was caused by facts not being set for that master. To fix this patch cleans up the calculation of metricsPublicURL in general. Because this value is used in openshift_master to template into the master config file, we now define these facts more clearly in openshift_master_facts, and add a dependency on this to openshift_metrics. The calculation of default sub-domain is also changed to remove it from system facts (as neither of these are facts about the system) and instead use plain variables.
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-28 23:17:11 +0000