diff options
17 files changed, 54 insertions, 29 deletions
diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index ef0736b63..1a67cc290 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -166,7 +166,7 @@ ose3-lb-ansible.test.example.com # NOTE: Currently we require that masters be part of the SDN which requires that they also be nodes # However, in order to ensure that your masters are not burdened with running pods you should -# make them unschedulable by adding openshift_scheduleable=False any node that's also a master. +# make them unschedulable by adding openshift_schedulable=False any node that's also a master. [nodes] ose3-master[1:3]-ansible.test.example.com ose3-node[1:2]-ansible.test.example.com openshift_node_labels="{'region': 'primary', 'zone': 'default'}" diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml index 538414508..1f1ada3f0 100644 --- a/playbooks/adhoc/uninstall.yml +++ b/playbooks/adhoc/uninstall.yml @@ -181,5 +181,8 @@ - name: Reload systemd manager configuration command: systemctl daemon-reload +- hosts: nodes + sudo: yes + tasks: - name: restart docker service: name=docker state=restarted diff --git a/playbooks/common/openshift-cluster/upgrades/files/versions.sh b/playbooks/common/openshift-cluster/upgrades/files/versions.sh index f90719cab..c7c966b60 100644 --- a/playbooks/common/openshift-cluster/upgrades/files/versions.sh +++ b/playbooks/common/openshift-cluster/upgrades/files/versions.sh @@ -2,9 +2,9 @@ yum_installed=$(yum list installed "$@" 2>&1 | tail -n +2 | grep -v 'Installed Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'Error:' | awk '{ print $2 }' | tr '\n' ' ') -yum_available=$(yum list available "$@" 2>&1 | tail -n +2 | grep -v 'Available Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'el7ose' | grep -v 'Error:' | awk '{ print $2 }' | tr '\n' ' ') +yum_available=$(yum list available -q "$@" 2>&1 | tail -n +2 | grep -v 'Available Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'el7ose' | grep -v 'Error:' | awk '{ print $2 }' | tr '\n' ' ') echo "---" -echo "curr_version: ${yum_installed}" +echo "curr_version: ${yum_installed}" echo "avail_version: ${yum_available}" diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml index eea147229..00ebf4ce6 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml @@ -517,24 +517,28 @@ - _default_router.rc == 0 - "'false' in _scc.stdout" command: > - {{ oc_cmd }} patch scc/privileged -p '{"allowHostPorts":true,"allowHostNetwork":true}' --loglevel=9 + {{ oc_cmd }} patch scc/privileged -p + '{"allowHostPorts":true,"allowHostNetwork":true}' --api-version=v1 - name: Update deployment config to 1.0.4/3.0.1 spec when: _default_router.rc == 0 command: > {{ oc_cmd }} patch dc/router -p '{"spec":{"strategy":{"rollingParams":{"updatePercent":-10},"spec":{"serviceAccount":"router","serviceAccountName":"router"}}}}' + --api-version=v1 - name: Switch to hostNetwork=true when: _default_router.rc == 0 command: > {{ oc_cmd }} patch dc/router -p '{"spec":{"template":{"spec":{"hostNetwork":true}}}}' + --api-version=v1 - name: Update router image to current version when: _default_router.rc == 0 command: > {{ oc_cmd }} patch dc/router -p '{"spec":{"template":{"spec":{"containers":[{"name":"router","image":"{{ router_image }}"}]}}}}' + --api-version=v1 - name: Check for default registry command: > @@ -548,3 +552,4 @@ command: > {{ oc_cmd }} patch dc/docker-registry -p '{"spec":{"template":{"spec":{"containers":[{"name":"registry","image":"{{ registry_image }}"}]}}}}' + --api-version=v1 diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 902fde956..f382494bd 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -244,6 +244,8 @@ - fail: msg: "openshift_master_session_auth_secrets and openshift_master_encryption_secrets must be equal length" when: (openshift_master_session_auth_secrets is defined and openshift_master_session_encryption_secrets is defined) and (openshift_master_session_auth_secrets | length != openshift_master_session_encryption_secrets | length) + - name: Install OpenSSL package + action: "{{ansible_pkg_mgr}} pkg=openssl state=present" - name: Generate session authentication key command: /usr/bin/openssl rand -base64 24 register: session_auth_output @@ -351,11 +353,16 @@ - role: openshift_cluster_metrics when: openshift.common.use_cluster_metrics | bool + # TODO: Setting the cluster dns ip should be pushed into openshift-facts - name: Determine cluster dns ip hosts: oo_first_master tasks: - name: Get master service ip - command: "{{ openshift.common.client_binary }} get -o template svc kubernetes --template=\\{\\{.spec.clusterIP\\}\\}" + command: > + {{ openshift.common.client_binary }} -n default + --config={{ openshift.common.config_base }}/master/admin.kubeconfig + get -o template svc kubernetes --template=\\{\\{.spec.clusterIP\\}\\} + --output-version=v1 register: master_service_ip_output when: openshift.common.version_greater_than_3_1_or_1_1 | bool - set_fact: diff --git a/roles/openshift_cluster_metrics/tasks/main.yml b/roles/openshift_cluster_metrics/tasks/main.yml index 3938aba4c..9b7735e54 100644 --- a/roles/openshift_cluster_metrics/tasks/main.yml +++ b/roles/openshift_cluster_metrics/tasks/main.yml @@ -7,7 +7,7 @@ - name: Create InfluxDB Services command: > - {{ openshift.common.client_binary }} create -f + {{ openshift.common.client_binary }} create -f /etc/openshift/cluster-metrics/influxdb.yaml register: oex_influxdb_services failed_when: "'already exists' not in oex_influxdb_services.stderr and oex_influxdb_services.rc != 0" @@ -15,14 +15,14 @@ - name: Create Heapster Service Account command: > - {{ openshift.common.client_binary }} create -f + {{ openshift.common.client_binary }} create -f /etc/openshift/cluster-metrics/heapster-serviceaccount.yaml register: oex_heapster_serviceaccount failed_when: "'already exists' not in oex_heapster_serviceaccount.stderr and oex_heapster_serviceaccount.rc != 0" changed_when: false - name: Add cluster-reader role to Heapster - command: > + command: > {{ openshift.common.admin_binary }} policy add-cluster-role-to-user cluster-reader diff --git a/roles/openshift_examples/files/examples/v1.0/infrastructure-templates/enterprise/metrics-deployer.yaml b/roles/openshift_examples/files/examples/v1.0/infrastructure-templates/enterprise/metrics-deployer.yaml index d823b2587..ddd9f2f75 100644 --- a/roles/openshift_examples/files/examples/v1.0/infrastructure-templates/enterprise/metrics-deployer.yaml +++ b/roles/openshift_examples/files/examples/v1.0/infrastructure-templates/enterprise/metrics-deployer.yaml @@ -81,11 +81,11 @@ parameters: - description: 'Specify prefix for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set prefix "openshift/origin-"' name: IMAGE_PREFIX - value: "hawkular/" + value: "registry.access.redhat.com/openshift3/" - description: 'Specify version for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set version "v1.1"' name: IMAGE_VERSION - value: "0.7.0-SNAPSHOT" + value: "3.1.0" - description: "Internal URL for the master, for authentication retrieval" name: MASTER_URL diff --git a/roles/openshift_examples/files/examples/v1.0/infrastructure-templates/origin/metrics-deployer.yaml b/roles/openshift_examples/files/examples/v1.0/infrastructure-templates/origin/metrics-deployer.yaml index d823b2587..3e9bcde5b 100644 --- a/roles/openshift_examples/files/examples/v1.0/infrastructure-templates/origin/metrics-deployer.yaml +++ b/roles/openshift_examples/files/examples/v1.0/infrastructure-templates/origin/metrics-deployer.yaml @@ -81,11 +81,11 @@ parameters: - description: 'Specify prefix for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set prefix "openshift/origin-"' name: IMAGE_PREFIX - value: "hawkular/" + value: "docker.io/openshift/origin-" - description: 'Specify version for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set version "v1.1"' name: IMAGE_VERSION - value: "0.7.0-SNAPSHOT" + value: "latest" - description: "Internal URL for the master, for authentication retrieval" name: MASTER_URL diff --git a/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/enterprise/metrics-deployer.yaml b/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/enterprise/metrics-deployer.yaml index d823b2587..ddd9f2f75 100644 --- a/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/enterprise/metrics-deployer.yaml +++ b/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/enterprise/metrics-deployer.yaml @@ -81,11 +81,11 @@ parameters: - description: 'Specify prefix for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set prefix "openshift/origin-"' name: IMAGE_PREFIX - value: "hawkular/" + value: "registry.access.redhat.com/openshift3/" - description: 'Specify version for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set version "v1.1"' name: IMAGE_VERSION - value: "0.7.0-SNAPSHOT" + value: "3.1.0" - description: "Internal URL for the master, for authentication retrieval" name: MASTER_URL diff --git a/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/origin/metrics-deployer.yaml b/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/origin/metrics-deployer.yaml index d823b2587..3e9bcde5b 100644 --- a/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/origin/metrics-deployer.yaml +++ b/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/origin/metrics-deployer.yaml @@ -81,11 +81,11 @@ parameters: - description: 'Specify prefix for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set prefix "openshift/origin-"' name: IMAGE_PREFIX - value: "hawkular/" + value: "docker.io/openshift/origin-" - description: 'Specify version for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set version "v1.1"' name: IMAGE_VERSION - value: "0.7.0-SNAPSHOT" + value: "latest" - description: "Internal URL for the master, for authentication retrieval" name: MASTER_URL diff --git a/roles/openshift_node/tasks/storage_plugins/glusterfs.yml b/roles/openshift_node/tasks/storage_plugins/glusterfs.yml index 5cd4a6041..decf4f49d 100644 --- a/roles/openshift_node/tasks/storage_plugins/glusterfs.yml +++ b/roles/openshift_node/tasks/storage_plugins/glusterfs.yml @@ -14,4 +14,4 @@ - virt_use_fusefs - virt_sandbox_use_fusefs register: sebool_result - failed_when: "'state' not in sebool_result and 'msg' in sebool_result and 'SELinux boolean item does not exist' not in sebool_result.msg" + failed_when: "'state' not in sebool_result and 'msg' in sebool_result and 'SELinux boolean {{ item }} does not exist' not in sebool_result.msg" diff --git a/roles/openshift_repos/handlers/main.yml b/roles/openshift_repos/handlers/main.yml new file mode 100644 index 000000000..26558a455 --- /dev/null +++ b/roles/openshift_repos/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: refresh package cache + command: yum clean all diff --git a/roles/openshift_repos/tasks/main.yaml b/roles/openshift_repos/tasks/main.yaml index aa696ae12..66be0cb7b 100644 --- a/roles/openshift_repos/tasks/main.yaml +++ b/roles/openshift_repos/tasks/main.yaml @@ -20,12 +20,14 @@ src: yum_repo.j2 dest: /etc/yum.repos.d/openshift_additional.repo when: openshift_additional_repos | length > 0 + notify: refresh package cache - name: Remove the additional repos if no longer defined file: dest: /etc/yum.repos.d/openshift_additional.repo state: absent when: openshift_additional_repos | length == 0 + notify: refresh package cache - name: Remove any yum repo files for other deployment types file: @@ -34,13 +36,16 @@ with_fileglob: - '*/repos/*' when: not (item | search("/files/" ~ openshift_deployment_type ~ "/repos")) + notify: refresh package cache - name: Configure gpg keys if needed copy: src={{ item }} dest=/etc/pki/rpm-gpg/ with_fileglob: - "{{ openshift_deployment_type }}/gpg_keys/*" + notify: refresh package cache - name: Configure yum repositories copy: src={{ item }} dest=/etc/yum.repos.d/ with_fileglob: - "{{ openshift_deployment_type }}/repos/*" + notify: refresh package cache diff --git a/roles/openshift_serviceaccounts/tasks/main.yml b/roles/openshift_serviceaccounts/tasks/main.yml index d93a25a21..e558a83a2 100644 --- a/roles/openshift_serviceaccounts/tasks/main.yml +++ b/roles/openshift_serviceaccounts/tasks/main.yml @@ -13,7 +13,9 @@ changed_when: "'serviceaccounts \"{{ item }}\" already exists' not in _sa_result.stderr and _sa_result.rc == 0" - name: Get current security context constraints - shell: "{{ openshift.common.client_binary }} get scc privileged -o yaml > /tmp/scc.yaml" + shell: > + {{ openshift.common.client_binary }} get scc privileged -o yaml + --output-version=v1 > /tmp/scc.yaml - name: Add security context constraint for {{ item }} lineinfile: @@ -23,4 +25,4 @@ with_items: accounts - name: Apply new scc rules for service accounts - command: "{{ openshift.common.client_binary }} update -f /tmp/scc.yaml" + command: "{{ openshift.common.client_binary }} update -f /tmp/scc.yaml --api-version=v1" diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index f8dfe2feb..ee962c21a 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -101,7 +101,7 @@ separate etcd cluster will be configured with each Master serving as a member. Any Masters configured as part of this installation process will also be configured as Nodes. This is so that the Master will be able to proxy to Pods -from the API. By default this Node will be unscheduleable but this can be changed +from the API. By default this Node will be unschedulable but this can be changed after installation with 'oadm manage-node'. OpenShift Nodes provide the runtime environments for containers. They will @@ -347,7 +347,7 @@ https://docs.openshift.org/latest/install_config/install/advanced_install.html#m if len(dedicated_nodes) == 0: message = """ WARNING: No dedicated Nodes specified. By default, colocated Masters have -their Nodes set to unscheduleable. If you proceed all nodes will be labelled +their Nodes set to unschedulable. If you proceed all nodes will be labelled as schedulable. """ if unattended: diff --git a/utils/src/ooinstall/openshift_ansible.py b/utils/src/ooinstall/openshift_ansible.py index 866590c49..c5257f1db 100644 --- a/utils/src/ooinstall/openshift_ansible.py +++ b/utils/src/ooinstall/openshift_ansible.py @@ -67,10 +67,10 @@ def generate_inventory(hosts): for node in nodes: # TODO: Until the Master can run the SDN itself we have to configure the Masters # as Nodes too. - scheduleable = None + schedulable = None if node in masters: - scheduleable = False - write_host(node, base_inventory, scheduleable) + schedulable = False + write_host(node, base_inventory, schedulable) if not getattr(proxy, 'preconfigured', True): base_inventory.write('\n[lb]\n') @@ -112,7 +112,7 @@ def write_inventory_vars(base_inventory, multiple_masters, proxy): base_inventory.write("openshift_master_cluster_public_hostname={}\n".format(proxy.public_hostname)) -def write_host(host, inventory, scheduleable=None): +def write_host(host, inventory, schedulable=None): global CFG facts = '' @@ -129,11 +129,11 @@ def write_host(host, inventory, scheduleable=None): # Distinguish between three states, no schedulability specified (use default), # explicitly set to True, or explicitly set to False: - if scheduleable is None: + if schedulable is None: pass - elif scheduleable: + elif schedulable: facts += ' openshift_schedulable=True' - elif not scheduleable: + elif not schedulable: facts += ' openshift_schedulable=False' installer_host = socket.gethostname() diff --git a/utils/test/cli_installer_tests.py b/utils/test/cli_installer_tests.py index ad76cc3e9..d028bf472 100644 --- a/utils/test/cli_installer_tests.py +++ b/utils/test/cli_installer_tests.py @@ -721,7 +721,7 @@ class AttendedCliTests(OOCliFixture): add_nodes=[('10.0.0.2', False)], ssh_user='root', variant_num=1, - scheduleable_masters_ok=True, + schedulable_masters_ok=True, confirm_facts='y') self._verify_get_hosts_to_run_on(mock_facts, load_facts_mock, |