diff options
| -rw-r--r-- | .tito/packages/openshift-ansible | 2 | ||||
| -rw-r--r-- | openshift-ansible.spec | 30 | ||||
| -rw-r--r-- | playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml | 10 | ||||
| -rw-r--r-- | roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-template.yaml | 19 | ||||
| -rw-r--r-- | roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-template.yaml | 19 | ||||
| -rw-r--r-- | roles/openshift_node/tasks/main.yml | 18 | ||||
| -rw-r--r-- | roles/openshift_node/tasks/tuned.yml | 41 |
7 files changed, 117 insertions, 22 deletions
diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index 2c8f1d56b..d8fd678b3 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.7.0-0.105.0 ./ +3.7.0-0.111.0 ./ diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 31cb4dc4c..46078eccb 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -10,7 +10,7 @@ Name: openshift-ansible Version: 3.7.0 -Release: 0.105.0%{?dist} +Release: 0.111.0%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 URL: https://github.com/openshift/openshift-ansible @@ -280,6 +280,34 @@ Atomic OpenShift Utilities includes %changelog +* Fri Aug 25 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.111.0 +- Upgrade check for OpenShift authorization objects (rteague@redhat.com) + +* Fri Aug 25 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.110.0 +- Setup tuned profiles in /etc/tuned (jmencak@redhat.com) + +* Thu Aug 24 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.109.0 +- + +* Thu Aug 24 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.108.0 +- + +* Thu Aug 24 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.107.0 +- + +* Thu Aug 24 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.106.0 +- Add dotnet 2.0 to v3.6 (sdodson@redhat.com) +- Add dotnet 2.0 to v3.7 (sdodson@redhat.com) +- Update v3.6 content (sdodson@redhat.com) +- Update all image streams and templates (sdodson@redhat.com) +- Passing memory and cpu limit for ops ES install (ewolinet@redhat.com) +- If IP4_NAMESERVERS are unset then pull the value from /etc/resolv.conf + (sdodson@redhat.com) +- New tuned profile hierarchy. (jmencak@redhat.com) +- GlusterFS: add minor README note for #5071 (jarrpa@redhat.com) +- Update cfme templates to auto-generate postgresql password + https://bugzilla.redhat.com/show_bug.cgi?id=1461973 (simaishi@redhat.com) + * Wed Aug 23 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.7.0-0.105.0 - Fix generated content (sdodson@redhat.com) - Switch to migrating one host and forming a new cluster (sdodson@redhat.com) diff --git a/playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml b/playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml index 90e95422b..136ad5362 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_7/validator.yml @@ -7,6 +7,16 @@ hosts: oo_first_master roles: - { role: lib_openshift } + tasks: - name: Check for invalid namespaces and SDN errors oc_objectvalidator: + + - name: Confirm OpenShift authorization objects are in sync + command: > + {{ openshift.common.client_binary }} adm migrate authorization + changed_when: false + register: l_oc_result + until: l_oc_result.rc == 0 + retries: 4 + delay: 15 diff --git a/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-template.yaml b/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-template.yaml index 3bc6c5813..fd57a864c 100644 --- a/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-template.yaml +++ b/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-template.yaml @@ -10,6 +10,12 @@ metadata: iconClass: "icon-rails" objects: - apiVersion: v1 + kind: Secret + metadata: + name: "${NAME}-secrets" + stringData: + pg-password: "${DATABASE_PASSWORD}" +- apiVersion: v1 kind: Service metadata: annotations: @@ -148,7 +154,10 @@ objects: value: "${DATABASE_USER}" - name: "POSTGRESQL_PASSWORD" - value: "${DATABASE_PASSWORD}" + valueFrom: + secretKeyRef: + name: "${NAME}-secrets" + key: "pg-password" - name: "POSTGRESQL_DATABASE" value: "${DATABASE_NAME}" @@ -345,7 +354,10 @@ objects: value: "${DATABASE_USER}" - name: "POSTGRESQL_PASSWORD" - value: "${DATABASE_PASSWORD}" + valueFrom: + secretKeyRef: + name: "${NAME}-secrets" + key: "pg-password" - name: "POSTGRESQL_DATABASE" value: "${DATABASE_NAME}" @@ -386,7 +398,8 @@ parameters: displayName: "PostgreSQL Password" required: true description: "Password for the PostgreSQL user." - value: "smartvm" + from: "[a-zA-Z0-9]{8}" + generate: expression - name: "DATABASE_NAME" required: true diff --git a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-template.yaml b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-template.yaml index 3bc6c5813..fd57a864c 100644 --- a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-template.yaml +++ b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-template.yaml @@ -10,6 +10,12 @@ metadata: iconClass: "icon-rails" objects: - apiVersion: v1 + kind: Secret + metadata: + name: "${NAME}-secrets" + stringData: + pg-password: "${DATABASE_PASSWORD}" +- apiVersion: v1 kind: Service metadata: annotations: @@ -148,7 +154,10 @@ objects: value: "${DATABASE_USER}" - name: "POSTGRESQL_PASSWORD" - value: "${DATABASE_PASSWORD}" + valueFrom: + secretKeyRef: + name: "${NAME}-secrets" + key: "pg-password" - name: "POSTGRESQL_DATABASE" value: "${DATABASE_NAME}" @@ -345,7 +354,10 @@ objects: value: "${DATABASE_USER}" - name: "POSTGRESQL_PASSWORD" - value: "${DATABASE_PASSWORD}" + valueFrom: + secretKeyRef: + name: "${NAME}-secrets" + key: "pg-password" - name: "POSTGRESQL_DATABASE" value: "${DATABASE_NAME}" @@ -386,7 +398,8 @@ parameters: displayName: "PostgreSQL Password" required: true description: "Password for the PostgreSQL user." - value: "smartvm" + from: "[a-zA-Z0-9]{8}" + generate: expression - name: "DATABASE_NAME" required: true diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 3353a22e3..81456eac9 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -70,25 +70,15 @@ - openshift_disable_swap | default(true) | bool # End Disable Swap Block -# We have to add tuned-profiles in the same transaction otherwise we run into depsolving -# problems because the rpms don't pin the version properly. This was fixed in 3.1 packaging. - name: Install Node package package: - name: "{{ openshift.common.service_type }}-node{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }},tuned-profiles-{{ openshift.common.service_type }}-node{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}" + name: "{{ openshift.common.service_type }}-node{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}" state: present when: not openshift.common.is_containerized | bool -- name: Check for tuned package - command: rpm -q tuned - args: - warn: no - register: tuned_installed - changed_when: false - failed_when: false - -- name: Set atomic-guest tuned profile - command: "tuned-adm profile atomic-guest" - when: tuned_installed.rc == 0 and openshift.common.is_atomic | bool +- name: setup tuned + include: tuned.yml + static: yes - name: Install sdn-ovs package package: diff --git a/roles/openshift_node/tasks/tuned.yml b/roles/openshift_node/tasks/tuned.yml new file mode 100644 index 000000000..425bf6a26 --- /dev/null +++ b/roles/openshift_node/tasks/tuned.yml @@ -0,0 +1,41 @@ +--- +- name: Check for tuned package + command: rpm -q tuned + args: + warn: no + register: tuned_installed + changed_when: false + failed_when: false + +- name: Tuned service setup + block: + - name: Set tuned OpenShift variables + set_fact: + openshift_tuned_guest_profile: "{{ 'atomic-guest' if openshift.common.is_atomic else 'virtual-guest' }}" + tuned_etc_directory: '/etc/tuned' + tuned_templates_source: '../templates/tuned' + + - name: Ensure directory structure exists + file: + state: directory + dest: '{{ tuned_etc_directory }}/{{ item.path }}' + with_filetree: '{{ tuned_templates_source }}' + when: item.state == 'directory' + + - name: Ensure files are populated from templates + template: + src: '{{ item.src }}' + dest: '{{ tuned_etc_directory }}/{{ item.path }}' + with_filetree: '{{ tuned_templates_source }}' + when: item.state == 'file' + + - name: Make tuned use the recommended tuned profile on restart + file: path=/etc/tuned/active_profile state=absent + + - name: Restart tuned service + systemd: + state: restarted + daemon_reload: yes + name: tuned + + when: tuned_installed.rc == 0 | bool |