diff options
| -rw-r--r-- | .tito/packages/openshift-ansible | 2 | ||||
| -rw-r--r-- | openshift-ansible.spec | 19 | ||||
| -rw-r--r-- | playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml | 2 | ||||
| -rw-r--r-- | roles/etcd_common/tasks/backup.yml | 23 | ||||
| -rwxr-xr-x | roles/openshift_facts/library/openshift_facts.py | 12 | ||||
| -rw-r--r-- | roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml | 3 | ||||
| -rw-r--r-- | roles/openshift_metrics/tasks/install_hosa.yaml | 2 | ||||
| -rw-r--r-- | roles/openshift_metrics/tasks/install_support.yaml | 2 | ||||
| -rw-r--r-- | roles/openshift_metrics/tasks/main.yaml | 2 | ||||
| -rw-r--r-- | roles/rhel_subscribe/meta/main.yml | 3 | ||||
| -rw-r--r-- | roles/rhel_subscribe/tasks/main.yml | 10 |
11 files changed, 59 insertions, 21 deletions
diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index 65e17d2d9..b331c69ef 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.6.128-1 ./ +3.6.129-1 ./ diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 97e17412f..3e999a774 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -9,7 +9,7 @@ %global __requires_exclude ^/usr/bin/ansible-playbook$ Name: openshift-ansible -Version: 3.6.128 +Version: 3.6.129 Release: 1%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 @@ -280,6 +280,23 @@ Atomic OpenShift Utilities includes %changelog +* Fri Jun 30 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.129-1 +- Fix generate role binding destination for the HOSA service account + (steveteuber@users.noreply.github.com) +- Correct version comparisons to ensure proper evaluation (rteague@redhat.com) +- Adding become: false to local_action tasks (ewolinet@redhat.com) +- upgrade: fix name for the etcd system container (gscrivan@redhat.com) +- fix backup and working directory for etcd run as a system container + (jchaloup@redhat.com) +- etcd_migrate: Add /var/usrlocal/bin to path for oadm (smilner@redhat.com) +- etcd_migrate: Add /usr/local/bin to path for oadm (smilner@redhat.com) +- Sync environment variables FLUENTD/MUX_CPU_LIMIT FLUENTD/MUX_MEMORY_LIMIT + with the resource limit values. (nhosoi@redhat.com) +- Update master configuration for named certificates during master cert + redeploy. (abutcher@redhat.com) +- Get rid of openshift_facts dep in rhel_subscribe (sdodson@redhat.com) +- logging: write ES heap dump to persistent storage (jwozniak@redhat.com) + * Thu Jun 29 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.128-1 - parameterize etcd binary path (fabian@fabianism.us) - attach leases via the first master only and only once (jchaloup@redhat.com) diff --git a/playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml index 0431c1ce0..39e82498d 100644 --- a/playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml @@ -36,7 +36,7 @@ - not openshift.common.is_etcd_system_container | bool - name: Record containerized etcd version (runc) - command: runc exec etcd_container rpm -qa --qf '%{version}' etcd\* + command: runc exec etcd rpm -qa --qf '%{version}' etcd\* register: etcd_container_version_runc failed_when: false # AUDIT:changed_when: `false` because we are only inspecting diff --git a/roles/etcd_common/tasks/backup.yml b/roles/etcd_common/tasks/backup.yml index 4a4832275..2384eeb58 100644 --- a/roles/etcd_common/tasks/backup.yml +++ b/roles/etcd_common/tasks/backup.yml @@ -1,10 +1,19 @@ --- - set_fact: - l_etcd_backup_dir: "{{ etcd_data_dir }}/openshift-backup-{{ r_etcd_common_backup_tag }}{{ r_etcd_common_backup_sufix_name }}" + l_etcd_data_dir: "{{ etcd_data_dir }}{{ '/etcd.etcd' if r_etcd_common_etcd_runtime == 'runc' else '' }}" + +- set_fact: + l_etcd_incontainer_data_dir: "{{ etcd_data_dir }}" + +- set_fact: + l_etcd_incontainer_backup_dir: "{{ l_etcd_incontainer_data_dir }}/openshift-backup-{{ r_etcd_common_backup_tag }}{{ r_etcd_common_backup_sufix_name }}" + +- set_fact: + l_etcd_backup_dir: "{{ l_etcd_data_dir }}/openshift-backup-{{ r_etcd_common_backup_tag }}{{ r_etcd_common_backup_sufix_name }}" # TODO: replace shell module with command and update later checks - name: Check available disk space for etcd backup - shell: df --output=avail -k {{ etcd_data_dir }} | tail -n 1 + shell: df --output=avail -k {{ l_etcd_data_dir }} | tail -n 1 register: l_avail_disk # AUDIT:changed_when: `false` because we are only inspecting # state, not manipulating anything @@ -12,7 +21,7 @@ # TODO: replace shell module with command and update later checks - name: Check current etcd disk usage - shell: du --exclude='*openshift-backup*' -k {{ etcd_data_dir }} | tail -n 1 | cut -f1 + shell: du --exclude='*openshift-backup*' -k {{ l_etcd_data_dir }} | tail -n 1 | cut -f1 register: l_etcd_disk_usage when: r_etcd_common_embedded_etcd | bool # AUDIT:changed_when: `false` because we are only inspecting @@ -48,19 +57,19 @@ - name: Generate etcd backup command: > - {{ r_etcd_common_etcdctl_command }} backup --data-dir={{ etcd_data_dir }} - --backup-dir={{ l_etcd_backup_dir }} + {{ r_etcd_common_etcdctl_command }} backup --data-dir={{ l_etcd_incontainer_data_dir }} + --backup-dir={{ l_etcd_incontainer_backup_dir }} # According to the docs change you can simply copy snap/db # https://github.com/openshift/openshift-docs/commit/b38042de02d9780842dce95cfa0ef45d53b58bc6 - name: Check for v3 data store stat: - path: "{{ etcd_data_dir }}/member/snap/db" + path: "{{ l_etcd_data_dir }}/member/snap/db" register: l_v3_db - name: Copy etcd v3 data store command: > - cp -a {{ etcd_data_dir }}/member/snap/db + cp -a {{ l_etcd_data_dir }}/member/snap/db {{ l_etcd_backup_dir }}/member/snap/ when: l_v3_db.stat.exists diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 663423061..cc2a1d2eb 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -912,17 +912,17 @@ def set_version_facts_if_unset(facts): version_gte_3_1_1_or_1_1_1 = version >= LooseVersion('1.1.1') version_gte_3_2_or_1_2 = version >= LooseVersion('1.2.0') version_gte_3_3_or_1_3 = version >= LooseVersion('1.3.0') - version_gte_3_4_or_1_4 = version >= LooseVersion('1.4.0') - version_gte_3_5_or_1_5 = version >= LooseVersion('1.5.0') - version_gte_3_6 = version >= LooseVersion('3.6.0') + version_gte_3_4_or_1_4 = version >= LooseVersion('1.4') + version_gte_3_5_or_1_5 = version >= LooseVersion('1.5') + version_gte_3_6 = version >= LooseVersion('3.6') else: version_gte_3_1_or_1_1 = version >= LooseVersion('3.0.2.905') version_gte_3_1_1_or_1_1_1 = version >= LooseVersion('3.1.1') version_gte_3_2_or_1_2 = version >= LooseVersion('3.1.1.901') version_gte_3_3_or_1_3 = version >= LooseVersion('3.3.0') - version_gte_3_4_or_1_4 = version >= LooseVersion('3.4.0') - version_gte_3_5_or_1_5 = version >= LooseVersion('3.5.0') - version_gte_3_6 = version >= LooseVersion('3.6.0') + version_gte_3_4_or_1_4 = version >= LooseVersion('3.4') + version_gte_3_5_or_1_5 = version >= LooseVersion('3.5') + version_gte_3_6 = version >= LooseVersion('3.6') else: # 'Latest' version is set to True, 'Next' versions set to False version_gte_3_1_or_1_1 = True diff --git a/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml b/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml index 7b81b3c10..8d7ee00ed 100644 --- a/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml +++ b/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml @@ -17,14 +17,17 @@ local_action: copy dest="{{ local_tmp.stdout }}/{{ item }}.pwd" content="{{ 15 | oo_random_word }}" with_items: - hawkular-metrics + become: false - local_action: slurp src="{{ local_tmp.stdout }}/hawkular-metrics.pwd" register: hawkular_metrics_pwd no_log: true + become: false - name: generate htpasswd file for hawkular metrics local_action: htpasswd path="{{ local_tmp.stdout }}/hawkular-metrics.htpasswd" name=hawkular password="{{ hawkular_metrics_pwd.content | b64decode }}" no_log: true + become: false - name: copy local generated passwords to target copy: diff --git a/roles/openshift_metrics/tasks/install_hosa.yaml b/roles/openshift_metrics/tasks/install_hosa.yaml index cc533a68b..7c9bc26d0 100644 --- a/roles/openshift_metrics/tasks/install_hosa.yaml +++ b/roles/openshift_metrics/tasks/install_hosa.yaml @@ -28,7 +28,7 @@ - name: Generate role binding for the hawkular-openshift-agent service account template: src: rolebinding.j2 - dest: "{{ mktemp.stdout }}/templates/metrics-hawkular-agent-rolebinding.yaml" + dest: "{{ mktemp.stdout }}/templates/metrics-hawkular-openshift-agent-rolebinding.yaml" vars: cluster: True obj_name: hawkular-openshift-agent-rb diff --git a/roles/openshift_metrics/tasks/install_support.yaml b/roles/openshift_metrics/tasks/install_support.yaml index 5cefb273d..584e3be05 100644 --- a/roles/openshift_metrics/tasks/install_support.yaml +++ b/roles/openshift_metrics/tasks/install_support.yaml @@ -4,6 +4,7 @@ register: htpasswd_check failed_when: no changed_when: no + become: false - fail: msg="'htpasswd' is unavailable. Please install httpd-tools on the control node" when: htpasswd_check.rc == 1 @@ -13,6 +14,7 @@ register: keytool_check failed_when: no changed_when: no + become: false - fail: msg="'keytool' is unavailable. Please install java-1.8.0-openjdk-headless on the control node" when: keytool_check.rc == 1 diff --git a/roles/openshift_metrics/tasks/main.yaml b/roles/openshift_metrics/tasks/main.yaml index 0b5f23c24..eaabdd20f 100644 --- a/roles/openshift_metrics/tasks/main.yaml +++ b/roles/openshift_metrics/tasks/main.yaml @@ -1,6 +1,7 @@ --- - local_action: shell python -c 'import passlib' 2>/dev/null || echo not installed register: passlib_result + become: false - name: Check that python-passlib is available on the control host assert: @@ -52,3 +53,4 @@ tags: metrics_cleanup changed_when: False check_mode: no + become: false diff --git a/roles/rhel_subscribe/meta/main.yml b/roles/rhel_subscribe/meta/main.yml index 0bbeadd34..23d65c7ef 100644 --- a/roles/rhel_subscribe/meta/main.yml +++ b/roles/rhel_subscribe/meta/main.yml @@ -1,3 +1,2 @@ --- -dependencies: - - role: openshift_facts +dependencies: [] diff --git a/roles/rhel_subscribe/tasks/main.yml b/roles/rhel_subscribe/tasks/main.yml index 28c3c7080..453044a6e 100644 --- a/roles/rhel_subscribe/tasks/main.yml +++ b/roles/rhel_subscribe/tasks/main.yml @@ -21,6 +21,11 @@ msg: Either rhsub_pass or the rhel_subscription_pass env variable are required for this role. when: rhel_subscription_pass is not defined +- name: Detecting Atomic Host Operating System + stat: + path: /run/ostree-booted + register: ostree_booted + - name: Satellite preparation command: "rpm -Uvh http://{{ rhel_subscription_server }}/pub/katello-ca-consumer-latest.noarch.rpm" args: @@ -57,5 +62,6 @@ when: openshift_pool_id.stdout != '' - include: enterprise.yml - when: deployment_type in [ 'enterprise', 'atomic-enterprise', 'openshift-enterprise' ] and - not openshift.common.is_atomic | bool + when: + - deployment_type in [ 'enterprise', 'atomic-enterprise', 'openshift-enterprise' ] + - not ostree_booted.stat.exists | bool |