summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.tito/packages/openshift-ansible2
-rw-r--r--inventory/byo/hosts.origin.example7
-rw-r--r--inventory/byo/hosts.ose.example7
-rw-r--r--openshift-ansible.spec7
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/registry.yml2
-rw-r--r--roles/lib_openshift/library/oc_process.py12
-rw-r--r--roles/lib_openshift/src/class/oc_process.py12
-rw-r--r--roles/openshift_hosted/tasks/registry/secure.yml3
8 files changed, 34 insertions, 18 deletions
diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible
index d42684482..1cd7bde30 100644
--- a/.tito/packages/openshift-ansible
+++ b/.tito/packages/openshift-ansible
@@ -1 +1 @@
-3.6.14-1 ./
+3.6.15-1 ./
diff --git a/inventory/byo/hosts.origin.example b/inventory/byo/hosts.origin.example
index d61f033f8..27914e60a 100644
--- a/inventory/byo/hosts.origin.example
+++ b/inventory/byo/hosts.origin.example
@@ -757,13 +757,18 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
# by deployment_type=origin
#openshift_enable_origin_repo=false
-# Validity of the auto-generated certificates in days.
+# Validity of the auto-generated OpenShift certificates in days.
# See also openshift_hosted_registry_cert_expire_days above.
#
#openshift_ca_cert_expire_days=1825
#openshift_node_cert_expire_days=730
#openshift_master_cert_expire_days=730
+# Validity of the auto-generated external etcd certificates in days.
+# Controls validity for etcd CA, peer, server and client certificates.
+#
+#etcd_ca_default_days=1825
+
# host group for masters
[masters]
ose3-master[1:3]-ansible.test.example.com
diff --git a/inventory/byo/hosts.ose.example b/inventory/byo/hosts.ose.example
index 823d6f58f..f0269bff8 100644
--- a/inventory/byo/hosts.ose.example
+++ b/inventory/byo/hosts.ose.example
@@ -754,13 +754,18 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
# Enable API service auditing, available as of 3.2
#openshift_master_audit_config={"basicAuditEnabled": true}
-# Validity of the auto-generated certificates in days.
+# Validity of the auto-generated OpenShift certificates in days.
# See also openshift_hosted_registry_cert_expire_days above.
#
#openshift_ca_cert_expire_days=1825
#openshift_node_cert_expire_days=730
#openshift_master_cert_expire_days=730
+# Validity of the auto-generated external etcd certificates in days.
+# Controls validity for etcd CA, peer, server and client certificates.
+#
+#etcd_ca_default_days=1825
+
# host group for masters
[masters]
ose3-master[1:3]-ansible.test.example.com
diff --git a/openshift-ansible.spec b/openshift-ansible.spec
index 7ffe69a79..992fe63c2 100644
--- a/openshift-ansible.spec
+++ b/openshift-ansible.spec
@@ -9,7 +9,7 @@
%global __requires_exclude ^/usr/bin/ansible-playbook$
Name: openshift-ansible
-Version: 3.6.14
+Version: 3.6.15
Release: 1%{?dist}
Summary: Openshift and Atomic Enterprise Ansible
License: ASL 2.0
@@ -270,6 +270,11 @@ Atomic OpenShift Utilities includes
%changelog
+* Tue Apr 04 2017 Jenkins CD Merge Bot <tdawson@redhat.com> 3.6.15-1
+- Document etcd_ca_default_days in example inventories. (abutcher@redhat.com)
+- Fixed a bug. Ansible requires a msg param when module.fail_json.
+ (kwoodson@redhat.com)
+
* Sat Apr 01 2017 Jenkins CD Merge Bot <tdawson@redhat.com> 3.6.14-1
- Update v1.5 content (sdodson@redhat.com)
- Add v1.6 content (sdodson@redhat.com)
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml b/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml
index e82996cf4..8c8062585 100644
--- a/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml
+++ b/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml
@@ -66,7 +66,7 @@
--signer-cert={{ openshift.common.config_base }}/master/ca.crt
--signer-key={{ openshift.common.config_base }}/master/ca.key
--signer-serial={{ openshift.common.config_base }}/master/ca.serial.txt
- --hostnames="{{ docker_registry_service_ip.results.clusterip }},docker-registry.default.svc.cluster.local,{{ docker_registry_route_hostname }}"
+ --hostnames="{{ docker_registry_service_ip.results.clusterip }},docker-registry.default.svc,docker-registry.default.svc.cluster.local,{{ docker_registry_route_hostname }}"
--cert={{ openshift.common.config_base }}/master/registry.crt
--key={{ openshift.common.config_base }}/master/registry.key
{% if openshift_version | oo_version_gte_3_5_or_1_5(openshift.common.deployment_type) | bool %}
diff --git a/roles/lib_openshift/library/oc_process.py b/roles/lib_openshift/library/oc_process.py
index d487746eb..112d9ab5f 100644
--- a/roles/lib_openshift/library/oc_process.py
+++ b/roles/lib_openshift/library/oc_process.py
@@ -1545,7 +1545,7 @@ class OCProcess(OpenShiftCLI):
if api_rval['returncode'] != 0:
return {"failed": True, "msg" : api_rval}
- return {"changed" : False, "results": api_rval, "state": "list"}
+ return {"changed" : False, "results": api_rval, "state": state}
elif state == 'present':
if check_mode and params['create']:
@@ -1567,9 +1567,9 @@ class OCProcess(OpenShiftCLI):
return {"failed": True, "msg": api_rval}
if params['create']:
- return {"changed": True, "results": api_rval, "state": "present"}
+ return {"changed": True, "results": api_rval, "state": state}
- return {"changed": False, "results": api_rval, "state": "present"}
+ return {"changed": False, "results": api_rval, "state": state}
# verify results
update = False
@@ -1584,13 +1584,13 @@ class OCProcess(OpenShiftCLI):
update = True
if not update:
- return {"changed": update, "results": api_rval, "state": "present"}
+ return {"changed": update, "results": api_rval, "state": state}
for cmd in rval:
if cmd['returncode'] != 0:
- return {"failed": True, "changed": update, "results": rval, "state": "present"}
+ return {"failed": True, "changed": update, "msg": rval, "state": state}
- return {"changed": update, "results": rval, "state": "present"}
+ return {"changed": update, "results": rval, "state": state}
# -*- -*- -*- End included fragment: class/oc_process.py -*- -*- -*-
diff --git a/roles/lib_openshift/src/class/oc_process.py b/roles/lib_openshift/src/class/oc_process.py
index 9d29938aa..eba9a43cd 100644
--- a/roles/lib_openshift/src/class/oc_process.py
+++ b/roles/lib_openshift/src/class/oc_process.py
@@ -136,7 +136,7 @@ class OCProcess(OpenShiftCLI):
if api_rval['returncode'] != 0:
return {"failed": True, "msg" : api_rval}
- return {"changed" : False, "results": api_rval, "state": "list"}
+ return {"changed" : False, "results": api_rval, "state": state}
elif state == 'present':
if check_mode and params['create']:
@@ -158,9 +158,9 @@ class OCProcess(OpenShiftCLI):
return {"failed": True, "msg": api_rval}
if params['create']:
- return {"changed": True, "results": api_rval, "state": "present"}
+ return {"changed": True, "results": api_rval, "state": state}
- return {"changed": False, "results": api_rval, "state": "present"}
+ return {"changed": False, "results": api_rval, "state": state}
# verify results
update = False
@@ -175,11 +175,11 @@ class OCProcess(OpenShiftCLI):
update = True
if not update:
- return {"changed": update, "results": api_rval, "state": "present"}
+ return {"changed": update, "results": api_rval, "state": state}
for cmd in rval:
if cmd['returncode'] != 0:
- return {"failed": True, "changed": update, "results": rval, "state": "present"}
+ return {"failed": True, "changed": update, "msg": rval, "state": state}
- return {"changed": update, "results": rval, "state": "present"}
+ return {"changed": update, "results": rval, "state": state}
diff --git a/roles/openshift_hosted/tasks/registry/secure.yml b/roles/openshift_hosted/tasks/registry/secure.yml
index 8a159bf73..29c164f52 100644
--- a/roles/openshift_hosted/tasks/registry/secure.yml
+++ b/roles/openshift_hosted/tasks/registry/secure.yml
@@ -53,7 +53,8 @@
signer_serial: "{{ openshift_master_config_dir }}/ca.serial.txt"
hostnames:
- "{{ docker_registry_service_ip.results.clusterip }}"
- - docker-registry.default.svc.cluster.local
+ - "{{ openshift_hosted_registry_name }}.default.svc"
+ - "{{ openshift_hosted_registry_name }}.default.svc.{{ openshift.common.dns_domain }}"
- "{{ docker_registry_route_hostname }}"
cert: "{{ openshift_master_config_dir }}/registry.crt"
key: "{{ openshift_master_config_dir }}/registry.key"