diff options
| -rw-r--r-- | .tito/packages/openshift-ansible | 2 | ||||
| -rw-r--r-- | openshift-ansible.spec | 14 | ||||
| -rw-r--r-- | playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml | 18 | ||||
| -rw-r--r-- | roles/etcd/tasks/main.yml | 12 | ||||
| -rw-r--r-- | roles/etcd/tasks/system_container.yml | 7 | ||||
| -rw-r--r-- | roles/etcd/templates/etcd.docker.service | 2 | ||||
| -rwxr-xr-x | roles/openshift_facts/library/openshift_facts.py | 45 | ||||
| -rw-r--r-- | roles/openshift_logging/tasks/install_logging.yaml | 4 | ||||
| -rw-r--r-- | roles/openshift_logging_elasticsearch/templates/es.j2 | 10 | ||||
| -rw-r--r-- | roles/openshift_node_upgrade/tasks/main.yml | 14 | ||||
| -rw-r--r-- | roles/openshift_node_upgrade/tasks/systemd_units.yml | 15 |
11 files changed, 83 insertions, 60 deletions
diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index 8b1359b22..5ae5d035e 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.6.132-1 ./ +3.6.134-1 ./ diff --git a/openshift-ansible.spec b/openshift-ansible.spec index ed0b5ca79..43111f72d 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -9,7 +9,7 @@ %global __requires_exclude ^/usr/bin/ansible-playbook$ Name: openshift-ansible -Version: 3.6.132 +Version: 3.6.134 Release: 1%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 @@ -280,6 +280,18 @@ Atomic OpenShift Utilities includes %changelog +* Wed Jul 05 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.134-1 +- + +* Tue Jul 04 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.133-1 +- etcd, syscontainer: fix copy of existing datastore (gscrivan@redhat.com) +- pre-pull images before stopping docker (jchaloup@redhat.com) +- Always convert no_proxy from string into a list (sdodson@redhat.com) +- fix 1466680. Fix logging deploying to the specified namespace + (jcantril@redhat.com) +- logging_es: temporarily disable readiness probe (jwozniak@redhat.com) +- Fixes to storage migration (sdodson@redhat.com) + * Mon Jul 03 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.132-1 - diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml index e7fc10af8..227fbf60a 100644 --- a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml +++ b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml @@ -5,13 +5,13 @@ # oc adm migrate storage should be run prior to etcd v3 upgrade # See: https://github.com/openshift/origin/pull/14625#issuecomment-308467060 -- name: Pre master upgrade - Upgrade job storage +- name: Pre master upgrade - Upgrade all storage hosts: oo_first_master tasks: - - name: Upgrade job storage + - name: Upgrade all storage command: > {{ openshift.common.client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig - migrate storage --include=jobs --confirm + migrate storage --include=* --confirm # If facts cache were for some reason deleted, this fact may not be set, and if not set # it will always default to true. This causes problems for the etcd data dir fact detection @@ -143,13 +143,13 @@ - set_fact: master_update_complete: True -- name: Post master upgrade - Upgrade job storage +- name: Post master upgrade - Upgrade clusterpolicies storage hosts: oo_first_master tasks: - - name: Upgrade job storage + - name: Upgrade clusterpolicies storage command: > {{ openshift.common.client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig - migrate storage --include=jobs --confirm + migrate storage --include=clusterpolicies --confirm ############################################################################## # Gate on master update complete @@ -230,6 +230,12 @@ - reconcile_scc_result.rc == 0 run_once: true + - name: Upgrade job storage + command: > + {{ openshift.common.client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig + migrate storage --include=* --confirm + run_once: true + - set_fact: reconcile_complete: True diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml index 586aebb11..f0661209f 100644 --- a/roles/etcd/tasks/main.yml +++ b/roles/etcd/tasks/main.yml @@ -10,6 +10,12 @@ package: name=etcd{{ '-' + etcd_version if etcd_version is defined else '' }} state=present when: not etcd_is_containerized | bool +- include_role: + name: etcd_common + vars: + r_etcd_common_action: drop_etcdctl + when: openshift_etcd_etcdctl_profile | default(true) | bool + - block: - name: Pull etcd container command: docker pull {{ openshift.etcd.etcd_image }} @@ -120,12 +126,6 @@ enabled: yes register: start_result -- include_role: - name: etcd_common - vars: - r_etcd_common_action: drop_etcdctl - when: openshift_etcd_etcdctl_profile | default(true) | bool - - name: Set fact etcd_service_status_changed set_fact: etcd_service_status_changed: "{{ start_result | changed }}" diff --git a/roles/etcd/tasks/system_container.yml b/roles/etcd/tasks/system_container.yml index a01df66b3..e735bf50a 100644 --- a/roles/etcd/tasks/system_container.yml +++ b/roles/etcd/tasks/system_container.yml @@ -1,4 +1,7 @@ --- +- set_fact: + l_etcd_src_data_dir: "{{ '/var/lib/origin/openshift.local.etcd' if r_etcd_common_embedded_etcd | bool else '/var/lib/etcd/' }}" + - name: Pull etcd system container command: atomic pull --storage=ostree {{ openshift.etcd.etcd_image }} register: pull_result @@ -50,7 +53,7 @@ - name: Check for previous etcd data store stat: - path: "{{ etcd_data_dir }}/member/" + path: "{{ l_etcd_src_data_dir }}/member/" register: src_datastore - name: Check for etcd system container data store @@ -66,7 +69,7 @@ - name: Copy etcd data store command: > - cp -a {{ etcd_data_dir }}/member + cp -a {{ l_etcd_src_data_dir }}/member {{ r_etcd_common_system_container_host_dir }}/etcd.etcd/member when: - src_datastore.stat.exists diff --git a/roles/etcd/templates/etcd.docker.service b/roles/etcd/templates/etcd.docker.service index d9327f433..adeca7a91 100644 --- a/roles/etcd/templates/etcd.docker.service +++ b/roles/etcd/templates/etcd.docker.service @@ -7,7 +7,7 @@ PartOf={{ openshift.docker.service_name }}.service [Service] EnvironmentFile={{ etcd_conf_file }} ExecStartPre=-/usr/bin/docker rm -f {{ etcd_service }} -ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v {{ etcd_data_dir }}:{{ etcd_data_dir }}:z -v {{ etcd_conf_dir }}:{{ etcd_conf_dir }}:ro --env-file={{ etcd_conf_file }} --net=host --security-opt label=type:spc_t --entrypoint=/usr/bin/etcd {{ openshift.etcd.etcd_image }} +ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v {{ etcd_data_dir }}:{{ etcd_data_dir }}:z -v {{ etcd_conf_dir }}:{{ etcd_conf_dir }}:ro --env-file={{ etcd_conf_file }} --net=host --entrypoint=/usr/bin/etcd {{ openshift.etcd.etcd_image }} ExecStop=/usr/bin/docker stop {{ etcd_service }} SyslogIdentifier=etcd_container Restart=always diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index cc2a1d2eb..30701a518 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -1618,14 +1618,7 @@ def sort_unique(alist): Returns: list: a sorted de-duped list """ - - alist.sort() - out = list() - for i in alist: - if i not in out: - out.append(i) - - return out + return sorted(list(set(alist))) def safe_get_bool(fact): @@ -1649,20 +1642,36 @@ def set_proxy_facts(facts): """ if 'common' in facts: common = facts['common'] + + # No openshift_no_proxy settings detected, empty list for now + if 'no_proxy' not in common: + common['no_proxy'] = [] + + # _no_proxy settings set. It is just a simple string, not a + # list or anything + elif 'no_proxy' in common and isinstance(common['no_proxy'], string_types): + # no_proxy is now a list of all the comma-separated items + # in the _no_proxy value + common['no_proxy'] = common['no_proxy'].split(",") + + # at this point common['no_proxy'] is a LIST datastructure. It + # may be empty, or it may contain some hostnames or ranges. + + # We always add local dns domain and ourselves no matter what + common['no_proxy'].append('.' + common['dns_domain']) + common['no_proxy'].append(common['hostname']) + + # You are also setting system proxy vars, openshift_http_proxy/openshift_https_proxy if 'http_proxy' in common or 'https_proxy' in common: - if 'no_proxy' in common and isinstance(common['no_proxy'], string_types): - common['no_proxy'] = common['no_proxy'].split(",") - elif 'no_proxy' not in common: - common['no_proxy'] = [] + # You want to generate no_proxy hosts and it's a boolean value if 'generate_no_proxy_hosts' in common and safe_get_bool(common['generate_no_proxy_hosts']): + # And you want to set up no_proxy for internal hostnames if 'no_proxy_internal_hostnames' in common: + # Split the internal_hostnames string by a comma + # and add that list to the overall no_proxy list common['no_proxy'].extend(common['no_proxy_internal_hostnames'].split(',')) - # We always add local dns domain and ourselves no matter what - common['no_proxy'].append('.' + common['dns_domain']) - common['no_proxy'].append('.svc') - common['no_proxy'].append(common['hostname']) - common['no_proxy'] = ','.join(sort_unique(common['no_proxy'])) - facts['common'] = common + + common['no_proxy'] = ','.join(sort_unique(common['no_proxy'])) return facts diff --git a/roles/openshift_logging/tasks/install_logging.yaml b/roles/openshift_logging/tasks/install_logging.yaml index 221a81340..50698599a 100644 --- a/roles/openshift_logging/tasks/install_logging.yaml +++ b/roles/openshift_logging/tasks/install_logging.yaml @@ -65,6 +65,7 @@ name: openshift_logging_elasticsearch vars: generated_certs_dir: "{{openshift.common.config_base}}/logging" + openshift_logging_elasticsearch_namespace: "{{ openshift_logging_namespace }}" openshift_logging_elasticsearch_deployment_name: "{{ item.0 }}" openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_pvc_prefix ~ '-' ~ item.2 if item.1 is none else item.1 }}" openshift_logging_elasticsearch_replica_count: "{{ openshift_logging_es_cluster_size | int }}" @@ -86,6 +87,7 @@ name: openshift_logging_elasticsearch vars: generated_certs_dir: "{{openshift.common.config_base}}/logging" + openshift_logging_elasticsearch_namespace: "{{ openshift_logging_namespace }}" openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_pvc_prefix }}-{{ item | int + openshift_logging_facts.elasticsearch.deploymentconfigs | count - 1 }}" openshift_logging_elasticsearch_replica_count: "{{ openshift_logging_es_cluster_size | int }}" @@ -112,6 +114,7 @@ name: openshift_logging_elasticsearch vars: generated_certs_dir: "{{openshift.common.config_base}}/logging" + openshift_logging_elasticsearch_namespace: "{{ openshift_logging_namespace }}" openshift_logging_elasticsearch_deployment_name: "{{ item.0 }}" openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_ops_pvc_prefix ~ '-' ~ item.2 if item.1 is none else item.1 }}" openshift_logging_elasticsearch_ops_deployment: true @@ -141,6 +144,7 @@ name: openshift_logging_elasticsearch vars: generated_certs_dir: "{{openshift.common.config_base}}/logging" + openshift_logging_elasticsearch_namespace: "{{ openshift_logging_namespace }}" openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_ops_pvc_prefix }}-{{ item | int + openshift_logging_facts.elasticsearch_ops.deploymentconfigs | count - 1 }}" openshift_logging_elasticsearch_ops_deployment: true openshift_logging_elasticsearch_replica_count: "{{ openshift_logging_es_ops_cluster_size | int }}" diff --git a/roles/openshift_logging_elasticsearch/templates/es.j2 b/roles/openshift_logging_elasticsearch/templates/es.j2 index 1ca4220a3..7424db6f6 100644 --- a/roles/openshift_logging_elasticsearch/templates/es.j2 +++ b/roles/openshift_logging_elasticsearch/templates/es.j2 @@ -90,9 +90,6 @@ spec: name: "RECOVER_AFTER_TIME" value: "{{openshift_logging_elasticsearch_recover_after_time}}" - - name: "READINESS_PROBE_TIMEOUT" - value: "30" - - name: "IS_MASTER" value: "{% if deploy_type in ['data-master', 'master'] %}true{% else %}false{% endif %}" @@ -109,13 +106,6 @@ spec: readOnly: true - name: elasticsearch-storage mountPath: /elasticsearch/persistent - readinessProbe: - exec: - command: - - "/usr/share/elasticsearch/probe/readiness.sh" - initialDelaySeconds: 10 - timeoutSeconds: 30 - periodSeconds: 5 volumes: - name: elasticsearch secret: diff --git a/roles/openshift_node_upgrade/tasks/main.yml b/roles/openshift_node_upgrade/tasks/main.yml index 9807aa9a3..ac9ea32cb 100644 --- a/roles/openshift_node_upgrade/tasks/main.yml +++ b/roles/openshift_node_upgrade/tasks/main.yml @@ -31,6 +31,20 @@ failed_when: false when: openshift.common.is_containerized | bool +- name: Pre-pull node image + command: > + docker pull {{ openshift.node.node_image }}:{{ openshift_image_tag }} + register: pull_result + changed_when: "'Downloaded newer image' in pull_result.stdout" + when: openshift.common.is_containerized | bool + +- name: Pre-pull openvswitch image + command: > + docker pull {{ openshift.node.ovs_image }}:{{ openshift_image_tag }} + register: pull_result + changed_when: "'Downloaded newer image' in pull_result.stdout" + when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool + - include: docker/upgrade.yml vars: # We will restart Docker ourselves after everything is ready: diff --git a/roles/openshift_node_upgrade/tasks/systemd_units.yml b/roles/openshift_node_upgrade/tasks/systemd_units.yml index 862cd19c4..e8f017445 100644 --- a/roles/openshift_node_upgrade/tasks/systemd_units.yml +++ b/roles/openshift_node_upgrade/tasks/systemd_units.yml @@ -18,21 +18,6 @@ # This file is included both in the openshift_master role and in the upgrade # playbooks. - -- name: Pre-pull node image - command: > - docker pull {{ openshift.node.node_image }}:{{ openshift_image_tag }} - register: pull_result - changed_when: "'Downloaded newer image' in pull_result.stdout" - when: openshift.common.is_containerized | bool - -- name: Pre-pull openvswitch image - command: > - docker pull {{ openshift.node.ovs_image }}:{{ openshift_image_tag }} - register: pull_result - changed_when: "'Downloaded newer image' in pull_result.stdout" - when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool - - name: Install Node dependencies docker service file template: dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node-dep.service" |