csa/devops/ansible-patches/openshift.git/roles/contiv/meta, branch ands Unnamed repository; edit this file 'description' to name the repository. Contiv multi-master and other fixes 2018-01-07T20:44:35+00:00 Nick Bartos flamingo@2thebatcave.com 2017-12-05T04:02:52+00:00 6daf71565fd69e9ddb2ac20e787d49f74cf7a9d7 Contiv's etcd was not being deployed correctly when using more than one master. To make it easier to manage, it has been moved into a k8s container. The api proxy was hardcoded to an old version (1.1.1), and in some environments would run into a docker error. This has been moved into a k8s container for easier management. The firewall was too permissive on several ports. Many were open to the world when they should have only been accessible inside the cluster. Many of the contiv role variables were not prefixed with 'contiv', which may end up clobbering variables from another role. Now all the contiv specific role variables start with 'contiv_'. The api proxy's default self-signed certificate was bundled with the role. This means someone with read-only MITM access and this key could decrypt traffic. Granted a user defined certificate from a trusted CA should be used in a production environment, it is still better to generate one in each environment when one is not provided. 
Contiv's etcd was not being deployed correctly when using more than
one master.  To make it easier to manage, it has been moved into a
k8s container.

The api proxy was hardcoded to an old version (1.1.1), and in some
environments would run into a docker error.  This has been moved into
a k8s container for easier management.

The firewall was too permissive on several ports.  Many were open to
the world when they should have only been accessible inside the
cluster.

Many of the contiv role variables were not prefixed with 'contiv',
which may end up clobbering variables from another role.  Now all the
contiv specific role variables start with 'contiv_'.

The api proxy's default self-signed certificate was bundled with the
role.  This means someone with read-only MITM access and this key
could decrypt traffic.  Granted a user defined certificate from a
trusted CA should be used in a production environment, it is still
better to generate one in each environment when one is not provided.
Relocate filter plugins to lib_utils 2017-12-18T21:46:22+00:00 Michael Gugino mgugino@redhat.com 2017-12-13T17:42:32+00:00 801779eeb6f6308f81ae7c48409de7686c04a0aa This commit relocates filter_plugings to lib_utils, changes the namespacing to prevent unintended use of older versions that may be present in filter_plugins/ directory on existing installs. Add lib_utils to meta depends for roles Also consolidate some plugins into lib_utils from various other areas. Update rpm spec, obsolete plugin rpms. 
This commit relocates filter_plugings to lib_utils,
changes the namespacing to prevent unintended use of
older versions that may be present in filter_plugins/
directory on existing installs.

Add lib_utils to meta depends for roles

Also consolidate some plugins into lib_utils from
various other areas.

Update rpm spec, obsolete plugin rpms.
Multimaster openshift+contiv fixes 2017-11-29T19:33:24+00:00 Lance Dillon landillo@cisco.com 2017-11-28T19:26:34+00:00 17ba2eafc5b7f132ad4b0a2e63d57bb647436c68 Only run default contiv commands once Fix detection of firewalld Open up netmaster ports to all nodes Make sure etcd ca stuff only runs once 
Only run default contiv commands once
Fix detection of firewalld
Open up netmaster ports to all nodes
Make sure etcd ca stuff only runs once
Fixes for auth_proxy, vxlan mode 2017-07-28T03:15:50+00:00 Sanjeev Rampal srampal@cisco.com 2017-07-28T02:28:46+00:00 b71f2782028ce7cf56614780a87faca31b9e42ac 






Add support for rhel, aci, vxlan
2017-05-31T19:08:09+00:00

Sanjeev Rampal
srampal@cisco.com

2017-05-26T21:27:09+00:00

76d1ee25b7570add1531ba232c46977d7201a122












Combined (squashed) commit for all changes related to adding Contiv support into Openshift Ansible. This is the first (beta) release of Contiv with Openshift and is only supported for Openshift Origin + Bare metal deployments at the time of this commit. Please refer to the Openshift and Contiv official documentation for details of the level of support for different features and modes of operation.
2017-02-28T05:04:48+00:00

Sanjeev Rampal
srampal@cisco.com

2017-02-23T20:25:34+00:00

58818a6af147e457d56a1faf77b02d37bb538826