summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* a-o-i: Better inventory group handlingSamuel Munilla2016-07-293-72/+49
| | | | | | | | | | A more dynamic and flexible method of writing out host groups to the ansible inventory file. To accompany this, in the quick-installer interactive mode the etcd role is automatically applied to any masters. Anyone hand writing the quick installer config will now have to explicitly specify which hosts will be etcd. Fixes #2200
* Merge pull request #2218 from sdodson/image-stream-syncScott Dodson2016-07-29108-1127/+5249
|\ | | | | xPaaS v1.3.2 release
| * Remove old sso70-basic templatesScott Dodson2016-07-261-0/+12
| |
| * xPaaS v1.3.2 releaseScott Dodson2016-07-26107-1127/+5237
| |
* | Merge pull request #2236 from maxamillion/fedoraScott Dodson2016-07-291-1/+1
|\ \ | | | | | | update bootstrap-fedora playbook with new python crypto deps
| * | update bootstrap-fedora playbook with new python crypto depsAdam Miller2016-07-281-1/+1
| | | | | | | | | | | | Signed-off-by: Adam Miller <maxamillion@fedoraproject.org>
* | | Merge pull request #2233 from sdodson/masterScott Dodson2016-07-291-0/+1
|\ \ \ | | | | | | | | Fix HAProxy logging
| * | | Fix haproxy logsScott Dodson2016-07-281-0/+1
| | | |
* | | | Automatic commit of package [openshift-ansible] release [3.3.4-1].Troy Dawson2016-07-292-2/+16
|/ / /
* | | Merge pull request #2210 from abutcher/staggered-master-startScott Dodson2016-07-282-5/+39
|\ \ \ | | | | | | | | Stagger HA master service start
| * | | Stagger the start of master services.Andrew Butcher2016-07-242-5/+39
| | | |
* | | | Merge pull request #2232 from smunilla/BZ1353152Scott Dodson2016-07-281-3/+1
|\ \ \ \ | | | | | | | | | | a-o-i: Set roles on standalone storage
| * | | | a-o-i: Set roles on standalone storageSamuel Munilla2016-07-281-3/+1
|/ / / / | | | | | | | | | | | | | | | | | | | | Sets the roles appropriately when using a standalone storage host. Fixes BZ#1353152
* | | | Merge pull request #2224 from dgoodwin/infra-count-fixScott Dodson2016-07-272-4/+21
|\ \ \ \ | |_|/ / |/| | | Fix registry/router being created despite no infra nodes.
| * | | Fix registry/router being created despite no infra nodes.Devan Goodwin2016-07-272-4/+21
| | | | | | | | | | | | | | | | | | | | | | | | Fix a bug with determining the correct number of replicas to use, and guarding the creation of the router/registry on whether or not replicas is > 0.
* | | | Merge pull request #2229 from sdodson/dkorn-node_labelsScott Dodson2016-07-271-0/+3
|\ \ \ \ | | | | | | | | | | a-o-i: write missing openshift_node_labels
| * | | | Disable too many branches pylintScott Dodson2016-07-271-0/+1
| | | | |
| * | | | a-o-i: write missing openshift_node_labelsdkorn2016-07-271-0/+2
|/ / / /
* | | | Merge pull request #2228 from smunilla/arbitrary_host_varsScott Dodson2016-07-272-1/+8
|\ \ \ \ | | | | | | | | | | a-o-i: Support for arbitrary host-level variables
| * | | | a-o-i: Support for arbitrary host-level variablesSamuel Munilla2016-07-272-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | This allows the user to set a block containing any variables they want to set per-host instead of per-role.
* | | | | Merge pull request #1861 from jpic/beautiful_outputScott Dodson2016-07-271-0/+60
|\ \ \ \ \ | | | | | | | | | | | | Beautiful -v output from ansible
| * | | | | Beautiful -v output from ansiblejpic2016-07-271-0/+60
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When supporting openshift-ansible, users share pastes like:: TASK: [openshift_serviceaccounts | Grant the user access to the privileged scc] *** changed: [li1491-86.members.linode.com] => (item=['router', {'cmd': ['oc', 'get', 'scc', 'privileged', '-o', 'yaml'], 'end': '2016-05-05 13:31:50.216857', 'stderr': u'', 'stdout': 'allowHostDirVolumePlugin: true\nallowHostIPC: true\nallowHostNetwork: true\nallowHostPID: true\nallowHostPorts: true\nallowPrivilegedContainer: true\nallowedCapabilities: null\napiVersion: v1\ndefaultAddCapabilities: null\nfsGroup:\n type: RunAsAny\ngroups:\n- system:cluster-admins\n- system:nodes\nkind: SecurityContextConstraints\nmetadata:\n annotations:\n kubernetes.io/description: \'privileged allows access to all privileged and host\n features and the ability to run as any user, any group, any fsGroup, and with\n any SELinux context. WARNING: this is the most relaxed SCC and should be used\n only for cluster administration. Grant with caution.\'\n creationTimestamp: 2016-05-05T13:30:06Z\n name: privileged\n resourceVersion: "371"\n selfLink: /api/v1/securitycontextconstraints/privileged\n uid: 7ae22005-12c5-11e6-9bc5-06174e73e52a\npriority: null\nreadOnlyRootFilesystem: false\nrequiredDropCapabilities: null\nrunAsUser:\n type: RunAsAny\nseLinuxContext:\n type: RunAsAny\nsupplementalGroups:\n type: RunAsAny\nusers:\n- system:serviceaccount:openshift-infra:build-controller\n- system:serviceaccount:management-infra:management-admin\n- system:serviceaccount:management-infra:inspector-admin\nvolumes:\n- \'*\'', 'item': 'privileged', 'changed': False, 'rc': 0, 'failed': False, 'warnings': [], 'delta': '0:00:00.264340', 'invocation': {'module_name': u'command', 'module_complex_args': {}, 'module_args': u'oc get scc privileged -o yaml'}, 'stdout_lines': ['allowHostDirVolumePlugin: true', 'allowHostIPC: true', 'allowHostNetwork: true', 'allowHostPID: true', 'allowHostPorts: true', 'allowPrivilegedContainer: true', 'allowedCapabilities: null', 'apiVersion: v1', 'defaultAddCapabilities: null', 'fsGroup:', ' type: RunAsAny', 'groups:', '- system:cluster-admins', '- system:nodes', 'kind: SecurityContextConstraints', 'metadata:', ' annotations:', " kubernetes.io/description: 'privileged allows access to all privileged and host", ' features and the ability to run as any user, any group, any fsGroup, and with', ' any SELinux context. WARNING: this is the most relaxed SCC and should be used', " only for cluster administration. Grant with caution.'", ' creationTimestamp: 2016-05-05T13:30:06Z', ' name: privileged', ' resourceVersion: "371"', ' selfLink: /api/v1/securitycontextconstraints/privileged', ' uid: 7ae22005-12c5-11e6-9bc5-06174e73e52a', 'priority: null', 'readOnlyRootFilesystem: false', 'requiredDropCapabilities: null', 'runAsUser:', ' type: RunAsAny', 'seLinuxContext:', ' type: RunAsAny', 'supplementalGroups:', ' type: RunAsAny', 'users:', '- system:serviceaccount:openshift-infra:build-controller', '- system:serviceaccount:management-infra:management-admin', '- system:serviceaccount:management-infra:inspector-admin', 'volumes:', "- '*'"], 'failed_when_result': False, 'start': '2016-05-05 13:31:49.952517'}]) changed: [li1491-86.members.linode.com] => (item=['registry', {'cmd': ['oc', 'get', 'scc', 'privileged', '-o', 'yaml'], 'end': '2016-05-05 13:31:50.216857', 'stderr': u'', 'stdout': 'allowHostDirVolumePlugin: true\nallowHostIPC: true\nallowHostNetwork: true\nallowHostPID: true\nallowHostPorts: true\nallowPrivilegedContainer: true\nallowedCapabilities: null\napiVersion: v1\ndefaultAddCapabilities: null\nfsGroup:\n type: RunAsAny\ngroups:\n- system:cluster-admins\n- system:nodes\nkind: SecurityContextConstraints\nmetadata:\n annotations:\n kubernetes.io/description: \'privileged allows access to all privileged and host\n features and the ability to run as any user, any group, any fsGroup, and with\n any SELinux context. WARNING: this is the most relaxed SCC and should be used\n only for cluster administration. Grant with caution.\'\n creationTimestamp: 2016-05-05T13:30:06Z\n name: privileged\n resourceVersion: "371"\n selfLink: /api/v1/securitycontextconstraints/privileged\n uid: 7ae22005-12c5-11e6-9bc5-06174e73e52a\npriority: null\nreadOnlyRootFilesystem: false\nrequiredDropCapabilities: null\nrunAsUser:\n type: RunAsAny\nseLinuxContext:\n type: RunAsAny\nsupplementalGroups:\n type: RunAsAny\nusers:\n- system:serviceaccount:openshift-infra:build-controller\n- system:serviceaccount:management-infra:management-admin\n- system:serviceaccount:management-infra:inspector-admin\nvolumes:\n- \'*\'', 'item': 'privileged', 'changed': False, 'rc': 0, 'failed': False, 'warnings': [], 'delta': '0:00:00.264340', 'invocation': {'module_name': u'command', 'module_complex_args': {}, 'module_args': u'oc get scc privileged -o yaml'}, 'stdout_lines': ['allowHostDirVolumePlugin: true', 'allowHostIPC: true', 'allowHostNetwork: true', 'allowHostPID: true', 'allowHostPorts: true', 'allowPrivilegedContainer: true', 'allowedCapabilities: null', 'apiVersion: v1', 'defaultAddCapabilities: null', 'fsGroup:', ' type: RunAsAny', 'groups:', '- system:cluster-admins', '- system:nodes', 'kind: SecurityContextConstraints', 'metadata:', ' annotations:', " kubernetes.io/description: 'privileged allows access to all privileged and host", ' features and the ability to run as any user, any group, any fsGroup, and with', ' any SELinux context. WARNING: this is the most relaxed SCC and should be used', " only for cluster administration. Grant with caution.'", ' creationTimestamp: 2016-05-05T13:30:06Z', ' name: privileged', ' resourceVersion: "371"', ' selfLink: /api/v1/securitycontextconstraints/privileged', ' uid: 7ae22005-12c5-11e6-9bc5-06174e73e52a', 'priority: null', 'readOnlyRootFilesystem: false', 'requiredDropCapabilities: null', 'runAsUser:', ' type: RunAsAny', 'seLinuxContext:', ' type: RunAsAny', 'supplementalGroups:', ' type: RunAsAny', 'users:', '- system:serviceaccount:openshift-infra:build-controller', '- system:serviceaccount:management-infra:management-admin', '- system:serviceaccount:management-infra:inspector-admin', 'volumes:', "- '*'"], 'failed_when_result': False, 'start': '2016-05-05 13:31:49.952517'}]) With this patch, the json is nicely indented and std{err,out} are properly printed by default with -v.
* | | | | | Merge pull request #2226 from smunilla/general_inventory_varsScott Dodson2016-07-271-16/+18
|\ \ \ \ \ \ | | | | | | | | | | | | | | a-o-i: Move inventory vars to the correct location
| * | | | | | a-o-i: Move inventory vars to the correct locationSamuel Munilla2016-07-271-16/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Several variables such as 'deployment_type' and 'ansible_config' were being set under a variable group for the last defined role instead of under OSEv3:vars.
* | | | | | | Merge pull request #963 from ibotty/rpm_q-moduleScott Dodson2016-07-271-0/+70
|\ \ \ \ \ \ \ | |_|_|/ / / / |/| | | | | | add rpm_q module to query rpm database
| * | | | | | make rpm-q module pylint warning-freeTobias Florek2016-07-181-2/+6
| | | | | | |
| * | | | | | add rpm_q module to query rpm databaseTobias Florek2016-07-181-0/+66
| | | | | | |
* | | | | | | Merge pull request #2219 from sdodson/portal_netScott Dodson2016-07-273-12/+17
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Document openshift_portal_net
| * | | | | | | Document openshift_portal_netScott Dodson2016-07-263-12/+17
| | |/ / / / / | |/| | | | |
* / | | | | | Automatic commit of package [openshift-ansible] release [3.3.3-1].Troy Dawson2016-07-272-2/+45
|/ / / / / /
* | | | | | Merge pull request #2205 from liangxia/fix-typoScott Dodson2016-07-261-1/+1
|\ \ \ \ \ \ | | | | | | | | | | | | | | Fix "deloyment" typo in deployment types doc
| * | | | | | Fix "deloyment" typo in deployment types docliangxia2016-07-251-1/+1
| | |_|/ / / | |/| | | |
* | | | | | Merge pull request #2213 from detiber/remove_old_metrics_roleJason DeTiberus2016-07-2613-274/+0
|\ \ \ \ \ \ | | | | | | | | | | | | | | remove outdated openshift_cluster_metrics role
| * | | | | | remove outdated openshift_cluster_metrics roleJason DeTiberus2016-07-2513-274/+0
| |/ / / / /
* | | | | | Merge pull request #2216 from abutcher/fix-named-certsAndrew Butcher2016-07-251-3/+3
|\ \ \ \ \ \ | |/ / / / / |/| | | | | Fix named certificate directory path.
| * | | | | Template named certificates with_items.Andrew Butcher2016-07-251-2/+2
| | | | | |
| * | | | | Replace master_cert_config_dir with common config_base fact.Andrew Butcher2016-07-251-1/+1
|/ / / / /
* | | | | Merge pull request #2196 from dgoodwin/nuke-images-symlinkAndrew Butcher2016-07-221-0/+1
|\ \ \ \ \ | |_|_|/ / |/| | | | Add missing nuke_images.sh symlink.
| * | | | Add missing nuke_images.sh symlink.Devan Goodwin2016-07-221-0/+1
| | | | |
* | | | | Merge pull request #2194 from smunilla/persist_rolesScott Dodson2016-07-211-0/+3
|\ \ \ \ \ | | | | | | | | | | | | a-o-i: Persist Roles Variables
| * | | | | a-o-i: Persist Roles VariablesSamuel Munilla2016-07-211-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | Previously, we we're saving the roles variables set during a run.
* | | | | | Merge pull request #1990 from abutcher/openshift-certificatesScott Dodson2016-07-2119-289/+349
|\ \ \ \ \ \ | | | | | | | | | | | | | | Refactor openshift certificates roles.
| * | | | | | Re-arrange master and node role dependencies.Andrew Butcher2016-07-204-3/+21
| | | | | | |
| * | | | | | Refactor openshift certificates roles.Andrew Butcher2016-07-2019-287/+329
| | | | | | |
* | | | | | | Merge pull request #2192 from abutcher/replicasScott Dodson2016-07-212-2/+2
|\ \ \ \ \ \ \ | |_|_|/ / / / |/| | | | | | Bug 1358723 - openshift_hosted_router_replicas option didn't work
| * | | | | | Default nodes matching selectors when not collected.Andrew Butcher2016-07-212-2/+2
| | | | | | |
* | | | | | | Merge pull request #2168 from dgoodwin/container-cli-speedScott Dodson2016-07-217-46/+149
|\ \ \ \ \ \ \ | |_|_|/ / / / |/| | | | | | Copy openshift binary instead of using wrapper script.
| * | | | | | Copy openshift binaries instead of using wrapper script.Devan Goodwin2016-07-213-44/+135
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For containerized masters, we previously create a wrapper script to run the docker CLI image and clean up afterward, but this approach is much slower than having the binary on the native system. Instead we now use an ansible module to handle the logic of syncing the various OpenShift binaries and symlinks for client tools out onto the host. The module will correctly report changed if modifications were needed. Substantial speed improvement for containerized installs which requires many openshift/oc commands.
| * | | | | | Stop reporting changes when docker pull is already up to date.Devan Goodwin2016-07-205-2/+14
| | | | | | |
* | | | | | | Merge pull request #2187 from lhuard1A/bin_cluster_libvirt_ansible_2.1Jason DeTiberus2016-07-215-45/+27
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | | Fix libvirt provider for Ansible 2.1.0.0