summaryrefslogtreecommitdiffstats
path: root/roles/openshift_node/defaults
Commit message (Collapse)AuthorAgeFilesLines
* Move installation of packages before container_runtime to ensure bind mounts ↵Kenny Woodson2018-02-131-1/+1
| | | | are avaialable.
* openshift_node: Remove master from aws node buildingSteve Milner2018-02-071-1/+1
| | | | | | | Since it is expected to be re-added at some point in the future the lines have been commented out rather than deleted. Signed-off-by: Steve Milner <smilner@redhat.com>
* add glusterblock support for ansibleMangirdas2018-01-311-0/+1
| | | | Co-authored-by: Christina Kyriakidou <Ckyriaki@Redhat.com>
* node: specify bind option to /root/.dockerGiuseppe Scrivano2018-01-251-0/+1
| | | | | | | | | Without the option, runc fails with "no such device" when trying to create the mount point. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1534933 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #6783 from mgugino-upstream-stage/node-syscon-add-mountsScott Dodson2018-01-231-0/+12
|\ | | | | Add ability to mount volumes into system container nodes
| * Add ability to mount volumes into system container nodesMichael Gugino2018-01-181-0/+12
| | | | | | | | | | | | | | This commit adds the ability to mount volumes into system containerized nodes. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1534933
* | Add Azure to support openshift_cloudprovider_kindweherdh2018-01-181-0/+6
|/
* Properly cast crio boolean variables to boolMichael Gugino2018-01-081-1/+1
| | | | | | | | | | | Variables that are specifically booleans should be cast to bool. This is because users may sometimes pass them as string values. This is particularly prevalent when using ini-style inventories. Affected-by: https://github.com/ansible/ansible/issues/34591 Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1531592
* Merge pull request #6586 from ↵OpenShift Merge Robot2018-01-031-2/+2
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | mgugino-upstream-stage/cast-bool-openshift_docker_use_system_container Automatic merge from submit-queue. Cast openshift_docker_use_system_container to bool openshift_docker_use_system_container might be passed in via ini inventory as 'openshift_docker_use_system_container=false' This condition will be interpreted as a string type, instead of boolean. Casting openshift_docker_use_system_container as bool will achieve the users desired intent. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1528943
| * Cast openshift_docker_use_system_container to boolMichael Gugino2018-01-021-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | openshift_docker_use_system_container might be passed in via ini inventory as 'openshift_docker_use_system_container=false' This condition will be interpreted as a string type, instead of boolean. Casting openshift_docker_use_system_container as bool will achieve the users desired intent. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1528943
* | Correct kublet_args cloud-provider directoriesMichael Gugino2018-01-021-3/+3
|/ | | | | | | This commit updates kublet_args to correct cloudprovider configuration file locaitons. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1527203
* Relocate filter plugins to lib_utilsMichael Gugino2017-12-181-1/+1
| | | | | | | | | | | | | | This commit relocates filter_plugings to lib_utils, changes the namespacing to prevent unintended use of older versions that may be present in filter_plugins/ directory on existing installs. Add lib_utils to meta depends for roles Also consolidate some plugins into lib_utils from various other areas. Update rpm spec, obsolete plugin rpms.
* Remove openshift_node_facts roleMichael Gugino2017-12-181-0/+16
| | | | | This commit removes the remainder of openshift_node_facts role.
* Remove openshift_node_facts part 1Michael Gugino2017-12-141-2/+49
| | | | | This commit removes some items from openshift_facts for the openshit_node role.
* Remove openshift.common.service_typeMichael Gugino2017-12-071-1/+5
| | | | | | | | This commit removes openshift.common.service_type in favor of openshift_service_type. This commit also removes r_openshift_excluder_service_type from plays in favor of using the role's defaults.
* Implement container runtime roleMichael Gugino2017-12-011-0/+3
|
* Combine openshift_node and openshift_node_dnsmasqMichael Gugino2017-11-271-0/+7
| | | | | This commit combines these two roles. This will prevent openshift_node_facts from running twice.
* Remove is_openvswitch_system_container from factsMichael Gugino2017-11-221-0/+1
| | | | Simply logic for this variable.
* Fix system_images_registry variableMichael Gugino2017-11-221-0/+6
| | | | Simplify the logic for this variable.
* Fix node system container varMichael Gugino2017-11-211-0/+2
| | | | Fix logic, make it simpler.
* Merge pull request #6094 from ↵OpenShift Merge Robot2017-11-151-0/+1
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | mgugino-upstream-stage/syscontainers-docker-login-module Automatic merge from submit-queue. Alternative method to create docker registry auth creds Currently, the command 'docker login' is run when using oreg with authentication. On some hosts, such as hosts configured to use system containers, the docker service is not running. 'docker login' will fail without the docker service running. This commit adds a module to idempotently add credentials to the registry credentials file without the use of 'docker login' Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1511374
| * Alternative method to create docker registry auth credsMichael Gugino2017-11-141-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, the command 'docker login' is run when using oreg with authentication. On some hosts, such as hosts configured to use system containers, the docker service is not running. 'docker login' will fail without the docker service running. This commit adds a module to idempotently add credentials to the registry credentials file without the use of 'docker login' Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1511374
* | Adding instance profile support for node groups.Kenny Woodson2017-11-131-0/+2
|/
* Adding CONFIG_FILE option back.Kenny Woodson2017-11-011-0/+3
|
* GCP cannot use AWS growpart packageClayton Coleman2017-10-301-2/+2
| | | | Make the required package optional
* Initial Kuryr supportMichał Dulko2017-10-201-0/+3
| | | | | | | | This commit enables deploying Kuryr networking on top of OpenShift in containers. kuryr-controller is a Deployment and kuryr-cni is deployed as DaemonSet (container will drop all CNI configuration files). Co-Authored-By: Antoni Segura Puimedon <celebdor@gmail.com>
* Do not remove files for bootstrap if resolv or dns.Kenny Woodson2017-10-171-3/+2
|
* Add ability to set node and master imageConfig to latestMichael Gugino2017-10-121-0/+3
| | | | | | | | | Currently, imageConfig.latest is hard-coded to false. This commit adds an appropriate boolean to enable setting to true. Fixes: https://github.com/openshift/openshift-ansible/issues/1422
* Fix broken debug_levelMichael Gugino2017-10-111-0/+2
| | | | | | | | | | | | | | | | | | | | Currently, debug_level is documented as a way to change the debug output level for both masters and nodes. debug_level does not currently have any effect. This commit removes debug_level from openshift_facts and properly sets openshift_master_debug_level and openshift_node_debug_level to the value of debug_level specified in the inventory. This commit also reorganizes some set_fact tasks needed during master upgrades to put all work-around set-facts for undefined variables in one place, allowing for easier cleanup in the future. This includes an entry for openshift_master_debug_level. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1500164
* Changes necessary to support AMI buildingMichael Gugino2017-09-281-3/+0
| | | | | | | Currently, AMI building does not work. These changes implement the necessary steps to build an AMI for usage as a 'golden node image'.
* Remove default value for oreg_urlMichael Gugino2017-09-201-2/+2
| | | | | | | | | | | Due to some plays importing variables from roles directly, oreg_url was being set to a default value when it otherwise shouldn't be. This commit removes the default values for oreg_url to ensure existing logic works as desired. Fixes: https://github.com/openshift/openshift-ansible/issues/5455
* Merge pull request #5345 from smarterclayton/firewallOpenShift Merge Robot2017-09-151-1/+3
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Add `openshift_node_open_ports` to allow arbitrary firewall exposure It should be possible for an admin to define an arbitrary set of ports to be exposed on each node that will relate to the cluster function. This adds a new global variable for the node that supports Array(Object{'service':<name>,'port':<port_spec>,'cond':<boolean>}) which is the same format accepted by the firewall role. @sdodson as discussed, open to alternatives. I used this from origin-gce with openshift_node_open_ports: - service: Router stats port: 1936/tcp - service: Open node ports port: 9000-10000/tcp - service: Open node ports port: 9000-10000/udp Which then allows me to set firewall rules appropriately. Alternatives considered: * Simpler external format (have to parse inputs) * Additional parameter to role - felt ugly
| * Add `openshift_node_open_ports` to allow arbitrary firewall exposureClayton Coleman2017-09-111-1/+3
| | | | | | | | | | | | | | | | | | | | It should be possible for an admin to define an arbitrary set of ports to be exposed on each node that will relate to the cluster function. This adds a new global variable for the node that supports Array(Object{'service':<name>,'port':<port_spec>,'cond':<boolean>}) which is the same format accepted by the firewall role.
* | Fix: authenticated registry support for containerized hostsMichael Gugino2017-09-111-1/+1
|/ | | | | | | | | | | | | | | | | | | | | | | Currently, openshift-anisble supports authentication to container registries to pull down openshift container images. The openshift_verison role uses the docker cli to gather image information from container registries before authentication credentials are provided by openshift-ansible. This commit creates the necessary token to authenticate to private registries during openshift_version. The token is generated by the role 'docker' on all hosts where docker is installed/configured when oreg_auth_users is defined. This commit also adds a read-only mount into the openshift master and node container services. This mount is '/var/lib/origin/.docker:/root/.docker:ro'. This is because the container images do not currently read the values in '/var/lib/origin/.docker' as this may be a bug upstream. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
* Remove openshift-commonMichael Gugino2017-09-061-3/+25
| | | | | | | | | Most of this role's purpose was to set facts. The vast majority of these facts were simply redefining user-supplied variables. This commit also removes various artifacts leftover from previous versions, as well as variables that seem to be entirely unused.
* Merge pull request #5230 from kwoodson/openshift_node_bootstrapOpenShift Bot2017-08-301-0/+58
|\ | | | | Merged by openshift-bot
| * Merging openshift_node with openshift bootstrap.Kenny Woodson2017-08-291-0/+58
| |
* | Add independent registry auth supportMichael Gugino2017-08-281-0/+5
|/ | | | | | | | | | | | | | | | | Added the ability to support authentication for independent / 3rd party registries. This commit will allow users to provide a `oreg_auth_user` and `oreg_auth_password` to dynmically generate a docker config.json file. The docker config.json file can be used by openshift to authenticate to independent / 3rd party registries. `oreg_host` must supply endpoint connection info in the form of 'hostname.com:port', with (optional) port 443 default. To update the config.json on a later run, the user can specify `oreg_auth_credentials_replace=False` to update the credentials. These settings must be used in tandem with `oreg_url` Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
* Default to global setting for firewall.Kenny Woodson2017-08-251-2/+2
|
* Updated README to reflect refactor. Moved firewall initialize into separate ↵Kenny Woodson2017-08-101-0/+2
| | | | file.
* Adding a default condition and removing unneeded defaults.Kenny Woodson2017-08-091-4/+1
|
* First attempt at refactor of os_firewallKenny Woodson2017-08-081-2/+12
|
* Sync all openshift.common.use_openshift_sdn uses in yaml filesJan Chaloupka2017-07-261-1/+1
| | | | | | | | | | | Most occurrences are in a form: ```yaml openshift.common.use_openshift_sdn | default(true) | bool ``` Let's make all occurences this way given the use_openshift_sdn is set to true anyway. See https://github.com/openshift/openshift-ansible/blob/0c350dcc7d06d62be5ba3a8e468dff85cdd96dd7/roles/openshift_facts/library/openshift_facts.py#L2035
* Added Calico BGP Port 179 to FirewalldVincent Schwarzer2017-05-151-0/+3
|
* Fix for OpenShift SDN CheckVincent Schwarzer2017-05-091-1/+1
|
* Port 10255 unnecessary. Removing all instancesChris Callegari2017-04-041-4/+0
|
* Work towards determining openshift_version when unspecified.Devan Goodwin2016-05-251-1/+0
| | | | | | | openshift_docker role was largely useless now, but also almost did what we needed. (deps ordering still needs to be changed) Remove defaulting of openshift_version.
* The openshift_docker role must set the version facts for containerized installsBrenton Leanhardt2016-04-141-1/+1
| | | | | | QE found that for fresh installs we were basing the docker version facts of the images that could be pulled prior to configuring /etc/sysconfig/docker. This is an edge case but something we need to fix.
* Bug 1322788 - The IMAGE_VERSION wasn't added to atomic-openshift-master-api ↵Brenton Leanhardt2016-04-011-0/+1
| | | | and atomic-openshift-master-controllers
* Open 4789/udp when using the SDNScott Dodson2015-10-191-0/+3
|
generated by cgit v1.2.1 (git 2.18.0) at 2024-04-29 13:12:11 +0000