| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|\
| |
| | |
Add iptables firewall support to openshift-common
|
| |
| |
| |
| | |
sets environment configs for root user
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- Add os_firewall role
- Remove firewall settings from base_os, add wait task to os_firewall
- Added a iptables firewall module for maintaining the following (in a mostly
naive manner):
- ensure the OPENSHIFT_ALLOW chain is defined
- ensure that there is a jump rule in the INPUT chain for OPENSHIFT_ALLOW
- adds or removes entries from the OPENSHIFT_ALLOW chain
- issues '/usr/libexec/iptables/iptables.init save' when rules are changed
- Limitations of iptables firewall module
- only allows setting of ports/protocols to open
- no testing on ipv6 support
- made os_firewall a dependency of openshift_common
- Hardcoded openshift_common to use iptables (through the vars directory)
until upstream support is in place for firewalld
|
|/ |
|
|\
| |
| | |
Add flexible destination format string to ec2.py
|
| |
| |
| |
| |
| | |
This allows us to construct hostnames from a format string
plus ec2 tag values.
|
|/ |
|
|\
| |
| | |
Correct syntax error of missing quotes
|
| |
| |
| | |
Always quote template expression brackets when they start a value.
|
|\ \
| | |
| | | |
remove extra '}'
|
| |/ |
|
|\ \
| | |
| | | |
Fix './cluster.sh list' on AWS when some VMs have no name
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In case some AWS VMs have no name (VMs not managed by openshift-online-ansible),
'./cluster.sh list' fails with the following error:
./cluster.sh list
/home/lenaic/doc/prog/RedHat/openshift-online-ansible/lib/aws_helper.rb:31:in `sort_by': comparison of Array with Array failed (ArgumentError)
from /home/lenaic/doc/prog/RedHat/openshift-online-ansible/lib/aws_helper.rb:31:in `sort_by!'
from /home/lenaic/doc/prog/RedHat/openshift-online-ansible/lib/aws_helper.rb:31:in `get_hosts'
from /home/lenaic/doc/prog/RedHat/openshift-online-ansible/lib/aws_command.rb:118:in `list'
from /home/lenaic/.gem/ruby/2.2.0/gems/thor-0.19.1/lib/thor/command.rb:27:in `run'
from /home/lenaic/.gem/ruby/2.2.0/gems/thor-0.19.1/lib/thor/invocation.rb:126:in `invoke_command'
from /home/lenaic/.gem/ruby/2.2.0/gems/thor-0.19.1/lib/thor.rb:359:in `dispatch'
from /home/lenaic/.gem/ruby/2.2.0/gems/thor-0.19.1/lib/thor/invocation.rb:115:in `invoke'
from /home/lenaic/.gem/ruby/2.2.0/gems/thor-0.19.1/lib/thor.rb:235:in `block in subcommand'
from /home/lenaic/.gem/ruby/2.2.0/gems/thor-0.19.1/lib/thor/command.rb:27:in `run'
from /home/lenaic/.gem/ruby/2.2.0/gems/thor-0.19.1/lib/thor/invocation.rb:126:in `invoke_command'
from /home/lenaic/.gem/ruby/2.2.0/gems/thor-0.19.1/lib/thor.rb:359:in `dispatch'
from /home/lenaic/.gem/ruby/2.2.0/gems/thor-0.19.1/lib/thor/base.rb:440:in `start'
from ./cloud.rb:27:in `block in <main>'
from ./cloud.rb:25:in `chdir'
from ./cloud.rb:25:in `<main>'
With that fix, we get the expected result:
./cluster.sh list
Name Env State IP Address Created By
---- --- ----- ---------- ----------
UNSET UNSET running 54.152.46.170
test-openshift-master-92675686da test running 54.152.33.235 lenaic
test-openshift-node-2a43dcb0b4 test running 52.1.69.75 lenaic
test-openshift-node-94af201376 test running 54.86.4.149 lenaic
|
|\ \ \
| |_|/
|/| | |
Allows it to run on OSX
|
| |/
| |
| |
| |
| | |
- Versions of ruby ported on OSX requires escaping of hyphens in regexp
- Adds documentation on packages required by OSX to run openshift-online-ansible on OSX
|
|\ \
| | |
| | | |
Prefer YAML style datastructures over JSON
|
| | |
| | |
| | |
| | | |
- Switch JSON style datastructures to YAML for debuggability
|
|\ \ \
| | | |
| | | | |
Add openshift_sdn_{master,node} roles
|
| |/ / |
|
|\ \ \
| | | |
| | | | |
openshift_node changes for register_node module
|
| |/ /
| | |
| | |
| | |
| | | |
- add openshift_register_node module to openshift_node role
- verifies that node isn't already registered before attempting to register it
|
|\ \ \
| |/ /
|/| | |
add openshift_hostname workaround var
|
| | |
| | |
| | |
| | |
| | | |
- for use anywhere the hostname is used that would be dependent on
the openshift_hostname_workaround setting.
|
|/ /
| |
| |
| |
| | |
- use openshift_bind_ip for hostname when openshift_hostname_workaround is true
- defaults to true to maintain current behavior.
|
|\ \
| | |
| | | |
add support for overriding default registry url
|
|/ / |
|
|\ \
| | |
| | | |
Set local_facts for openshift_{node,master} later in the task list
|
|/ / |
|
|\ \
| | |
| | | |
Disable master,node services when externally managed
|
| | | |
|
|\ \ \
| |/ /
|/| | |
Bugfixes for openshift-common related changes
|
|/ /
| |
| |
| |
| |
| |
| |
| | |
- Fix failed attempt to cleanup service notify on creds changes
- Fix master URL for node to use https
- Set openshift_debug_level in vars.yml for playbooks
- This puts us closer to the original debug settings, where after the
openshift-common changes the debug settings were defaulting back to 0
|
|\ \
| | |
| | | |
docker role cleanup
|
| | |
| | |
| | |
| | |
| | |
| | | |
- use service module for enabling/restarting docker service
- remove unused role directories/files
- use user module for adding the docker group to the root user
|
|\ \ \
| | | |
| | | | |
Cleanup empty role dirs/files
|
| |/ / |
|
|\ \ \
| | | |
| | | | |
add jdetiber to list of SUPPORTED_ENVS
|
| |/ / |
|
|\ \ \
| |/ /
|/| | |
create openshift-common role
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- move common openshift logic into openshift_common
- set openshift_common as a dependency for openshift_node and openshift_master
- rename role variables to openshift_* to be more descriptive
- start recording local_facts on the openshift hosts
- clean up firewalld config to be a bit more dry
- Update firewall ports for https, make sure http rules are removed
- Replace references to ansible_eth0.ipv4.address with
ansible_default_ipv4.address
|
|/ /
| |
| |
| |
| | |
- allows playbooks to be able to discover roles and filter_plugins without
having to manipulate the environment or use relative paths.
|
|\ \
| | |
| | | |
tower install
|
| | | |
|
| | | |
|
| | | |
|
| |\ \
| |/ /
|/| |
| | |
| | | |
Conflicts:
lib/aws_command.rb
|