summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--README_openstack.md12
-rw-r--r--inventory/byo/hosts.example6
-rw-r--r--playbooks/aws/openshift-cluster/tasks/launch_instances.yml13
-rw-r--r--playbooks/common/openshift-master/config.yml2
-rw-r--r--playbooks/libvirt/openshift-cluster/launch.yml8
-rw-r--r--playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml5
-rw-r--r--playbooks/openstack/openshift-cluster/files/heat_stack.yaml42
-rw-r--r--playbooks/openstack/openshift-cluster/launch.yml33
-rw-r--r--playbooks/openstack/openshift-cluster/tasks/configure_openstack.yml27
-rw-r--r--playbooks/openstack/openshift-cluster/vars.yml8
-rw-r--r--roles/openshift_cluster_metrics/README.md36
-rw-r--r--roles/openshift_cluster_metrics/files/cluster-metrics/grafana.yaml53
-rw-r--r--roles/openshift_cluster_metrics/files/cluster-metrics/heapster-serviceaccount.yaml4
-rw-r--r--roles/openshift_cluster_metrics/files/cluster-metrics/heapster.yaml30
-rw-r--r--roles/openshift_cluster_metrics/files/cluster-metrics/influxdb.yaml67
-rw-r--r--roles/openshift_cluster_metrics/tasks/main.yml50
-rw-r--r--roles/openshift_common/tasks/main.yml1
-rwxr-xr-xroles/openshift_examples/examples-sync.sh1
-rw-r--r--roles/openshift_examples/files/examples/db-templates/mongodb-ephemeral-template.json21
-rw-r--r--roles/openshift_examples/files/examples/db-templates/mongodb-persistent-template.json26
-rw-r--r--roles/openshift_examples/files/examples/db-templates/mysql-ephemeral-template.json18
-rw-r--r--roles/openshift_examples/files/examples/db-templates/mysql-persistent-template.json23
-rw-r--r--roles/openshift_examples/files/examples/db-templates/postgresql-ephemeral-template.json18
-rw-r--r--roles/openshift_examples/files/examples/db-templates/postgresql-persistent-template.json23
-rw-r--r--roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json22
-rw-r--r--roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json41
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json11
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/cakephp.json4
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json29
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/dancer.json4
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/django-postgresql.json45
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/django.json4
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json145
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json168
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json35
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/nodejs.json4
-rw-r--r--roles/openshift_examples/files/examples/quickstart-templates/rails-postgresql.json38
-rwxr-xr-xroles/openshift_facts/library/openshift_facts.py19
-rw-r--r--roles/openshift_master/templates/master.yaml.v1.j210
-rw-r--r--roles/openshift_node/defaults/main.yml4
-rw-r--r--roles/openshift_node/handlers/main.yml3
-rw-r--r--roles/openshift_node/tasks/main.yml46
-rw-r--r--roles/openshift_node/templates/node.yaml.v1.j21
-rw-r--r--roles/openshift_node/templates/partials/kubeletArguments.j25
44 files changed, 935 insertions, 230 deletions
diff --git a/README_openstack.md b/README_openstack.md
index 3076e7b08..8d8f6ef3f 100644
--- a/README_openstack.md
+++ b/README_openstack.md
@@ -25,20 +25,20 @@ Configuration
The following options can be passed via the `-o` flag of the `create` command:
-* `image_name`: Name of the image to use to spawn VMs
-* `keypair` (default to `${LOGNAME}_key`): Name of the ssh key
-* `public_key` (default to `~/.ssh/id_rsa.pub`): filename of the ssh public key
-* `master_flavor` (default to `m1.small`): The ID or name of the flavor for the master
-* `node_flavor` (default to `m1.medium`): The ID or name of the flavor for the nodes
* `infra_heat_stack` (default to `playbooks/openstack/openshift-cluster/files/heat_stack.yaml`): filename of the HEAT template to use to create the cluster infrastructure
The following options are used only by `heat_stack.yaml`. They are so used only if the `infra_heat_stack` option is left with its default value.
+* `image_name`: Name of the image to use to spawn VMs
+* `public_key` (default to `~/.ssh/id_rsa.pub`): filename of the ssh public key
+* `master_flavor` (default to `m1.small`): The ID or name of the flavor for the master
+* `node_flavor` (default to `m1.medium`): The ID or name of the flavor for the compute nodes
+* `infra_flavor` (default to `m1.small`): The ID or name of the flavor for the infrastructure nodes
* `network_prefix` (default to `openshift-ansible-<cluster_id>`): prefix prepended to all network objects (net, subnet, router, security groups)
* `dns` (default to `8.8.8.8,8.8.4.4`): comma separated list of DNS to use
* `net_cidr` (default to `192.168.<rand()>.0/24`): CIDR of the network created by `heat_stack.yaml`
* `external_net` (default to `external`): Name of the external network to connect to
-* `floating_ip_pools` (default to `external`): comma separated list of floating IP pools
+* `floating_ip_pool` (default to `external`): comma separated list of floating IP pools
* `ssh_from` (default to `0.0.0.0/0`): IPs authorized to connect to the VMs via ssh
diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example
index 0f9f2caf9..2bbc4ca1e 100644
--- a/inventory/byo/hosts.example
+++ b/inventory/byo/hosts.example
@@ -20,6 +20,9 @@ ansible_ssh_user=root
# deployment type valid values are origin, online and enterprise
deployment_type=enterprise
+# Enable cluster metrics
+#use_cluster_metrics=true
+
# Pre-release registry URL
#oreg_url=rcm-img-docker01.build.eng.bos.redhat.com:5001/openshift3/ose-${component}:${version}
@@ -38,6 +41,9 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
# Allow all auth
#openshift_master_identity_providers=[{'name': 'allow_all', 'login': 'true', 'challenge': 'true', 'kind': 'AllowAllPasswordIdentityProvider'}]
+# Configure Fluentd
+#use_fluentd=true
+
# master cluster ha variables using pacemaker or RHEL HA
#openshift_master_cluster_password=openshift_cluster
#openshift_master_cluster_vip=192.168.133.25
diff --git a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml
index 236d84e74..e9ebc3e02 100644
--- a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml
+++ b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml
@@ -147,6 +147,18 @@
tag_host-type_{{ host_type }}, tag_env-host-type_{{ env_host_type }},
tag_sub-host-type_{{ sub_host_type }}"
+- set_fact:
+ node_label:
+ region: "{{ec2_region}}"
+ type: "{{sub_host_type}}"
+ when: host_type == "node"
+
+- set_fact:
+ node_label:
+ region: "{{ec2_region}}"
+ type: "{{host_type}}"
+ when: host_type != "node"
+
- name: Add new instances groups and variables
add_host:
hostname: "{{ item.0 }}"
@@ -156,6 +168,7 @@
groups: "{{ instance_groups }}"
ec2_private_ip_address: "{{ item.1.private_ip }}"
ec2_ip_address: "{{ item.1.public_ip }}"
+ openshift_node_labels: "{{ node_label }}"
with_together:
- instances
- ec2.instances
diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml
index 904ad2dab..acf85fc04 100644
--- a/playbooks/common/openshift-master/config.yml
+++ b/playbooks/common/openshift-master/config.yml
@@ -215,6 +215,8 @@
- role: openshift_master_cluster
when: openshift_master_ha | bool
- openshift_examples
+ - role: openshift_cluster_metrics
+ when: openshift.common.use_cluster_metrics | bool
# Additional instance config for online deployments
- name: Additional instance config
diff --git a/playbooks/libvirt/openshift-cluster/launch.yml b/playbooks/libvirt/openshift-cluster/launch.yml
index 830f9d216..d3e768de5 100644
--- a/playbooks/libvirt/openshift-cluster/launch.yml
+++ b/playbooks/libvirt/openshift-cluster/launch.yml
@@ -17,6 +17,14 @@
- include: tasks/configure_libvirt.yml
+ - include: ../../common/openshift-cluster/set_etcd_launch_facts_tasks.yml
+ - include: tasks/launch_instances.yml
+ vars:
+ instances: "{{ etcd_names }}"
+ cluster: "{{ cluster_id }}"
+ type: "{{ k8s_type }}"
+ g_sub_host_type: "default"
+
- include: ../../common/openshift-cluster/set_master_launch_facts_tasks.yml
- include: tasks/launch_instances.yml
vars:
diff --git a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml
index 4cb494056..2a0c90b46 100644
--- a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml
+++ b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml
@@ -63,8 +63,9 @@
shell: 'virsh -c {{ libvirt_uri }} net-dhcp-leases openshift-ansible | egrep -c ''{{ instances | join("|") }}'''
register: nb_allocated_ips
until: nb_allocated_ips.stdout == '{{ instances | length }}'
- retries: 30
+ retries: 60
delay: 1
+ when: instances | length != 0
- name: Collect IP addresses of the VMs
shell: 'virsh -c {{ libvirt_uri }} net-dhcp-leases openshift-ansible | awk ''$6 == "{{ item }}" {gsub(/\/.*/, "", $5); print $5}'''
@@ -72,7 +73,7 @@
with_items: instances
- set_fact:
- ips: "{{ scratch_ip.results | oo_collect('stdout') }}"
+ ips: "{{ scratch_ip.results | default([]) | oo_collect('stdout') }}"
- name: Add new instances
add_host:
diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml
index d53884e0d..40e4ab22c 100644
--- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml
+++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml
@@ -9,21 +9,6 @@ parameters:
label: Cluster ID
description: Identifier of the cluster
- num_masters:
- type: number
- label: Number of masters
- description: Number of masters
-
- num_nodes:
- type: number
- label: Number of compute nodes
- description: Number of compute nodes
-
- num_infra:
- type: number
- label: Number of infrastructure nodes
- description: Number of infrastructure nodes
-
cidr:
type: string
label: CIDR
@@ -40,6 +25,12 @@ parameters:
description: Name of the external network
default: external
+ floating_ip_pool:
+ type: string
+ label: Floating IP pool
+ description: Floating IP pools
+ default: external
+
ssh_public_key:
type: string
label: SSH public key
@@ -52,6 +43,21 @@ parameters:
description: Source of legitimate ssh connections
default: 0.0.0.0/0
+ num_masters:
+ type: number
+ label: Number of masters
+ description: Number of masters
+
+ num_nodes:
+ type: number
+ label: Number of compute nodes
+ description: Number of compute nodes
+
+ num_infra:
+ type: number
+ label: Number of infrastructure nodes
+ description: Number of infrastructure nodes
+
master_image:
type: string
label: Master image
@@ -290,7 +296,7 @@ resources:
subnet: { get_resource: subnet }
secgrp:
- { get_resource: master-secgrp }
- floating_network: { get_param: external_net }
+ floating_network: { get_param: floating_ip_pool }
net_name:
str_replace:
template: openshift-ansible-cluster_id-net
@@ -322,7 +328,7 @@ resources:
subnet: { get_resource: subnet }
secgrp:
- { get_resource: node-secgrp }
- floating_network: { get_param: external_net }
+ floating_network: { get_param: floating_ip_pool }
net_name:
str_replace:
template: openshift-ansible-cluster_id-net
@@ -355,7 +361,7 @@ resources:
secgrp:
- { get_resource: node-secgrp }
- { get_resource: infra-secgrp }
- floating_network: { get_param: external_net }
+ floating_network: { get_param: floating_ip_pool }
net_name:
str_replace:
template: openshift-ansible-cluster_id-net
diff --git a/playbooks/openstack/openshift-cluster/launch.yml b/playbooks/openstack/openshift-cluster/launch.yml
index d36bdbf26..651aef40b 100644
--- a/playbooks/openstack/openshift-cluster/launch.yml
+++ b/playbooks/openstack/openshift-cluster/launch.yml
@@ -19,30 +19,21 @@
changed_when: false
failed_when: stack_show_result.rc != 0 and 'Stack not found' not in stack_show_result.stderr
- - name: Create OpenStack Stack
- command: 'heat stack-create -f {{ openstack_infra_heat_stack }}
- -P cluster_id={{ cluster_id }}
- -P dns_nameservers={{ openstack_network_dns | join(",") }}
- -P cidr={{ openstack_network_cidr }}
- -P ssh_incoming={{ openstack_ssh_access_from }}
- -P num_masters={{ num_masters }}
- -P num_nodes={{ num_nodes }}
- -P num_infra={{ num_infra }}
- -P master_image={{ deployment_vars[deployment_type].image }}
- -P node_image={{ deployment_vars[deployment_type].image }}
- -P infra_image={{ deployment_vars[deployment_type].image }}
- -P master_flavor={{ openstack_flavor["master"] }}
- -P node_flavor={{ openstack_flavor["node"] }}
- -P infra_flavor={{ openstack_flavor["infra"] }}
- -P ssh_public_key="{{ openstack_ssh_public_key }}"
- openshift-ansible-{{ cluster_id }}-stack'
+ - set_fact:
+ heat_stack_action: 'stack-create'
when: stack_show_result.rc == 1
+ - set_fact:
+ heat_stack_action: 'stack-update'
+ when: stack_show_result.rc == 0
- - name: Update OpenStack Stack
- command: 'heat stack-update -f {{ openstack_infra_heat_stack }}
+ - name: Create or Update OpenStack Stack
+ command: 'heat {{ heat_stack_action }} -f {{ openstack_infra_heat_stack }}
-P cluster_id={{ cluster_id }}
- -P dns_nameservers={{ openstack_network_dns | join(",") }}
-P cidr={{ openstack_network_cidr }}
+ -P dns_nameservers={{ openstack_network_dns | join(",") }}
+ -P external_net={{ openstack_network_external_net }}
+ -P floating_ip_pool={{ openstack_floating_ip_pool }}
+ -P ssh_public_key="{{ openstack_ssh_public_key }}"
-P ssh_incoming={{ openstack_ssh_access_from }}
-P num_masters={{ num_masters }}
-P num_nodes={{ num_nodes }}
@@ -53,9 +44,7 @@
-P master_flavor={{ openstack_flavor["master"] }}
-P node_flavor={{ openstack_flavor["node"] }}
-P infra_flavor={{ openstack_flavor["infra"] }}
- -P ssh_public_key="{{ openstack_ssh_public_key }}"
openshift-ansible-{{ cluster_id }}-stack'
- when: stack_show_result.rc == 0
- name: Wait for OpenStack Stack readiness
shell: 'heat stack-show openshift-ansible-{{ cluster_id }}-stack | awk ''$2 == "stack_status" {print $4}'''
diff --git a/playbooks/openstack/openshift-cluster/tasks/configure_openstack.yml b/playbooks/openstack/openshift-cluster/tasks/configure_openstack.yml
deleted file mode 100644
index 2cbdb4805..000000000
--- a/playbooks/openstack/openshift-cluster/tasks/configure_openstack.yml
+++ /dev/null
@@ -1,27 +0,0 @@
----
-- name: Check infra
- command: 'heat stack-show {{ openstack_network_prefix }}-stack'
- register: stack_show_result
- changed_when: false
- failed_when: stack_show_result.rc != 0 and 'Stack not found' not in stack_show_result.stderr
-
-- name: Create infra
- command: 'heat stack-create -f {{ openstack_infra_heat_stack }} -P cluster-id={{ cluster_id }} -P network-prefix={{ openstack_network_prefix }} -P dns-nameservers={{ openstack_network_dns | join(",") }} -P cidr={{ openstack_network_cidr }} -P ssh-incoming={{ openstack_ssh_access_from }} {{ openstack_network_prefix }}-stack'
- when: stack_show_result.rc == 1
-
-- name: Update infra
- command: 'heat stack-update -f {{ openstack_infra_heat_stack }} -P cluster-id={{ cluster_id }} -P network-prefix={{ openstack_network_prefix }} -P dns-nameservers={{ openstack_network_dns | join(",") }} -P cidr={{ openstack_network_cidr }} -P ssh-incoming={{ openstack_ssh_access_from }} {{ openstack_network_prefix }}-stack'
- when: stack_show_result.rc == 0
-
-- name: Wait for infra readiness
- shell: 'heat stack-show {{ openstack_network_prefix }}-stack | awk ''$2 == "stack_status" {print $4}'''
- register: stack_show_status_result
- until: stack_show_status_result.stdout not in ['CREATE_IN_PROGRESS', 'UPDATE_IN_PROGRESS']
- retries: 30
- delay: 1
- failed_when: stack_show_status_result.stdout not in ['CREATE_COMPLETE', 'UPDATE_COMPLETE']
-
-- name: Create ssh keypair
- nova_keypair:
- name: "{{ openstack_ssh_keypair }}"
- public_key: "{{ openstack_ssh_public_key }}"
diff --git a/playbooks/openstack/openshift-cluster/vars.yml b/playbooks/openstack/openshift-cluster/vars.yml
index 43e25f2e6..262d3f4ed 100644
--- a/playbooks/openstack/openshift-cluster/vars.yml
+++ b/playbooks/openstack/openshift-cluster/vars.yml
@@ -1,18 +1,14 @@
---
openstack_infra_heat_stack: "{{ lookup('oo_option', 'infra_heat_stack' ) |
default('files/heat_stack.yaml', True) }}"
-openstack_network_prefix: "{{ lookup('oo_option', 'network_prefix' ) |
- default('openshift-ansible-'+cluster_id, True) }}"
openstack_network_cidr: "{{ lookup('oo_option', 'net_cidr' ) |
default('192.168.' + ( ( 1048576 | random % 256 ) | string() ) + '.0/24', True) }}"
openstack_network_external_net: "{{ lookup('oo_option', 'external_net' ) |
default('external', True) }}"
-openstack_floating_ip_pools: "{{ lookup('oo_option', 'floating_ip_pools') |
- default('external', True) | oo_split() }}"
+openstack_floating_ip_pool: "{{ lookup('oo_option', 'floating_ip_pool' ) |
+ default('external', True) }}"
openstack_network_dns: "{{ lookup('oo_option', 'dns' ) |
default('8.8.8.8,8.8.4.4', True) | oo_split() }}"
-openstack_ssh_keypair: "{{ lookup('oo_option', 'keypair' ) |
- default(lookup('env', 'LOGNAME')+'_key', True) }}"
openstack_ssh_public_key: "{{ lookup('file', lookup('oo_option', 'public_key') |
default('~/.ssh/id_rsa.pub', True)) }}"
openstack_ssh_access_from: "{{ lookup('oo_option', 'ssh_from') |
diff --git a/roles/openshift_cluster_metrics/README.md b/roles/openshift_cluster_metrics/README.md
new file mode 100644
index 000000000..9fdfab8e3
--- /dev/null
+++ b/roles/openshift_cluster_metrics/README.md
@@ -0,0 +1,36 @@
+#openshift_cluster_metrics
+
+This role configures Cluster wide metrics. It does setting up three services:
+* Metrics are stored in InfluxDB for querying.
+* Heapster reads all nodes and pods from the master, then connects to eachs node's kubelet to retrieve pod metrics.
+* Grafan allows users to create dashboards of metrics from InfluxDB
+
+## Requirements
+
+Running OpenShift cluster
+
+## Role Variables
+
+```
+# Enable cluster metrics
+use_cluster_metrics=true
+```
+
+## Dependencies
+
+None
+
+## Example Playbook
+
+TODO
+
+## Security Note
+Opening up the read-only port exposes information about the running pods (such as namespace, pod name, labels, etc.) to unauthenticated clients. The requirement to open up this read-only port will be fixed in future versions.
+
+##License
+
+Apache License, Version 2.0
+
+## Author Information
+
+Diego Castro (diego.castro@getupcloud.com)
diff --git a/roles/openshift_cluster_metrics/files/cluster-metrics/grafana.yaml b/roles/openshift_cluster_metrics/files/cluster-metrics/grafana.yaml
new file mode 100644
index 000000000..bff422efc
--- /dev/null
+++ b/roles/openshift_cluster_metrics/files/cluster-metrics/grafana.yaml
@@ -0,0 +1,53 @@
+apiVersion: "v1"
+kind: "List"
+items:
+ -
+ apiVersion: "v1"
+ kind: "Service"
+ metadata:
+ labels:
+ provider: "fabric8"
+ component: "grafana"
+ name: "grafana"
+ spec:
+ ports:
+ -
+ port: 80
+ targetPort: "http"
+ selector:
+ provider: "fabric8"
+ component: "grafana"
+ -
+ apiVersion: "v1"
+ kind: "ReplicationController"
+ metadata:
+ labels:
+ provider: "fabric8"
+ component: "grafana"
+ name: "grafana"
+ spec:
+ replicas: 1
+ selector:
+ provider: "fabric8"
+ component: "grafana"
+ template:
+ metadata:
+ labels:
+ provider: "fabric8"
+ component: "grafana"
+ spec:
+ containers:
+ -
+ env:
+ -
+ name: "INFLUXDB_SERVICE_NAME"
+ value: "INFLUXDB_MONITORING"
+ -
+ name: "GRAFANA_DEFAULT_DASHBOARD"
+ value: "/dashboard/file/kubernetes.json"
+ image: "fabric8/grafana:1.9.1_2"
+ name: "grafana"
+ ports:
+ -
+ containerPort: 3000
+ name: "http" \ No newline at end of file
diff --git a/roles/openshift_cluster_metrics/files/cluster-metrics/heapster-serviceaccount.yaml b/roles/openshift_cluster_metrics/files/cluster-metrics/heapster-serviceaccount.yaml
new file mode 100644
index 000000000..1de2ad699
--- /dev/null
+++ b/roles/openshift_cluster_metrics/files/cluster-metrics/heapster-serviceaccount.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: heapster \ No newline at end of file
diff --git a/roles/openshift_cluster_metrics/files/cluster-metrics/heapster.yaml b/roles/openshift_cluster_metrics/files/cluster-metrics/heapster.yaml
new file mode 100644
index 000000000..83e314074
--- /dev/null
+++ b/roles/openshift_cluster_metrics/files/cluster-metrics/heapster.yaml
@@ -0,0 +1,30 @@
+apiVersion: "v1"
+kind: "List"
+items:
+ -
+ apiVersion: "v1"
+ kind: "ReplicationController"
+ metadata:
+ labels:
+ provider: "fabric8"
+ component: "heapster"
+ name: "heapster"
+ spec:
+ replicas: 1
+ selector:
+ provider: "fabric8"
+ component: "heapster"
+ template:
+ metadata:
+ labels:
+ provider: "fabric8"
+ component: "heapster"
+ spec:
+ containers:
+ -
+ args:
+ - "-source=kubernetes:https://kubernetes.default.svc.cluster.local?auth=&insecure=true&useServiceAccount=true"
+ - "-sink=influxdb:http://influxdb-monitoring.default.svc.cluster.local:8086"
+ image: "kubernetes/heapster:V0.14.2"
+ name: "heapster"
+ serviceAccount: "heapster" \ No newline at end of file
diff --git a/roles/openshift_cluster_metrics/files/cluster-metrics/influxdb.yaml b/roles/openshift_cluster_metrics/files/cluster-metrics/influxdb.yaml
new file mode 100644
index 000000000..6f67c3d7c
--- /dev/null
+++ b/roles/openshift_cluster_metrics/files/cluster-metrics/influxdb.yaml
@@ -0,0 +1,67 @@
+apiVersion: "v1"
+kind: "List"
+items:
+ -
+ apiVersion: "v1"
+ kind: "Service"
+ metadata:
+ labels:
+ provider: "fabric8"
+ component: "influxdb-monitoring"
+ name: "influxdb-monitoring"
+ spec:
+ ports:
+ -
+ port: 8086
+ targetPort: "http"
+ selector:
+ provider: "fabric8"
+ component: "influxdb-monitoring"
+ -
+ apiVersion: "v1"
+ kind: "ReplicationController"
+ metadata:
+ labels:
+ provider: "fabric8"
+ component: "influxdb-monitoring"
+ name: "influxdb-monitoring"
+ spec:
+ replicas: 1
+ selector:
+ provider: "fabric8"
+ component: "influxdb-monitoring"
+ template:
+ metadata:
+ labels:
+ provider: "fabric8"
+ component: "influxdb-monitoring"
+ spec:
+ containers:
+ -
+ env:
+ -
+ name: "PRE_CREATE_DB"
+ value: "k8s;grafana"
+ image: "fabric8/influxdb:0.8.8"
+ name: "influxdb"
+ ports:
+ -
+ containerPort: 8090
+ name: "raft"
+ -
+ containerPort: 8099
+ name: "protobuf"
+ -
+ containerPort: 8083
+ name: "admin"
+ -
+ containerPort: 8086
+ name: "http"
+ volumeMounts:
+ -
+ mountPath: "/data"
+ name: "influxdb-data"
+ volumes:
+ -
+ emptyDir:
+ name: "influxdb-data" \ No newline at end of file
diff --git a/roles/openshift_cluster_metrics/tasks/main.yml b/roles/openshift_cluster_metrics/tasks/main.yml
new file mode 100644
index 000000000..3938aba4c
--- /dev/null
+++ b/roles/openshift_cluster_metrics/tasks/main.yml
@@ -0,0 +1,50 @@
+---
+
+- name: Install cluster metrics templates
+ copy:
+ src: cluster-metrics
+ dest: /etc/openshift/
+
+- name: Create InfluxDB Services
+ command: >
+ {{ openshift.common.client_binary }} create -f
+ /etc/openshift/cluster-metrics/influxdb.yaml
+ register: oex_influxdb_services
+ failed_when: "'already exists' not in oex_influxdb_services.stderr and oex_influxdb_services.rc != 0"
+ changed_when: false
+
+- name: Create Heapster Service Account
+ command: >
+ {{ openshift.common.client_binary }} create -f
+ /etc/openshift/cluster-metrics/heapster-serviceaccount.yaml
+ register: oex_heapster_serviceaccount
+ failed_when: "'already exists' not in oex_heapster_serviceaccount.stderr and oex_heapster_serviceaccount.rc != 0"
+ changed_when: false
+
+- name: Add cluster-reader role to Heapster
+ command: >
+ {{ openshift.common.admin_binary }} policy
+ add-cluster-role-to-user
+ cluster-reader
+ system:serviceaccount:default:heapster
+ register: oex_cluster_header_role
+ register: oex_cluster_header_role
+ failed_when: "'already exists' not in oex_cluster_header_role.stderr and oex_cluster_header_role.rc != 0"
+ changed_when: false
+
+- name: Create Heapster Services
+ command: >
+ {{ openshift.common.client_binary }} create -f
+ /etc/openshift/cluster-metrics/heapster.yaml
+ register: oex_heapster_services
+ failed_when: "'already exists' not in oex_heapster_services.stderr and oex_heapster_services.rc != 0"
+ changed_when: false
+
+- name: Create Grafana Services
+ command: >
+ {{ openshift.common.client_binary }} create -f
+ /etc/openshift/cluster-metrics/grafana.yaml
+ register: oex_grafana_services
+ failed_when: "'already exists' not in oex_grafana_services.stderr and oex_grafana_services.rc != 0"
+ changed_when: false
+
diff --git a/roles/openshift_common/tasks/main.yml b/roles/openshift_common/tasks/main.yml
index 09cc4aaf7..d9f2dafab 100644
--- a/roles/openshift_common/tasks/main.yml
+++ b/roles/openshift_common/tasks/main.yml
@@ -12,6 +12,7 @@
use_openshift_sdn: "{{ openshift_use_openshift_sdn | default(None) }}"
sdn_network_plugin_name: "{{ os_sdn_network_plugin_name | default(None) }}"
deployment_type: "{{ openshift_deployment_type }}"
+ use_fluentd: "{{ openshift_use_fluentd | default(None) }}"
- name: Set hostname
hostname: name={{ openshift.common.hostname }}
diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh
index 12d3bc263..3047a3add 100755
--- a/roles/openshift_examples/examples-sync.sh
+++ b/roles/openshift_examples/examples-sync.sh
@@ -24,6 +24,7 @@ unzip dancer-ex-master.zip
unzip cakephp-ex-master.zip
unzip application-templates-master.zip
cp origin-master/examples/db-templates/* ${EXAMPLES_BASE}/db-templates/
+cp origin-master/examples/jenkins/jenkins-*template.json ${EXAMPLES_BASE}/quickstart-templates/
cp origin-master/examples/image-streams/* ${EXAMPLES_BASE}/image-streams/
cp django-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/
cp rails-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/
diff --git a/roles/openshift_examples/files/examples/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/db-templates/mongodb-ephemeral-template.json
index 6252da2ec..6b90fa54e 100644
--- a/roles/openshift_examples/files/examples/db-templates/mongodb-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/db-templates/mongodb-ephemeral-template.json
@@ -1,6 +1,6 @@
{
"kind": "Template",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "mongodb-ephemeral",
"creationTimestamp": null,
@@ -13,7 +13,7 @@
"objects": [
{
"kind": "Service",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -41,7 +41,7 @@
},
{
"kind": "DeploymentConfig",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -147,30 +147,35 @@
{
"name": "DATABASE_SERVICE_NAME",
"description": "Database service name",
- "value": "mongodb"
+ "value": "mongodb",
+ "required": true
},
{
"name": "MONGODB_USER",
"description": "Username for MongoDB user that will be used for accessing the database",
"generate": "expression",
- "from": "user[A-Z0-9]{3}"
+ "from": "user[A-Z0-9]{3}",
+ "required": true
},
{
"name": "MONGODB_PASSWORD",
"description": "Password for the MongoDB user",
"generate": "expression",
- "from": "[a-zA-Z0-9]{16}"
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
},
{
"name": "MONGODB_DATABASE",
"description": "Database name",
- "value": "sampledb"
+ "value": "sampledb",
+ "required": true
},
{
"name": "MONGODB_ADMIN_PASSWORD",
"description": "Password for the database admin user",
"generate": "expression",
- "from": "[a-zA-Z0-9]{16}"
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
}
],
"labels": {
diff --git a/roles/openshift_examples/files/examples/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/db-templates/mongodb-persistent-template.json
index c05e81e56..97b315600 100644
--- a/roles/openshift_examples/files/examples/db-templates/mongodb-persistent-template.json
+++ b/roles/openshift_examples/files/examples/db-templates/mongodb-persistent-template.json
@@ -1,6 +1,6 @@
{
"kind": "Template",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "mongodb-persistent",
"creationTimestamp": null,
@@ -13,7 +13,7 @@
"objects": [
{
"kind": "Service",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -41,7 +41,7 @@
},
{
"kind": "PersistentVolumeClaim",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}"
},
@@ -58,7 +58,7 @@
},
{
"kind": "DeploymentConfig",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -164,35 +164,41 @@
{
"name": "DATABASE_SERVICE_NAME",
"description": "Database service name",
- "value": "mongodb"
+ "value": "mongodb",
+ "required": true
},
{
"name": "MONGODB_USER",
"description": "Username for MongoDB user that will be used for accessing the database",
"generate": "expression",
- "from": "user[A-Z0-9]{3}"
+ "from": "user[A-Z0-9]{3}",
+ "required": true
},
{
"name": "MONGODB_PASSWORD",
"description": "Password for the MongoDB user",
"generate": "expression",
- "from": "[a-zA-Z0-9]{16}"
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
},
{
"name": "MONGODB_DATABASE",
"description": "Database name",
- "value": "sampledb"
+ "value": "sampledb",
+ "required": true
},
{
"name": "MONGODB_ADMIN_PASSWORD",
"description": "Password for the database admin user",
"generate": "expression",
- "from": "[a-zA-Z0-9]{16}"
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
},
{
"name": "VOLUME_CAPACITY",
"description": "Volume space available for data, e.g. 512Mi, 2Gi",
- "value": "512Mi"
+ "value": "512Mi",
+ "required": true
}
],
"labels": {
diff --git a/roles/openshift_examples/files/examples/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/db-templates/mysql-ephemeral-template.json
index 697a4ad68..b384a5992 100644
--- a/roles/openshift_examples/files/examples/db-templates/mysql-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/db-templates/mysql-ephemeral-template.json
@@ -1,6 +1,6 @@
{
"kind": "Template",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "mysql-ephemeral",
"creationTimestamp": null,
@@ -13,7 +13,7 @@
"objects": [
{
"kind": "Service",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -41,7 +41,7 @@
},
{
"kind": "DeploymentConfig",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -143,24 +143,28 @@
{
"name": "DATABASE_SERVICE_NAME",
"description": "Database service name",
- "value": "mysql"
+ "value": "mysql",
+ "required": true
},
{
"name": "MYSQL_USER",
"description": "Username for MySQL user that will be used for accessing the database",
"generate": "expression",
- "from": "user[A-Z0-9]{3}"
+ "from": "user[A-Z0-9]{3}",
+ "required": true
},
{
"name": "MYSQL_PASSWORD",
"description": "Password for the MySQL user",
"generate": "expression",
- "from": "[a-zA-Z0-9]{16}"
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
},
{
"name": "MYSQL_DATABASE",
"description": "Database name",
- "value": "sampledb"
+ "value": "sampledb",
+ "required": true
}
],
"labels": {
diff --git a/roles/openshift_examples/files/examples/db-templates/mysql-persistent-template.json b/roles/openshift_examples/files/examples/db-templates/mysql-persistent-template.json
index 33e1cebb1..6e19f48f5 100644
--- a/roles/openshift_examples/files/examples/db-templates/mysql-persistent-template.json
+++ b/roles/openshift_examples/files/examples/db-templates/mysql-persistent-template.json
@@ -1,6 +1,6 @@
{
"kind": "Template",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "mysql-persistent",
"creationTimestamp": null,
@@ -13,7 +13,7 @@
"objects": [
{
"kind": "Service",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -41,7 +41,7 @@
},
{
"kind": "PersistentVolumeClaim",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}"
},
@@ -58,7 +58,7 @@
},
{
"kind": "DeploymentConfig",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -160,29 +160,34 @@
{
"name": "DATABASE_SERVICE_NAME",
"description": "Database service name",
- "value": "mysql"
+ "value": "mysql",
+ "required": true
},
{
"name": "MYSQL_USER",
"description": "Username for MySQL user that will be used for accessing the database",
"generate": "expression",
- "from": "user[A-Z0-9]{3}"
+ "from": "user[A-Z0-9]{3}",
+ "required": true
},
{
"name": "MYSQL_PASSWORD",
"description": "Password for the MySQL user",
"generate": "expression",
- "from": "[a-zA-Z0-9]{16}"
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
},
{
"name": "MYSQL_DATABASE",
"description": "Database name",
- "value": "sampledb"
+ "value": "sampledb",
+ "required": true
},
{
"name": "VOLUME_CAPACITY",
"description": "Volume space available for data, e.g. 512Mi, 2Gi",
- "value": "512Mi"
+ "value": "512Mi",
+ "required": true
}
],
"labels": {
diff --git a/roles/openshift_examples/files/examples/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/db-templates/postgresql-ephemeral-template.json
index faf626475..60d6b8519 100644
--- a/roles/openshift_examples/files/examples/db-templates/postgresql-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/db-templates/postgresql-ephemeral-template.json
@@ -1,6 +1,6 @@
{
"kind": "Template",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "postgresql-ephemeral",
"creationTimestamp": null,
@@ -13,7 +13,7 @@
"objects": [
{
"kind": "Service",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -41,7 +41,7 @@
},
{
"kind": "DeploymentConfig",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -143,24 +143,28 @@
{
"name": "DATABASE_SERVICE_NAME",
"description": "Database service name",
- "value": "postgresql"
+ "value": "postgresql",
+ "required": true
},
{
"name": "POSTGRESQL_USER",
"description": "Username for PostgreSQL user that will be used for accessing the database",
"generate": "expression",
- "from": "user[A-Z0-9]{3}"
+ "from": "user[A-Z0-9]{3}",
+ "required": true
},
{
"name": "POSTGRESQL_PASSWORD",
"description": "Password for the PostgreSQL user",
"generate": "expression",
- "from": "[a-zA-Z0-9]{16}"
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
},
{
"name": "POSTGRESQL_DATABASE",
"description": "Database name",
- "value": "sampledb"
+ "value": "sampledb",
+ "required": true
}
],
"labels": {
diff --git a/roles/openshift_examples/files/examples/db-templates/postgresql-persistent-template.json b/roles/openshift_examples/files/examples/db-templates/postgresql-persistent-template.json
index 398e288bf..91cd7453e 100644
--- a/roles/openshift_examples/files/examples/db-templates/postgresql-persistent-template.json
+++ b/roles/openshift_examples/files/examples/db-templates/postgresql-persistent-template.json
@@ -1,6 +1,6 @@
{
"kind": "Template",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "postgresql-persistent",
"creationTimestamp": null,
@@ -13,7 +13,7 @@
"objects": [
{
"kind": "Service",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -41,7 +41,7 @@
},
{
"kind": "PersistentVolumeClaim",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}"
},
@@ -58,7 +58,7 @@
},
{
"kind": "DeploymentConfig",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"creationTimestamp": null
@@ -160,29 +160,34 @@
{
"name": "DATABASE_SERVICE_NAME",
"description": "Database service name",
- "value": "postgresql"
+ "value": "postgresql",
+ "required": true
},
{
"name": "POSTGRESQL_USER",
"description": "Username for PostgreSQL user that will be used for accessing the database",
"generate": "expression",
- "from": "user[A-Z0-9]{3}"
+ "from": "user[A-Z0-9]{3}",
+ "required": true
},
{
"name": "POSTGRESQL_PASSWORD",
"description": "Password for the PostgreSQL user",
"generate": "expression",
- "from": "[a-zA-Z0-9]{16}"
+ "from": "[a-zA-Z0-9]{16}",
+ "required": true
},
{
"name": "POSTGRESQL_DATABASE",
"description": "Database name",
- "value": "sampledb"
+ "value": "sampledb",
+ "required": true
},
{
"name": "VOLUME_CAPACITY",
"description": "Volume space available for data, e.g. 512Mi, 2Gi",
- "value": "512Mi"
+ "value": "512Mi",
+ "required": true
}
],
"labels": {
diff --git a/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json
index 459b841c1..03affbddf 100644
--- a/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json
+++ b/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json
@@ -1,11 +1,11 @@
{
"kind": "ImageStreamList",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {},
"items": [
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "ruby",
"creationTimestamp": null
@@ -35,7 +35,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "nodejs",
"creationTimestamp": null
@@ -65,7 +65,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "perl",
"creationTimestamp": null
@@ -95,7 +95,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "php",
"creationTimestamp": null
@@ -125,7 +125,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "python",
"creationTimestamp": null
@@ -155,7 +155,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "wildfly",
"creationTimestamp": null
@@ -185,7 +185,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "mysql",
"creationTimestamp": null
@@ -208,7 +208,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "postgresql",
"creationTimestamp": null
@@ -231,7 +231,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "mongodb",
"creationTimestamp": null
@@ -254,7 +254,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "jenkins",
"creationTimestamp": null
diff --git a/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json
index a5d2e9d9f..0bd885af3 100644
--- a/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json
+++ b/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json
@@ -1,11 +1,11 @@
{
"kind": "ImageStreamList",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {},
"items": [
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "ruby",
"creationTimestamp": null
@@ -35,7 +35,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "nodejs",
"creationTimestamp": null
@@ -65,7 +65,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "perl",
"creationTimestamp": null
@@ -95,7 +95,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "php",
"creationTimestamp": null
@@ -125,7 +125,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "python",
"creationTimestamp": null
@@ -155,7 +155,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "mysql",
"creationTimestamp": null
@@ -178,7 +178,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "postgresql",
"creationTimestamp": null
@@ -201,7 +201,7 @@
},
{
"kind": "ImageStream",
- "apiVersion": "v1beta3",
+ "apiVersion": "v1",
"metadata": {
"name": "mongodb",
"creationTimestamp": null
@@ -221,6 +221,29 @@
}
]
}
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins",
+ "creationTimestamp": null
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/openshift3/jenkins-16-rhel7",
+ "tags": [
+ {
+ "name": "latest"
+ },
+ {
+ "name": "1.6",
+ "from": {
+ "Kind": "ImageStreamTag",
+ "Name": "latest"
+ }
+ }
+ ]
+ }
}
]
}
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json
index b722a05ae..deac2010f 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json
@@ -264,7 +264,7 @@
"containers": [
{
"name": "mysql",
- "image": "openshift/mysql-55-centos7",
+ "image": "${MYSQL_IMAGE}",
"ports": [
{
"containerPort": 3306
@@ -307,8 +307,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the CakePHP service",
- "value": "cakephp-mysql-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the CakePHP service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
@@ -343,6 +343,11 @@
"from": "[a-zA-Z0-9]{16}"
},
{
+ "name": "MYSQL_IMAGE",
+ "description": "Image to use for mysql",
+ "value": "openshift/mysql-55-centos7"
+ },
+ {
"name": "CAKEPHP_SECRET_TOKEN",
"description": "Set this to a long random string",
"generate": "expression",
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/cakephp.json b/roles/openshift_examples/files/examples/quickstart-templates/cakephp.json
index 532b9bd2b..ec556ea13 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/cakephp.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/cakephp.json
@@ -215,8 +215,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the CakePHP service",
- "value": "cakephp-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the CakePHP service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json
index b46abfbb5..2cbcc0889 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json
@@ -162,15 +162,15 @@
},
{
"name": "MYSQL_USER",
- "value": "${MYSQL_USER}"
+ "value": "${DATABASE_USER}"
},
{
"name": "MYSQL_PASSWORD",
- "value": "${MYSQL_PASSWORD}"
+ "value": "${DATABASE_PASSWORD}"
},
{
"name": "MYSQL_DATABASE",
- "value": "${MYSQL_DATABASE}"
+ "value": "${DATABASE_NAME}"
},
{
"name": "SECRET_KEY_BASE",
@@ -238,7 +238,7 @@
"containers": [
{
"name": "mysql",
- "image": "openshift/mysql-55-centos7",
+ "image": "${MYSQL_IMAGE}",
"ports": [
{
"containerPort": 3306
@@ -247,15 +247,15 @@
"env": [
{
"name": "MYSQL_USER",
- "value": "${MYSQL_USER}"
+ "value": "${DATABASE_USER}"
},
{
"name": "MYSQL_PASSWORD",
- "value": "${MYSQL_PASSWORD}"
+ "value": "${DATABASE_PASSWORD}"
},
{
"name": "MYSQL_DATABASE",
- "value": "${MYSQL_DATABASE}"
+ "value": "${DATABASE_NAME}"
}
]
}
@@ -281,8 +281,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the Dancer service",
- "value": "dancer-mysql-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the Dancer service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
@@ -308,23 +308,28 @@
"value": "database"
},
{
- "name": "MYSQL_USER",
+ "name": "DATABASE_USER",
"description": "database username",
"generate": "expression",
"from": "user[A-Z0-9]{3}"
},
{
- "name": "MYSQL_PASSWORD",
+ "name": "DATABASE_PASSWORD",
"description": "database password",
"generate": "expression",
"from": "[a-zA-Z0-9]{8}"
},
{
- "name": "MYSQL_DATABASE",
+ "name": "DATABASE_NAME",
"description": "database name",
"value": "sampledb"
},
{
+ "name": "MYSQL_IMAGE",
+ "description": "Image to use for mysql",
+ "value": "openshift/mysql-55-centos7"
+ },
+ {
"name": "SECRET_KEY_BASE",
"description": "Your secret key for verifying the integrity of signed cookies",
"generate": "expression",
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/dancer.json b/roles/openshift_examples/files/examples/quickstart-templates/dancer.json
index 6f49a7d64..43271dfc5 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/dancer.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/dancer.json
@@ -181,8 +181,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the Dancer service",
- "value": "dancer-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the Dancer service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/quickstart-templates/django-postgresql.json
index 64522ce76..749064e98 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/django-postgresql.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/django-postgresql.json
@@ -2,7 +2,7 @@
"kind": "Template",
"apiVersion": "v1",
"metadata": {
- "name": "django-postgresql-example",
+ "name": "django-psql-example",
"annotations": {
"description": "An example Django application with a PostgreSQL database",
"tags": "instant-app,python,django,postgresql",
@@ -10,14 +10,14 @@
}
},
"labels": {
- "template": "django-postgresql-example"
+ "template": "django-psql-example"
},
"objects": [
{
"kind": "Service",
"apiVersion": "v1",
"metadata": {
- "name": "django-postgresql-example",
+ "name": "django-psql-example",
"annotations": {
"description": "Exposes and load balances the application pods"
}
@@ -31,7 +31,7 @@
}
],
"selector": {
- "name": "django-postgresql-example"
+ "name": "django-psql-example"
}
}
},
@@ -39,13 +39,13 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "django-postgresql-example"
+ "name": "django-psql-example"
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
"to": {
"kind": "Service",
- "name": "django-postgresql-example"
+ "name": "django-psql-example"
}
}
},
@@ -53,7 +53,7 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "django-postgresql-example",
+ "name": "django-psql-example",
"annotations": {
"description": "Keeps track of changes in the application image"
}
@@ -63,7 +63,7 @@
"kind": "BuildConfig",
"apiVersion": "v1",
"metadata": {
- "name": "django-postgresql-example",
+ "name": "django-psql-example",
"annotations": {
"description": "Defines how to build the application"
}
@@ -90,7 +90,7 @@
"output": {
"to": {
"kind": "ImageStreamTag",
- "name": "django-postgresql-example:latest"
+ "name": "django-psql-example:latest"
}
},
"triggers": [
@@ -110,7 +110,7 @@
"kind": "DeploymentConfig",
"apiVersion": "v1",
"metadata": {
- "name": "django-postgresql-example",
+ "name": "django-psql-example",
"annotations": {
"description": "Defines how to deploy the application server"
}
@@ -125,11 +125,11 @@
"imageChangeParams": {
"automatic": true,
"containerNames": [
- "django-postgresql-example"
+ "django-psql-example"
],
"from": {
"kind": "ImageStreamTag",
- "name": "django-postgresql-example:latest"
+ "name": "django-psql-example:latest"
}
}
},
@@ -139,20 +139,20 @@
],
"replicas": 1,
"selector": {
- "name": "django-postgresql-example"
+ "name": "django-psql-example"
},
"template": {
"metadata": {
- "name": "django-postgresql-example",
+ "name": "django-psql-example",
"labels": {
- "name": "django-postgresql-example"
+ "name": "django-psql-example"
}
},
"spec": {
"containers": [
{
- "name": "django-postgresql-example",
- "image": "django-postgresql-example",
+ "name": "django-psql-example",
+ "image": "django-psql-example",
"ports": [
{
"containerPort": 8080
@@ -249,7 +249,7 @@
"containers": [
{
"name": "postgresql",
- "image": "openshift/postgresql-92-centos7",
+ "image": "${POSTGRESQL_IMAGE}",
"ports": [
{
"containerPort": 5432
@@ -292,8 +292,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the Django service",
- "value": "django-postgresql-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the Django service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
@@ -328,6 +328,11 @@
"from": "[a-zA-Z0-9]{16}"
},
{
+ "name": "POSTGRESQL_IMAGE",
+ "description": "Image to use for postgresql",
+ "value": "openshift/postgresql-92-centos7"
+ },
+ {
"name": "APP_CONFIG",
"description": "Relative path to Gunicorn configuration file (optional)"
},
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/django.json b/roles/openshift_examples/files/examples/quickstart-templates/django.json
index 1794d196c..143a942ab 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/django.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/django.json
@@ -211,8 +211,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the Django service",
- "value": "django-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the Django service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json
new file mode 100644
index 000000000..da08ffbd5
--- /dev/null
+++ b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-ephemeral-template.json
@@ -0,0 +1,145 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins-ephemeral",
+ "creationTimestamp": null,
+ "annotations": {
+ "description": "Jenkins service, without persistent storage. WARNING: Any data stored will be lost upon pod destruction. Only use this template for testing",
+ "iconClass": "icon-jenkins",
+ "tags": "database,jenkins"
+ }
+ },
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "creationTimestamp": null
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "protocol": "TCP",
+ "port": 8080,
+ "targetPort": 8080,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "portalIP": "",
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins",
+ "creationTimestamp": null
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "tls": {
+ "termination": "edge",
+ "certificate": "-----BEGIN CERTIFICATE-----\nMIIDIjCCAgqgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx\nCzAJBgNVBAgMAlNDMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0Rl\nZmF1bHQgQ29tcGFueSBMdGQxEDAOBgNVBAsMB1Rlc3QgQ0ExGjAYBgNVBAMMEXd3\ndy5leGFtcGxlY2EuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFtcGxlQGV4YW1wbGUu\nY29tMB4XDTE1MDExMjE0MTk0MVoXDTE2MDExMjE0MTk0MVowfDEYMBYGA1UEAwwP\nd3d3LmV4YW1wbGUuY29tMQswCQYDVQQIDAJTQzELMAkGA1UEBhMCVVMxIjAgBgkq\nhkiG9w0BCQEWE2V4YW1wbGVAZXhhbXBsZS5jb20xEDAOBgNVBAoMB0V4YW1wbGUx\nEDAOBgNVBAsMB0V4YW1wbGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMrv\ngu6ZTTefNN7jjiZbS/xvQjyXjYMN7oVXv76jbX8gjMOmg9m0xoVZZFAE4XyQDuCm\n47VRx5Qrf/YLXmB2VtCFvB0AhXr5zSeWzPwaAPrjA4ebG+LUo24ziS8KqNxrFs1M\nmNrQUgZyQC6XIe1JHXc9t+JlL5UZyZQC1IfaJulDAgMBAAGjDTALMAkGA1UdEwQC\nMAAwDQYJKoZIhvcNAQEFBQADggEBAFCi7ZlkMnESvzlZCvv82Pq6S46AAOTPXdFd\nTMvrh12E1sdVALF1P1oYFJzG1EiZ5ezOx88fEDTW+Lxb9anw5/KJzwtWcfsupf1m\nV7J0D3qKzw5C1wjzYHh9/Pz7B1D0KthQRATQCfNf8s6bbFLaw/dmiIUhHLtIH5Qc\nyfrejTZbOSP77z8NOWir+BWWgIDDB2//3AkDIQvT20vmkZRhkqSdT7et4NmXOX/j\njhPti4b2Fie0LeuvgaOdKjCpQQNrYthZHXeVlOLRhMTSk3qUczenkKTOhvP7IS9q\n+Dzv5hqgSfvMG392KWh5f8xXfJNs4W5KLbZyl901MeReiLrPH3w=\n-----END CERTIFICATE-----",
+ "key": "-----BEGIN PRIVATE KEY-----\nMIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAMrvgu6ZTTefNN7j\njiZbS/xvQjyXjYMN7oVXv76jbX8gjMOmg9m0xoVZZFAE4XyQDuCm47VRx5Qrf/YL\nXmB2VtCFvB0AhXr5zSeWzPwaAPrjA4ebG+LUo24ziS8KqNxrFs1MmNrQUgZyQC6X\nIe1JHXc9t+JlL5UZyZQC1IfaJulDAgMBAAECgYEAnxOjEj/vrLNLMZE1Q9H7PZVF\nWdP/JQVNvQ7tCpZ3ZdjxHwkvf//aQnuxS5yX2Rnf37BS/TZu+TIkK4373CfHomSx\nUTAn2FsLmOJljupgGcoeLx5K5nu7B7rY5L1NHvdpxZ4YjeISrRtEPvRakllENU5y\ngJE8c2eQOx08ZSRE4TkCQQD7dws2/FldqwdjJucYijsJVuUdoTqxP8gWL6bB251q\nelP2/a6W2elqOcWId28560jG9ZS3cuKvnmu/4LG88vZFAkEAzphrH3673oTsHN+d\nuBd5uyrlnGjWjuiMKv2TPITZcWBjB8nJDSvLneHF59MYwejNNEof2tRjgFSdImFH\nmi995wJBAMtPjW6wiqRz0i41VuT9ZgwACJBzOdvzQJfHgSD9qgFb1CU/J/hpSRIM\nkYvrXK9MbvQFvG6x4VuyT1W8mpe1LK0CQAo8VPpffhFdRpF7psXLK/XQ/0VLkG3O\nKburipLyBg/u9ZkaL0Ley5zL5dFBjTV2Qkx367Ic2b0u9AYTCcgi2DsCQQD3zZ7B\nv7BOm7MkylKokY2MduFFXU0Bxg6pfZ7q3rvg8gqhUFbaMStPRYg6myiDiW/JfLhF\nTcFT4touIo7oriFJ\n-----END PRIVATE KEY-----",
+ "caCertificate": "-----BEGIN CERTIFICATE-----\nMIIEFzCCAv+gAwIBAgIJALK1iUpF2VQLMA0GCSqGSIb3DQEBBQUAMIGhMQswCQYD\nVQQGEwJVUzELMAkGA1UECAwCU0MxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEcMBoG\nA1UECgwTRGVmYXVsdCBDb21wYW55IEx0ZDEQMA4GA1UECwwHVGVzdCBDQTEaMBgG\nA1UEAwwRd3d3LmV4YW1wbGVjYS5jb20xIjAgBgkqhkiG9w0BCQEWE2V4YW1wbGVA\nZXhhbXBsZS5jb20wHhcNMTUwMTEyMTQxNTAxWhcNMjUwMTA5MTQxNTAxWjCBoTEL\nMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlNDMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkx\nHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQxEDAOBgNVBAsMB1Rlc3QgQ0Ex\nGjAYBgNVBAMMEXd3dy5leGFtcGxlY2EuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFt\ncGxlQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA\nw2rK1J2NMtQj0KDug7g7HRKl5jbf0QMkMKyTU1fBtZ0cCzvsF4CqV11LK4BSVWaK\nrzkaXe99IVJnH8KdOlDl5Dh/+cJ3xdkClSyeUT4zgb6CCBqg78ePp+nN11JKuJlV\nIG1qdJpB1J5O/kCLsGcTf7RS74MtqMFo96446Zvt7YaBhWPz6gDaO/TUzfrNcGLA\nEfHVXkvVWqb3gqXUztZyVex/gtP9FXQ7gxTvJml7UkmT0VAFjtZnCqmFxpLZFZ15\n+qP9O7Q2MpsGUO/4vDAuYrKBeg1ZdPSi8gwqUP2qWsGd9MIWRv3thI2903BczDc7\nr8WaIbm37vYZAS9G56E4+wIDAQABo1AwTjAdBgNVHQ4EFgQUugLrSJshOBk5TSsU\nANs4+SmJUGwwHwYDVR0jBBgwFoAUugLrSJshOBk5TSsUANs4+SmJUGwwDAYDVR0T\nBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaMJ33zAMV4korHo5aPfayV3uHoYZ\n1ChzP3eSsF+FjoscpoNSKs91ZXZF6LquzoNezbfiihK4PYqgwVD2+O0/Ty7UjN4S\nqzFKVR4OS/6lCJ8YncxoFpTntbvjgojf1DEataKFUN196PAANc3yz8cWHF4uvjPv\nWkgFqbIjb+7D1YgglNyovXkRDlRZl0LD1OQ0ZWhd4Ge1qx8mmmanoBeYZ9+DgpFC\nj9tQAbS867yeOryNe7sEOIpXAAqK/DTu0hB6+ySsDfMo4piXCc2aA/eI2DCuw08e\nw17Dz9WnupZjVdwTKzDhFgJZMLDqn37HQnT6EemLFqbcR0VPEnfyhDtZIQ==\n-----END CERTIFICATE-----"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "creationTimestamp": null
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate",
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "jenkins",
+ "image": "openshift/jenkins-16-centos7",
+ "env": [
+ {
+ "name": "JENKINS_PASSWORD",
+ "value": "${JENKINS_PASSWORD}"
+ }
+ ],
+ "resources": {},
+ "volumeMounts": [
+ {
+ "name": "${JENKINS_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/jenkins"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${JENKINS_SERVICE_NAME}-data",
+ "emptyDir": {
+ "medium": ""
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "JENKINS_SERVICE_NAME",
+ "description": "Jenkins service name",
+ "value": "jenkins"
+ },
+ {
+ "name": "JENKINS_PASSWORD",
+ "description": "Password for the Jenkins user",
+ "generate": "expression",
+ "value": "password"
+ }
+ ],
+ "labels": {
+ "template": "jenkins-ephemeral-template"
+ }
+}
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json
new file mode 100644
index 000000000..33df68c74
--- /dev/null
+++ b/roles/openshift_examples/files/examples/quickstart-templates/jenkins-persistent-template.json
@@ -0,0 +1,168 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins-persistent",
+ "creationTimestamp": null,
+ "annotations": {
+ "description": "Jenkins service, with persistent storage.",
+ "iconClass": "icon-jenkins",
+ "tags": "database,jenkins"
+ }
+ },
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "creationTimestamp": null
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "protocol": "TCP",
+ "port": 8080,
+ "targetPort": 8080,
+ "nodePort": 0
+ }
+ ],
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "portalIP": "",
+ "type": "ClusterIP",
+ "sessionAffinity": "None"
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jenkins",
+ "creationTimestamp": null
+ },
+ "spec": {
+ "to": {
+ "kind": "Service",
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "tls": {
+ "termination": "edge",
+ "certificate": "-----BEGIN CERTIFICATE-----\nMIIDIjCCAgqgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx\nCzAJBgNVBAgMAlNDMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0Rl\nZmF1bHQgQ29tcGFueSBMdGQxEDAOBgNVBAsMB1Rlc3QgQ0ExGjAYBgNVBAMMEXd3\ndy5leGFtcGxlY2EuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFtcGxlQGV4YW1wbGUu\nY29tMB4XDTE1MDExMjE0MTk0MVoXDTE2MDExMjE0MTk0MVowfDEYMBYGA1UEAwwP\nd3d3LmV4YW1wbGUuY29tMQswCQYDVQQIDAJTQzELMAkGA1UEBhMCVVMxIjAgBgkq\nhkiG9w0BCQEWE2V4YW1wbGVAZXhhbXBsZS5jb20xEDAOBgNVBAoMB0V4YW1wbGUx\nEDAOBgNVBAsMB0V4YW1wbGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMrv\ngu6ZTTefNN7jjiZbS/xvQjyXjYMN7oVXv76jbX8gjMOmg9m0xoVZZFAE4XyQDuCm\n47VRx5Qrf/YLXmB2VtCFvB0AhXr5zSeWzPwaAPrjA4ebG+LUo24ziS8KqNxrFs1M\nmNrQUgZyQC6XIe1JHXc9t+JlL5UZyZQC1IfaJulDAgMBAAGjDTALMAkGA1UdEwQC\nMAAwDQYJKoZIhvcNAQEFBQADggEBAFCi7ZlkMnESvzlZCvv82Pq6S46AAOTPXdFd\nTMvrh12E1sdVALF1P1oYFJzG1EiZ5ezOx88fEDTW+Lxb9anw5/KJzwtWcfsupf1m\nV7J0D3qKzw5C1wjzYHh9/Pz7B1D0KthQRATQCfNf8s6bbFLaw/dmiIUhHLtIH5Qc\nyfrejTZbOSP77z8NOWir+BWWgIDDB2//3AkDIQvT20vmkZRhkqSdT7et4NmXOX/j\njhPti4b2Fie0LeuvgaOdKjCpQQNrYthZHXeVlOLRhMTSk3qUczenkKTOhvP7IS9q\n+Dzv5hqgSfvMG392KWh5f8xXfJNs4W5KLbZyl901MeReiLrPH3w=\n-----END CERTIFICATE-----",
+ "key": "-----BEGIN PRIVATE KEY-----\nMIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAMrvgu6ZTTefNN7j\njiZbS/xvQjyXjYMN7oVXv76jbX8gjMOmg9m0xoVZZFAE4XyQDuCm47VRx5Qrf/YL\nXmB2VtCFvB0AhXr5zSeWzPwaAPrjA4ebG+LUo24ziS8KqNxrFs1MmNrQUgZyQC6X\nIe1JHXc9t+JlL5UZyZQC1IfaJulDAgMBAAECgYEAnxOjEj/vrLNLMZE1Q9H7PZVF\nWdP/JQVNvQ7tCpZ3ZdjxHwkvf//aQnuxS5yX2Rnf37BS/TZu+TIkK4373CfHomSx\nUTAn2FsLmOJljupgGcoeLx5K5nu7B7rY5L1NHvdpxZ4YjeISrRtEPvRakllENU5y\ngJE8c2eQOx08ZSRE4TkCQQD7dws2/FldqwdjJucYijsJVuUdoTqxP8gWL6bB251q\nelP2/a6W2elqOcWId28560jG9ZS3cuKvnmu/4LG88vZFAkEAzphrH3673oTsHN+d\nuBd5uyrlnGjWjuiMKv2TPITZcWBjB8nJDSvLneHF59MYwejNNEof2tRjgFSdImFH\nmi995wJBAMtPjW6wiqRz0i41VuT9ZgwACJBzOdvzQJfHgSD9qgFb1CU/J/hpSRIM\nkYvrXK9MbvQFvG6x4VuyT1W8mpe1LK0CQAo8VPpffhFdRpF7psXLK/XQ/0VLkG3O\nKburipLyBg/u9ZkaL0Ley5zL5dFBjTV2Qkx367Ic2b0u9AYTCcgi2DsCQQD3zZ7B\nv7BOm7MkylKokY2MduFFXU0Bxg6pfZ7q3rvg8gqhUFbaMStPRYg6myiDiW/JfLhF\nTcFT4touIo7oriFJ\n-----END PRIVATE KEY-----",
+ "caCertificate": "-----BEGIN CERTIFICATE-----\nMIIEFzCCAv+gAwIBAgIJALK1iUpF2VQLMA0GCSqGSIb3DQEBBQUAMIGhMQswCQYD\nVQQGEwJVUzELMAkGA1UECAwCU0MxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEcMBoG\nA1UECgwTRGVmYXVsdCBDb21wYW55IEx0ZDEQMA4GA1UECwwHVGVzdCBDQTEaMBgG\nA1UEAwwRd3d3LmV4YW1wbGVjYS5jb20xIjAgBgkqhkiG9w0BCQEWE2V4YW1wbGVA\nZXhhbXBsZS5jb20wHhcNMTUwMTEyMTQxNTAxWhcNMjUwMTA5MTQxNTAxWjCBoTEL\nMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlNDMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkx\nHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQxEDAOBgNVBAsMB1Rlc3QgQ0Ex\nGjAYBgNVBAMMEXd3dy5leGFtcGxlY2EuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFt\ncGxlQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA\nw2rK1J2NMtQj0KDug7g7HRKl5jbf0QMkMKyTU1fBtZ0cCzvsF4CqV11LK4BSVWaK\nrzkaXe99IVJnH8KdOlDl5Dh/+cJ3xdkClSyeUT4zgb6CCBqg78ePp+nN11JKuJlV\nIG1qdJpB1J5O/kCLsGcTf7RS74MtqMFo96446Zvt7YaBhWPz6gDaO/TUzfrNcGLA\nEfHVXkvVWqb3gqXUztZyVex/gtP9FXQ7gxTvJml7UkmT0VAFjtZnCqmFxpLZFZ15\n+qP9O7Q2MpsGUO/4vDAuYrKBeg1ZdPSi8gwqUP2qWsGd9MIWRv3thI2903BczDc7\nr8WaIbm37vYZAS9G56E4+wIDAQABo1AwTjAdBgNVHQ4EFgQUugLrSJshOBk5TSsU\nANs4+SmJUGwwHwYDVR0jBBgwFoAUugLrSJshOBk5TSsUANs4+SmJUGwwDAYDVR0T\nBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaMJ33zAMV4korHo5aPfayV3uHoYZ\n1ChzP3eSsF+FjoscpoNSKs91ZXZF6LquzoNezbfiihK4PYqgwVD2+O0/Ty7UjN4S\nqzFKVR4OS/6lCJ8YncxoFpTntbvjgojf1DEataKFUN196PAANc3yz8cWHF4uvjPv\nWkgFqbIjb+7D1YgglNyovXkRDlRZl0LD1OQ0ZWhd4Ge1qx8mmmanoBeYZ9+DgpFC\nj9tQAbS867yeOryNe7sEOIpXAAqK/DTu0hB6+ySsDfMo4piXCc2aA/eI2DCuw08e\nw17Dz9WnupZjVdwTKzDhFgJZMLDqn37HQnT6EemLFqbcR0VPEnfyhDtZIQ==\n-----END CERTIFICATE-----"
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${JENKINS_SERVICE_NAME}",
+ "creationTimestamp": null
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate",
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "creationTimestamp": null,
+ "labels": {
+ "name": "${JENKINS_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "jenkins",
+ "image": "openshift/jenkins-16-centos7",
+ "env": [
+ {
+ "name": "JENKINS_PASSWORD",
+ "value": "${JENKINS_PASSWORD}"
+ }
+ ],
+ "resources": {},
+ "volumeMounts": [
+ {
+ "name": "${JENKINS_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/jenkins"
+ }
+ ],
+ "terminationMessagePath": "/dev/termination-log",
+ "imagePullPolicy": "IfNotPresent",
+ "capabilities": {},
+ "securityContext": {
+ "capabilities": {},
+ "privileged": false
+ }
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${JENKINS_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${JENKINS_SERVICE_NAME}"
+ }
+ }
+ ],
+ "restartPolicy": "Always",
+ "dnsPolicy": "ClusterFirst"
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "JENKINS_SERVICE_NAME",
+ "description": "Jenkins service name",
+ "value": "jenkins"
+ },
+ {
+ "name": "JENKINS_PASSWORD",
+ "description": "Password for the Jenkins user",
+ "generate": "expression",
+ "value": "password"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi",
+ "value": "512Mi",
+ "required": true
+ }
+ ],
+ "labels": {
+ "template": "jenkins-persistent-template"
+ }
+}
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json
index e281feecf..017b5be19 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json
@@ -165,19 +165,19 @@
},
{
"name": "MONGODB_USER",
- "value": "${MONGODB_USER}"
+ "value": "${DATABASE_USER}"
},
{
"name": "MONGODB_PASSWORD",
- "value": "${MONGODB_PASSWORD}"
+ "value": "${DATABASE_PASSWORD}"
},
{
"name": "MONGODB_DATABASE",
- "value": "${MONGODB_DATABASE}"
+ "value": "${DATABASE_NAME}"
},
{
"name": "MONGODB_ADMIN_PASSWORD",
- "value": "${MONGODB_ADMIN_PASSWORD}"
+ "value": "${DATABASE_ADMIN_PASSWORD}"
}
]
}
@@ -241,7 +241,7 @@
"containers": [
{
"name": "mongodb",
- "image": "openshift/mongodb-24-centos7",
+ "image": "${MONGODB_IMAGE}",
"ports": [
{
"containerPort": 27017
@@ -250,19 +250,19 @@
"env": [
{
"name": "MONGODB_USER",
- "value": "${MONGODB_USER}"
+ "value": "${DATABASE_USER}"
},
{
"name": "MONGODB_PASSWORD",
- "value": "${MONGODB_PASSWORD}"
+ "value": "${DATABASE_PASSWORD}"
},
{
"name": "MONGODB_DATABASE",
- "value": "${MONGODB_DATABASE}"
+ "value": "${DATABASE_NAME}"
},
{
"name": "MONGODB_ADMIN_PASSWORD",
- "value": "${MONGODB_ADMIN_PASSWORD}"
+ "value": "${DATABASE_ADMIN_PASSWORD}"
}
]
}
@@ -288,8 +288,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the Node.js service",
- "value": "nodejs-mongodb-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the Node.js service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
@@ -303,27 +303,32 @@
"value": "mongodb"
},
{
- "name": "MONGODB_USER",
+ "name": "DATABASE_USER",
"description": "Username for MongoDB user that will be used for accessing the database",
"generate": "expression",
"from": "user[A-Z0-9]{3}"
},
{
- "name": "MONGODB_PASSWORD",
+ "name": "DATABASE_PASSWORD",
"description": "Password for the MongoDB user",
"generate": "expression",
"from": "[a-zA-Z0-9]{16}"
},
{
- "name": "MONGODB_DATABASE",
+ "name": "DATABASE_NAME",
"description": "Database name",
"value": "sampledb"
},
{
- "name": "MONGODB_ADMIN_PASSWORD",
+ "name": "DATABASE_ADMIN_PASSWORD",
"description": "Password for the database admin user",
"generate": "expression",
"from": "[a-zA-Z0-9]{16}"
+ },
+ {
+ "name": "MONGODB_IMAGE",
+ "description": "Image to use for mongodb",
+ "value": "openshift/mongodb-24-centos7"
}
]
}
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/nodejs.json b/roles/openshift_examples/files/examples/quickstart-templates/nodejs.json
index dd38571eb..55488ab41 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/nodejs.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/nodejs.json
@@ -203,8 +203,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the Node.js service",
- "value": "nodejs-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the Node.js service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
diff --git a/roles/openshift_examples/files/examples/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/quickstart-templates/rails-postgresql.json
index 3b83d3f5b..b98282528 100644
--- a/roles/openshift_examples/files/examples/quickstart-templates/rails-postgresql.json
+++ b/roles/openshift_examples/files/examples/quickstart-templates/rails-postgresql.json
@@ -176,15 +176,15 @@
},
{
"name": "POSTGRESQL_USER",
- "value": "${POSTGRESQL_USER}"
+ "value": "${DATABASE_USER}"
},
{
"name": "POSTGRESQL_PASSWORD",
- "value": "${POSTGRESQL_PASSWORD}"
+ "value": "${DATABASE_PASSWORD}"
},
{
"name": "POSTGRESQL_DATABASE",
- "value": "${POSTGRESQL_DATABASE}"
+ "value": "${DATABASE_NAME}"
},
{
"name": "SECRET_KEY_BASE",
@@ -213,6 +213,10 @@
{
"name": "APPLICATION_PASSWORD",
"value": "${APPLICATION_PASSWORD}"
+ },
+ {
+ "name": "RAILS_ENV",
+ "value": "${RAILS_ENV}"
}
]
}
@@ -276,7 +280,7 @@
"containers": [
{
"name": "postgresql",
- "image": "openshift/postgresql-92-centos7",
+ "image": "${POSTGRESQL_IMAGE}",
"ports": [
{
"containerPort": 5432
@@ -285,15 +289,15 @@
"env": [
{
"name": "POSTGRESQL_USER",
- "value": "${POSTGRESQL_USER}"
+ "value": "${DATABASE_USER}"
},
{
"name": "POSTGRESQL_PASSWORD",
- "value": "${POSTGRESQL_PASSWORD}"
+ "value": "${DATABASE_PASSWORD}"
},
{
"name": "POSTGRESQL_DATABASE",
- "value": "${POSTGRESQL_DATABASE}"
+ "value": "${DATABASE_NAME}"
},
{
"name": "POSTGRESQL_MAX_CONNECTIONS",
@@ -327,8 +331,8 @@
},
{
"name": "APPLICATION_DOMAIN",
- "description": "The exposed hostname that will route to the Rails service",
- "value": "rails-postgresql-example.openshiftapps.com"
+ "description": "The exposed hostname that will route to the Rails service, if left blank a value will be defaulted.",
+ "value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
@@ -353,28 +357,38 @@
"value": "secret"
},
{
+ "name": "RAILS_ENV",
+ "description": "Environment under which the sample application will run. Could be set to production, development or test",
+ "value": "production"
+ },
+ {
"name": "DATABASE_SERVICE_NAME",
"description": "Database service name",
"value": "postgresql"
},
{
- "name": "POSTGRESQL_USER",
+ "name": "DATABASE_USER",
"description": "database username",
"generate": "expression",
"from": "user[A-Z0-9]{3}"
},
{
- "name": "POSTGRESQL_PASSWORD",
+ "name": "DATABASE_PASSWORD",
"description": "database password",
"generate": "expression",
"from": "[a-zA-Z0-9]{8}"
},
{
- "name": "POSTGRESQL_DATABASE",
+ "name": "DATABASE_NAME",
"description": "database name",
"value": "root"
},
{
+ "name": "POSTGRESQL_IMAGE",
+ "description": "Image to use for postgresql",
+ "value": "openshift/postgresql-92-centos7"
+ },
+ {
"name": "POSTGRESQL_MAX_CONNECTIONS",
"description": "database max connections",
"value": "10"
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index 4e0989c5f..c1c4e1b5c 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -323,6 +323,24 @@ def set_fluentd_facts_if_unset(facts):
facts['common']['use_fluentd'] = use_fluentd
return facts
+def set_cluster_metrics_facts_if_unset(facts):
+ """ Set cluster metrics facts if not already present in facts dict
+ dict: the facts dict updated with the generated cluster metrics facts if
+ missing
+ Args:
+ facts (dict): existing facts
+ Returns:
+ dict: the facts dict updated with the generated cluster metrics
+ facts if they were not already present
+
+ """
+ if 'common' in facts:
+ deployment_type = facts['common']['deployment_type']
+ if 'use_cluster_metrics' not in facts['common']:
+ use_cluster_metrics = True if deployment_type == 'origin' else False
+ facts['common']['use_cluster_metrics'] = use_cluster_metrics
+ return facts
+
def set_identity_providers_if_unset(facts):
""" Set identity_providers fact if not already present in facts dict
@@ -700,6 +718,7 @@ class OpenShiftFacts(object):
facts['current_config'] = get_current_config(facts)
facts = set_url_facts_if_unset(facts)
facts = set_fluentd_facts_if_unset(facts)
+ facts = set_cluster_metrics_facts_if_unset(facts)
facts = set_identity_providers_if_unset(facts)
facts = set_registry_url_if_unset(facts)
facts = set_sdn_facts_if_unset(facts)
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index 44567aa22..fff123d0d 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -2,9 +2,6 @@ apiLevels:
- v1beta3
- v1
apiVersion: v1
-{% if api_server_args is defined and api_server_args %}
-apiServerArguments: {{ api_server_args }}
-{% endif %}
assetConfig:
logoutURL: ""
masterPublicURL: {{ openshift.master.public_api_url }}
@@ -16,9 +13,6 @@ assetConfig:
keyFile: master.server.key
maxRequestsInFlight: 0
requestTimeoutSeconds: 0
-{% if controller_args is defined and controller_args %}
-controllerArguments: {{ controller_args }}
-{% endif %}
corsAllowedOrigins:
{% for origin in ['127.0.0.1', 'localhost', openshift.common.hostname, openshift.common.ip, openshift.common.public_hostname, openshift.common.public_ip] %}
- {{ origin }}
@@ -74,8 +68,8 @@ kubernetesMasterConfig:
apiLevels:
- v1beta3
- v1
- apiServerArguments: null
- controllerArguments: null
+ apiServerArguments: {{ api_server_args if api_server_args is defined else 'null' }}
+ controllerArguments: {{ controller_args if controller_args is defined else 'null' }}
{# TODO: support overriding masterCount #}
masterCount: 1
masterIP: ""
diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml
index be51195f2..1dbcc4301 100644
--- a/roles/openshift_node/defaults/main.yml
+++ b/roles/openshift_node/defaults/main.yml
@@ -6,3 +6,7 @@ os_firewall_allow:
port: 80/tcp
- service: https
port: 443/tcp
+- service: Openshift kubelet ReadOnlyPort
+ port: 10255/tcp
+- service: Openshift kubelet ReadOnlyPort udp
+ port: 10255/udp
diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml
index 953a1421b..8b5acefbf 100644
--- a/roles/openshift_node/handlers/main.yml
+++ b/roles/openshift_node/handlers/main.yml
@@ -1,3 +1,6 @@
---
- name: restart openshift-node
service: name=openshift-node state=restarted
+
+- name: restart docker
+ service: name=docker state=restarted
diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
index adffca252..7679adbf3 100644
--- a/roles/openshift_node/tasks/main.yml
+++ b/roles/openshift_node/tasks/main.yml
@@ -66,10 +66,54 @@
- name: Secure OpenShift Registry
lineinfile:
dest: /etc/sysconfig/docker
- regexp: '^OPTIONS=.*'
+ regexp: '^OPTIONS=.*$'
line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} \
{% if ansible_selinux and ansible_selinux.status == '''enabled''' %}--selinux-enabled{% endif %}'"
when: docker_check.stat.isreg
+ notify:
+ - restart docker
+
+- set_fact:
+ docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries')
+ | oo_split() | union(['registry.access.redhat.com'])
+ | difference(['']) }}"
+ when: openshift.common.deployment_type == 'enterprise'
+- set_fact:
+ docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries')
+ | oo_split() | difference(['']) }}"
+ when: openshift.common.deployment_type != 'enterprise'
+
+- name: Add personal registries
+ lineinfile:
+ dest: /etc/sysconfig/docker
+ regexp: '^ADD_REGISTRY=.*$'
+ line: "ADD_REGISTRY='{{ docker_additional_registries
+ | oo_prepend_strings_in_list('--add-registry ') | join(' ') }}'"
+ when: docker_check.stat.isreg and docker_additional_registries
+ notify:
+ - restart docker
+
+- name: Block registries
+ lineinfile:
+ dest: /etc/sysconfig/docker
+ regexp: '^BLOCK_REGISTRY=.*$'
+ line: "BLOCK_REGISTRY='{{ lookup('oo_option', 'docker_blocked_registries') | oo_split()
+ | oo_prepend_strings_in_list('--block-registry ') | join(' ') }}'"
+ when: docker_check.stat.isreg and
+ lookup('oo_option', 'docker_blocked_registries') != ''
+ notify:
+ - restart docker
+
+- name: Grant access to additional insecure registries
+ lineinfile:
+ dest: /etc/sysconfig/docker
+ regexp: '^INSECURE_REGISTRY=.*'
+ line: "INSECURE_REGISTRY='{{ lookup('oo_option', 'docker_insecure_registries') | oo_split()
+ | oo_prepend_strings_in_list('--insecure-registry ') | join(' ') }}'"
+ when: docker_check.stat.isreg and
+ lookup('oo_option', 'docker_insecure_registries') != ''
+ notify:
+ - restart docker
- name: Allow NFS access for VMs
seboolean: name=virt_use_nfs state=yes persistent=yes
diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2
index 7b1c0f808..e176e7511 100644
--- a/roles/openshift_node/templates/node.yaml.v1.j2
+++ b/roles/openshift_node/templates/node.yaml.v1.j2
@@ -21,3 +21,4 @@ servingInfo:
clientCA: ca.crt
keyFile: server.key
volumeDirectory: {{ openshift_data_dir }}/openshift.local.volumes
+{% include 'partials/kubeletArguments.j2' %} \ No newline at end of file
diff --git a/roles/openshift_node/templates/partials/kubeletArguments.j2 b/roles/openshift_node/templates/partials/kubeletArguments.j2
new file mode 100644
index 000000000..6c3bd04c5
--- /dev/null
+++ b/roles/openshift_node/templates/partials/kubeletArguments.j2
@@ -0,0 +1,5 @@
+{% if openshift.common.use_cluster_metrics | bool %}
+kubeletArguments:
+ "read-only-port":
+ - "10255"
+{% endif %} \ No newline at end of file