diff options
Diffstat (limited to 'roles')
10 files changed, 264 insertions, 59 deletions
diff --git a/roles/docker/vars/main.yml b/roles/docker/vars/main.yml index 606cdb9b9..f81f99e2b 100644 --- a/roles/docker/vars/main.yml +++ b/roles/docker/vars/main.yml @@ -1,3 +1,2 @@ --- -repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery' }}" udevw_udevd_dir: /etc/systemd/system/systemd-udevd.service.d diff --git a/roles/openshift_docker_facts/vars/main.yml b/roles/openshift_docker_facts/vars/main.yml index f7ad1b329..55c04b0c1 100644 --- a/roles/openshift_docker_facts/vars/main.yml +++ b/roles/openshift_docker_facts/vars/main.yml @@ -1,2 +1,2 @@ --- -repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery' }}" +repoquery_cmd: "{{ 'dnf repoquery --latest-limit 1 -d 0' if ansible_pkg_mgr == 'dnf' else 'repoquery --plugins' }}" diff --git a/roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-centos7.json index 719aee772..d971e5e7a 100644 --- a/roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-centos7.json +++ b/roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-centos7.json @@ -7,8 +7,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "ruby", - "creationTimestamp": null + "name": "ruby" }, "spec": { "tags": [ @@ -23,7 +22,7 @@ }, "from": { "kind": "ImageStreamTag", - "name": "2.2" + "name": "2.3" } }, { @@ -55,6 +54,21 @@ "kind": "DockerImage", "name": "centos/ruby-22-centos7:latest" } + }, + { + "name": "2.3", + "annotations": { + "description": "Build and run Ruby 2.3 applications", + "iconClass": "icon-ruby", + "tags": "builder,ruby", + "supports": "ruby:2.3,ruby", + "version": "2.3", + "sampleRepo": "https://github.com/openshift/ruby-ex.git" + }, + "from": { + "kind": "DockerImage", + "name": "centos/ruby-23-centos7:latest" + } } ] } @@ -63,8 +77,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "nodejs", - "creationTimestamp": null + "name": "nodejs" }, "spec": { "tags": [ @@ -104,8 +117,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "perl", - "creationTimestamp": null + "name": "perl" }, "spec": { "tags": [ @@ -161,8 +173,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "php", - "creationTimestamp": null + "name": "php" }, "spec": { "tags": [ @@ -217,8 +228,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "python", - "creationTimestamp": null + "name": "python" }, "spec": { "tags": [ @@ -233,7 +243,7 @@ }, "from": { "kind": "ImageStreamTag", - "name": "3.4" + "name": "3.5" } }, { @@ -280,6 +290,21 @@ "kind": "DockerImage", "name": "centos/python-34-centos7:latest" } + }, + { + "name": "3.5", + "annotations": { + "description": "Build and run Python 3.5 applications", + "iconClass": "icon-python", + "tags": "builder,python", + "supports":"python:3.5,python", + "version": "3.5", + "sampleRepo": "https://github.com/openshift/django-ex.git" + }, + "from": { + "kind": "DockerImage", + "name": "centos/python-35-centos7:latest" + } } ] } @@ -288,8 +313,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "wildfly", - "creationTimestamp": null + "name": "wildfly" }, "spec": { "tags": [ @@ -359,8 +383,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "mysql", - "creationTimestamp": null + "name": "mysql" }, "spec": { "tags": [ @@ -409,8 +432,43 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "postgresql", - "creationTimestamp": null + "name": "mariadb" + }, + "spec": { + "tags": [ + { + "name": "latest", + "annotations": { + "description": "Provides a MariaDB database", + "iconClass": "icon-mariadb", + "tags": "mariadb" + }, + "from": { + "kind": "ImageStreamTag", + "name": "10.1" + } + }, + { + "name": "10.1", + "annotations": { + "description": "Provides a MariaDB v10.1 database", + "iconClass": "icon-mariadb", + "tags": "mariadb", + "version": "10.1" + }, + "from": { + "kind": "DockerImage", + "name": "centos/mariadb-101-centos7:latest" + } + } + ] + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "postgresql" }, "spec": { "tags": [ @@ -423,7 +481,7 @@ }, "from": { "kind": "ImageStreamTag", - "name": "9.4" + "name": "9.5" } }, { @@ -451,6 +509,19 @@ "kind": "DockerImage", "name": "centos/postgresql-94-centos7:latest" } + }, + { + "name": "9.5", + "annotations": { + "description": "Provides a PostgreSQL v9.5 database", + "iconClass": "icon-postgresql", + "tags": "postgresql", + "version": "9.5" + }, + "from": { + "kind": "DockerImage", + "name": "centos/postgresql-95-centos7:latest" + } } ] } @@ -459,8 +530,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "mongodb", - "creationTimestamp": null + "name": "mongodb" }, "spec": { "tags": [ @@ -473,7 +543,7 @@ }, "from": { "kind": "ImageStreamTag", - "name": "2.6" + "name": "3.2" } }, { @@ -501,6 +571,19 @@ "kind": "DockerImage", "name": "centos/mongodb-26-centos7:latest" } + }, + { + "name": "3.2", + "annotations": { + "description": "Provides a MongoDB v3.2 database", + "iconClass": "icon-mongodb", + "tags": "mongodb", + "version": "3.2" + }, + "from": { + "kind": "DockerImage", + "name": "centos/mongodb-32-centos7:latest" + } } ] } @@ -509,8 +592,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "jenkins", - "creationTimestamp": null + "name": "jenkins" }, "spec": { "tags": [ diff --git a/roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-rhel7.json index 00635ec78..56c63263b 100644 --- a/roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-rhel7.json +++ b/roles/openshift_examples/files/examples/v1.2/image-streams/image-streams-rhel7.json @@ -7,8 +7,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "ruby", - "creationTimestamp": null + "name": "ruby" }, "spec": { "tags": [ @@ -18,12 +17,12 @@ "description": "Build and run Ruby applications", "iconClass": "icon-ruby", "tags": "builder,ruby", - "supports": "ruby,ruby", + "supports": "ruby", "sampleRepo": "https://github.com/openshift/ruby-ex.git" }, "from": { "kind": "ImageStreamTag", - "name": "2.2" + "name": "2.3" } }, { @@ -55,6 +54,21 @@ "kind": "DockerImage", "name": "registry.access.redhat.com/rhscl/ruby-22-rhel7:latest" } + }, + { + "name": "2.3", + "annotations": { + "description": "Build and run Ruby 2.3 applications", + "iconClass": "icon-ruby", + "tags": "builder,ruby", + "supports": "ruby:2.3,ruby", + "version": "2.3", + "sampleRepo": "https://github.com/openshift/ruby-ex.git" + }, + "from": { + "kind": "DockerImage", + "name": "registry.access.redhat.com/rhscl/ruby-23-rhel7:latest" + } } ] } @@ -63,8 +77,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "nodejs", - "creationTimestamp": null + "name": "nodejs" }, "spec": { "tags": [ @@ -79,7 +92,7 @@ }, "from": { "kind": "ImageStreamTag", - "name": "0.10" + "name": "4" } }, { @@ -96,6 +109,21 @@ "kind": "DockerImage", "name": "registry.access.redhat.com/openshift3/nodejs-010-rhel7:latest" } + }, + { + "name": "4", + "annotations": { + "description": "Build and run NodeJS 4.x applications", + "iconClass": "icon-nodejs", + "tags": "builder,nodejs", + "supports":"nodejs:4,nodejs", + "version": "4", + "sampleRepo": "https://github.com/openshift/nodejs-ex.git" + }, + "from": { + "kind": "DockerImage", + "name": "registry.access.redhat.com/rhscl/nodejs-4-rhel7:latest" + } } ] } @@ -104,8 +132,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "perl", - "creationTimestamp": null + "name": "perl" }, "spec": { "tags": [ @@ -161,8 +188,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "php", - "creationTimestamp": null + "name": "php" }, "spec": { "tags": [ @@ -217,8 +243,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "python", - "creationTimestamp": null + "name": "python" }, "spec": { "tags": [ @@ -233,7 +258,7 @@ }, "from": { "kind": "ImageStreamTag", - "name": "3.4" + "name": "3.5" } }, { @@ -280,6 +305,21 @@ "kind": "DockerImage", "name": "registry.access.redhat.com/rhscl/python-34-rhel7:latest" } + }, + { + "name": "3.5", + "annotations": { + "description": "Build and run Python 3.5 applications", + "iconClass": "icon-python", + "tags": "builder,python", + "supports":"python:3.5,python", + "version": "3.5", + "sampleRepo": "https://github.com/openshift/django-ex.git" + }, + "from": { + "kind": "DockerImage", + "name": "registry.access.redhat.com/rhscl/python-35-rhel7:latest" + } } ] } @@ -288,8 +328,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "mysql", - "creationTimestamp": null + "name": "mysql" }, "spec": { "tags": [ @@ -338,8 +377,43 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "postgresql", - "creationTimestamp": null + "name": "mariadb" + }, + "spec": { + "tags": [ + { + "name": "latest", + "annotations": { + "description": "Provides a MariaDB database", + "iconClass": "icon-mariadb", + "tags": "mariadb" + }, + "from": { + "kind": "ImageStreamTag", + "name": "10.1" + } + }, + { + "name": "10.1", + "annotations": { + "description": "Provides a MariaDB v10.1 database", + "iconClass": "icon-mariadb", + "tags": "mariadb", + "version": "10.1" + }, + "from": { + "kind": "DockerImage", + "name": "registry.access.redhat.com/rhscl/mariadb-101-rhel7:latest" + } + } + ] + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "postgresql" }, "spec": { "tags": [ @@ -352,7 +426,7 @@ }, "from": { "kind": "ImageStreamTag", - "name": "9.4" + "name": "9.5" } }, { @@ -380,6 +454,19 @@ "kind": "DockerImage", "name": "registry.access.redhat.com/rhscl/postgresql-94-rhel7:latest" } + }, + { + "name": "9.5", + "annotations": { + "description": "Provides a PostgreSQL v9.5 database", + "iconClass": "icon-postgresql", + "tags": "postgresql", + "version": "9.5" + }, + "from": { + "kind": "DockerImage", + "name": "registry.access.redhat.com/rhscl/postgresql-95-rhel7:latest" + } } ] } @@ -388,8 +475,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "mongodb", - "creationTimestamp": null + "name": "mongodb" }, "spec": { "tags": [ @@ -402,7 +488,7 @@ }, "from": { "kind": "ImageStreamTag", - "name": "2.6" + "name": "3.2" } }, { @@ -430,6 +516,19 @@ "kind": "DockerImage", "name": "registry.access.redhat.com/rhscl/mongodb-26-rhel7:latest" } + }, + { + "name": "3.2", + "annotations": { + "description": "Provides a MongoDB v3.2 database", + "iconClass": "icon-mongodb", + "tags": "mongodb", + "version": "3.2" + }, + "from": { + "kind": "DockerImage", + "name": "registry.access.redhat.com/rhscl/mongodb-32-rhel7:latest" + } } ] } @@ -438,8 +537,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "jenkins", - "creationTimestamp": null + "name": "jenkins" }, "spec": { "tags": [ diff --git a/roles/openshift_node/tasks/storage_plugins/nfs.yml b/roles/openshift_node/tasks/storage_plugins/nfs.yml index 14a613786..8380714d4 100644 --- a/roles/openshift_node/tasks/storage_plugins/nfs.yml +++ b/roles/openshift_node/tasks/storage_plugins/nfs.yml @@ -9,3 +9,10 @@ state: yes persistent: yes when: ansible_selinux and ansible_selinux.status == "enabled" + +- name: Set seboolean to allow nfs storage plugin access from containers(sandbox) + seboolean: + name: virt_sandbox_use_nfs + state: yes + persistent: yes + when: ansible_selinux and ansible_selinux.status == "enabled" diff --git a/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh b/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh index 51a43d113..5a187710b 100755 --- a/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh +++ b/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh @@ -47,11 +47,14 @@ EOF # zero out our upstream servers list and feed it into dnsmasq echo -n > /etc/dnsmasq.d/origin-upstream-dns.conf for ns in ${IP4_NAMESERVERS}; do - echo "server=${ns}" >> /etc/dnsmasq.d/origin-upstream-dns.conf + if [[ ! -z $ns ]]; then + echo "server=${ns}" >> /etc/dnsmasq.d/origin-upstream-dns.conf + fi done systemctl restart dnsmasq - sed -i 's/^nameserver.*$/nameserver '"${def_route_ip}"'/g' /etc/resolv.conf + sed -i '0,/^nameserver/ s/^nameserver.*$/nameserver '"${def_route_ip}"'/g' /etc/resolv.conf + if ! grep -q '99-origin-dns.sh' /etc/resolv.conf; then echo "# nameserver updated by /etc/NetworkManager/dispatcher.d/99-origin-dns.sh" >> /etc/resolv.conf fi diff --git a/roles/openshift_node_dnsmasq/handlers/main.yml b/roles/openshift_node_dnsmasq/handlers/main.yml index 7e9e4d299..7d43b6106 100644 --- a/roles/openshift_node_dnsmasq/handlers/main.yml +++ b/roles/openshift_node_dnsmasq/handlers/main.yml @@ -1,5 +1,10 @@ --- - name: restart NetworkManager - service: + service: name: NetworkManager state: restarted + +- name: restart dnsmasq + service: + name: dnsmasq + state: restarted diff --git a/roles/openshift_node_dnsmasq/tasks/main.yml b/roles/openshift_node_dnsmasq/tasks/main.yml index 7147b78f5..bd9a0ffb6 100644 --- a/roles/openshift_node_dnsmasq/tasks/main.yml +++ b/roles/openshift_node_dnsmasq/tasks/main.yml @@ -17,6 +17,17 @@ template: src: origin-dns.conf.j2 dest: /etc/dnsmasq.d/origin-dns.conf + notify: restart dnsmasq + +- name: Deploy additional dnsmasq.conf + template: + src: "{{ openshift_node_dnsmasq_additional_config_file }}" + dest: /etc/dnsmasq.d/openshift-ansible.conf + owner: root + group: root + mode: 0644 + when: openshift_node_dnsmasq_additional_config_file is defined + notify: restart dnsmasq # Dynamic NetworkManager based dispatcher - include: ./network-manager.yml diff --git a/roles/os_firewall/library/os_firewall_manage_iptables.py b/roles/os_firewall/library/os_firewall_manage_iptables.py index 1cb539a8c..190016c14 100755 --- a/roles/os_firewall/library/os_firewall_manage_iptables.py +++ b/roles/os_firewall/library/os_firewall_manage_iptables.py @@ -37,14 +37,14 @@ class IpTablesSaveError(IpTablesError): class IpTablesCreateChainError(IpTablesError): - def __init__(self, chain, msg, cmd, exit_code, output): # pylint: disable=too-many-arguments, line-too-long + def __init__(self, chain, msg, cmd, exit_code, output): # pylint: disable=too-many-arguments, line-too-long, redefined-outer-name super(IpTablesCreateChainError, self).__init__(msg, cmd, exit_code, output) self.chain = chain class IpTablesCreateJumpRuleError(IpTablesError): - def __init__(self, chain, msg, cmd, exit_code, output): # pylint: disable=too-many-arguments, line-too-long + def __init__(self, chain, msg, cmd, exit_code, output): # pylint: disable=too-many-arguments, line-too-long, redefined-outer-name super(IpTablesCreateJumpRuleError, self).__init__(msg, cmd, exit_code, output) self.chain = chain @@ -152,11 +152,11 @@ class IpTablesManager(object): # pylint: disable=too-many-instance-attributes continue last_rule_target = rule[1] - # Naively assume that if the last row is a REJECT rule, then - # we can add insert our rule right before it, otherwise we + # Naively assume that if the last row is a REJECT or DROP rule, + # then we can insert our rule right before it, otherwise we # assume that we can just append the rule. if (last_rule_num and last_rule_target - and last_rule_target == 'REJECT'): + and last_rule_target in ['REJECT', 'DROP']): # insert rule cmd = self.cmd + ['-I', self.jump_rule_chain, str(last_rule_num)] diff --git a/roles/rhel_subscribe/tasks/enterprise.yml b/roles/rhel_subscribe/tasks/enterprise.yml index c4aa7db6a..8d11276d0 100644 --- a/roles/rhel_subscribe/tasks/enterprise.yml +++ b/roles/rhel_subscribe/tasks/enterprise.yml @@ -7,7 +7,7 @@ when: deployment_type == 'enterprise' - set_fact: - default_ose_version: '3.1' + default_ose_version: '3.2' when: deployment_type in ['atomic-enterprise', 'openshift-enterprise'] - set_fact: |