diff options
| -rw-r--r-- | .tito/packages/openshift-ansible | 2 | ||||
| -rw-r--r-- | inventory/byo/hosts.example | 3 | ||||
| -rw-r--r-- | openshift-ansible.spec | 34 | ||||
| -rw-r--r-- | playbooks/aws/README.md | 1 | ||||
| -rw-r--r-- | roles/openshift_gcp/templates/remove.j2.sh | 6 | ||||
| -rw-r--r-- | roles/openshift_master_facts/tasks/main.yml | 1 | ||||
| -rw-r--r-- | roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2 | 2 | ||||
| -rw-r--r-- | roles/openshift_provisioners/tasks/generate_clusterrolebindings.yaml | 4 | ||||
| -rw-r--r-- | roles/openshift_provisioners/tasks/generate_secrets.yaml | 4 | ||||
| -rw-r--r-- | roles/openshift_provisioners/tasks/generate_serviceaccounts.yaml | 4 | ||||
| -rw-r--r-- | roles/openshift_provisioners/tasks/install_efs.yaml | 8 | ||||
| -rw-r--r-- | roles/openshift_provisioners/tasks/install_support.yaml | 17 | ||||
| -rw-r--r-- | roles/openshift_provisioners/templates/pv.j2 | 1 | ||||
| -rw-r--r-- | roles/openshift_provisioners/templates/pvc.j2 | 1 |
14 files changed, 64 insertions, 24 deletions
diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index b42906535..3fd8b4d26 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.7.0-0.188.0 ./ +3.7.0-0.189.0 ./ diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index 070c20345..e49dd5fa2 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -310,9 +310,6 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', #openshift_master_cluster_hostname=openshift-ansible.test.example.com #openshift_master_cluster_public_hostname=openshift-ansible.test.example.com -# Override the default controller lease ttl -#osm_controller_lease_ttl=30 - # Configure controller arguments #osm_controller_args={'resource-quota-sync-period': ['10s']} diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 762f71abc..57db94c1f 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -10,7 +10,7 @@ Name: openshift-ansible Version: 3.7.0 -Release: 0.188.0%{?dist} +Release: 0.189.0%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 URL: https://github.com/openshift/openshift-ansible @@ -285,6 +285,38 @@ Atomic OpenShift Utilities includes %changelog +* Wed Nov 01 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.189.0 +- Stating that certificate it is required when doing SSL on ELB. + (kwoodson@redhat.com) +- Ensure GCP image build instance gets cleaned up on teardown + (ccoleman@redhat.com) +- Switch from bind-interfaces to bind-dynamic (sdodson@redhat.com) +- Remove unused osm_controller_lease_ttl (mgugino@redhat.com) +- Delete images located in a family named {{ prefix }}images + (ccoleman@redhat.com) +- Use global IP to indicate node should pick DNS (ccoleman@redhat.com) +- Remove project metadata prefixed with the cluster prefix + (ccoleman@redhat.com) +- Use openshift.node.registry_url instead of oreg_url (ccoleman@redhat.com) +- Allow master node group to wait for stable on GCP (ccoleman@redhat.com) +- GCP cannot use AWS growpart package (ccoleman@redhat.com) +- dnsmasq cache-size dns-forward-max change (pcameron@redhat.com) +- Also require that we match the release (sdodson@redhat.com) +- Add arbitrary firewall port config to master too (sdodson@redhat.com) +- remove master.service during the non-ha to ha upgrade (jchaloup@redhat.com) +- Removing unneeded bootstrap which moved into the product. + (kwoodson@redhat.com) +- Add retry logic to docker auth credentials (mgugino@redhat.com) +- Retry restarting journald (mgugino@redhat.com) +- Modify StorageClass name to standard (piqin@redhat.com) +- Give PV & PVC empty storage class to avoid being assigned default gp2 + (mawong@redhat.com) +- Use oc_project to ensure openshift_provisioners_project present + (mawong@redhat.com) +- Fix yaml formatting (mawong@redhat.com) +- Create default storageclass for cloudprovider openstack (piqin@redhat.com) +- preserve the oo-install ansible_inventory_path value (rmeggins@redhat.com) + * Tue Oct 31 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.188.0 - Add dm_thin_pool for gluster use (sdodson@redhat.com) - Fix broken oc_secret update function (barlik@gmx.com) diff --git a/playbooks/aws/README.md b/playbooks/aws/README.md index 4e5c1017b..417fb539a 100644 --- a/playbooks/aws/README.md +++ b/playbooks/aws/README.md @@ -65,6 +65,7 @@ openshift_release: # example: v3.7 openshift_pkg_version: # example: -3.7.0 openshift_aws_ssh_key_name: # example: myuser_key openshift_aws_base_ami: # example: ami-12345678 +# These are required when doing SSL on the ELBs openshift_aws_iam_cert_path: # example: '/path/to/wildcard.<clusterid>.example.com.crt' openshift_aws_iam_cert_key_path: # example: '/path/to/wildcard.<clusterid>.example.com.key' ``` diff --git a/roles/openshift_gcp/templates/remove.j2.sh b/roles/openshift_gcp/templates/remove.j2.sh index 10b463349..c9213b800 100644 --- a/roles/openshift_gcp/templates/remove.j2.sh +++ b/roles/openshift_gcp/templates/remove.j2.sh @@ -68,6 +68,12 @@ fi done ) & +# Instances and disks used for image building +( + teardown "{{ openshift_gcp_prefix }}build-image-instance" compute instances --zone "{{ openshift_gcp_zone }}" + teardown "{{ openshift_gcp_prefix }}build-image-instance" compute disks --zone "{{ openshift_gcp_zone }}" +) & + # DNS ( dns_zone="{{ dns_managed_zone | default(openshift_gcp_prefix + 'managed-zone') }}" diff --git a/roles/openshift_master_facts/tasks/main.yml b/roles/openshift_master_facts/tasks/main.yml index 501be148e..cf0be3bef 100644 --- a/roles/openshift_master_facts/tasks/main.yml +++ b/roles/openshift_master_facts/tasks/main.yml @@ -88,7 +88,6 @@ controller_args: "{{ osm_controller_args | default(None) }}" disabled_features: "{{ osm_disabled_features | default(None) }}" master_count: "{{ openshift_master_count | default(None) }}" - controller_lease_ttl: "{{ osm_controller_lease_ttl | default(None) }}" master_image: "{{ osm_image | default(None) }}" admission_plugin_config: "{{openshift_master_admission_plugin_config }}" kube_admission_plugin_config: "{{openshift_master_kube_admission_plugin_config | default(None) }}" # deprecated, merged with admission_plugin_config diff --git a/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2 b/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2 index 4b55a0be4..6543c7c3e 100644 --- a/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2 +++ b/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2 @@ -5,7 +5,7 @@ max-cache-ttl=1 enable-dbus dns-forward-max=5000 cache-size=5000 -bind-interfaces +bind-dynamic {% for interface in openshift_node_dnsmasq_except_interfaces %} except-interface={{ interface }} {% endfor %} diff --git a/roles/openshift_provisioners/tasks/generate_clusterrolebindings.yaml b/roles/openshift_provisioners/tasks/generate_clusterrolebindings.yaml index ac21a5e37..1e6aafd00 100644 --- a/roles/openshift_provisioners/tasks/generate_clusterrolebindings.yaml +++ b/roles/openshift_provisioners/tasks/generate_clusterrolebindings.yaml @@ -1,6 +1,8 @@ --- - name: Generate ClusterRoleBindings - template: src=clusterrolebinding.j2 dest={{mktemp.stdout}}/templates/{{obj_name}}-clusterrolebinding.yaml + template: + src: clusterrolebinding.j2 + dest: "{{ mktemp.stdout }}/templates/{{ obj_name }}-clusterrolebinding.yaml" vars: acct_name: provisioners-{{item}} obj_name: run-provisioners-{{item}} diff --git a/roles/openshift_provisioners/tasks/generate_secrets.yaml b/roles/openshift_provisioners/tasks/generate_secrets.yaml index e6cbb1bbf..fe5ff9f18 100644 --- a/roles/openshift_provisioners/tasks/generate_secrets.yaml +++ b/roles/openshift_provisioners/tasks/generate_secrets.yaml @@ -1,6 +1,8 @@ --- - name: Generate secret for efs - template: src=secret.j2 dest={{mktemp.stdout}}/templates/{{obj_name}}-secret.yaml + template: + src: secret.j2 + dest: "{{ mktemp.stdout }}/templates/{{ obj_name }}-secret.yaml" vars: name: efs obj_name: "provisioners-efs" diff --git a/roles/openshift_provisioners/tasks/generate_serviceaccounts.yaml b/roles/openshift_provisioners/tasks/generate_serviceaccounts.yaml index 4fe0583ee..000f19994 100644 --- a/roles/openshift_provisioners/tasks/generate_serviceaccounts.yaml +++ b/roles/openshift_provisioners/tasks/generate_serviceaccounts.yaml @@ -1,6 +1,8 @@ --- - name: Generating serviceaccounts - template: src=serviceaccount.j2 dest={{mktemp.stdout}}/templates/{{obj_name}}-sa.yaml + template: + src: serviceaccount.j2 + dest: "{{ mktemp.stdout }}/templates/{{ obj_name }}-sa.yaml" vars: obj_name: provisioners-{{item}} labels: diff --git a/roles/openshift_provisioners/tasks/install_efs.yaml b/roles/openshift_provisioners/tasks/install_efs.yaml index 4a6e00513..6e8792446 100644 --- a/roles/openshift_provisioners/tasks/install_efs.yaml +++ b/roles/openshift_provisioners/tasks/install_efs.yaml @@ -9,7 +9,9 @@ changed_when: no - name: Generate efs PersistentVolumeClaim - template: src=pvc.j2 dest={{mktemp.stdout}}/templates/{{obj_name}}-pvc.yaml + template: + src: pvc.j2 + dest: "{{ mktemp.stdout }}/templates/{{ obj_name }}-pvc.yaml" vars: obj_name: "provisioners-efs" size: "1Mi" @@ -21,7 +23,9 @@ changed_when: no - name: Generate efs PersistentVolume - template: src=pv.j2 dest={{mktemp.stdout}}/templates/{{obj_name}}-pv.yaml + template: + src: pv.j2 + dest: "{{ mktemp.stdout }}/templates/{{ obj_name }}-pv.yaml" vars: obj_name: "provisioners-efs" size: "1Mi" diff --git a/roles/openshift_provisioners/tasks/install_support.yaml b/roles/openshift_provisioners/tasks/install_support.yaml index ba472f1c9..d6db81ab9 100644 --- a/roles/openshift_provisioners/tasks/install_support.yaml +++ b/roles/openshift_provisioners/tasks/install_support.yaml @@ -1,16 +1,9 @@ --- -- name: Check for provisioners project already exists - command: > - {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig get project {{openshift_provisioners_project}} --no-headers - register: provisioners_project_result - ignore_errors: yes - when: not ansible_check_mode - changed_when: no - -- name: Create provisioners project - command: > - {{ openshift.common.admin_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig new-project {{openshift_provisioners_project}} - when: not ansible_check_mode and "not found" in provisioners_project_result.stderr +- name: Set provisioners project + oc_project: + state: present + kubeconfig: "{{ mktemp.stdout }}/admin.kubeconfig" + name: "{{ openshift_provisioners_project }}" - name: Create temp directory for all our templates file: path={{mktemp.stdout}}/templates state=directory mode=0755 diff --git a/roles/openshift_provisioners/templates/pv.j2 b/roles/openshift_provisioners/templates/pv.j2 index f4128f9f0..f81b1617a 100644 --- a/roles/openshift_provisioners/templates/pv.j2 +++ b/roles/openshift_provisioners/templates/pv.j2 @@ -30,3 +30,4 @@ spec: name: {{claim_name}} namespace: {{openshift_provisioners_project}} {% endif %} + storageClassName: "" diff --git a/roles/openshift_provisioners/templates/pvc.j2 b/roles/openshift_provisioners/templates/pvc.j2 index 83d503056..0dd8772eb 100644 --- a/roles/openshift_provisioners/templates/pvc.j2 +++ b/roles/openshift_provisioners/templates/pvc.j2 @@ -23,4 +23,5 @@ spec: resources: requests: storage: {{size}} + storageClassName: "" |