summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* GCP: Refactor data disk(s) creation and setup to instance template v2 (#537)Peter Schiffer2017-07-180-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add roles to create and delete empty image (workaround) GCE API does not allow you to specify empty disks in instance templates. This is a workaround to that limitation. The version of cloudilb currently available as an RPM on my build system also doesn’t allow me to specify a family for this image. The impact of this is limited because GCE API has a bug where as if we specify the image using the family it doesn’t work as expected. * Refactor disk creation to instance templates There is currently a bug in GCE API that when you specify a non-boot disk sourceImage as a family it will instead use the sourceImage from the boot disk. To workaround this we don’t use a family to specify this sourceImage even though it is more appropriate to do so. * Instance group related pauses We introduce two pauses: 1) Immediately after creating the “core” deployment. This is to give time to the instance groups to become “complete”. Ideally we would poll the API instead of waiting a fixed amount of time but this is better than nothing. 2) The second waits for the newly spawned instances to be reachable. Ideally we would use wait_for_connection to achieve this but the following bug keeps this from working for instances behind a bastion host: https://github.com/ansible/ansible/issues/23774 * Use cloud-init to configure attached data disks * Cosmetics cleanup, removed some values which are default.. Also let's forget about empty image family, no need to version this image. * Query instance group manager to see if instances are ready * Empty image archive is very small, no need for composite upload * Use more robust check if instances are ready for ssh
* Slightly enhanced deployment manager role (#556)Peter Schiffer2017-07-170-0/+0
| | | | | | | | | | | | * Check if deployment exists in failed state and delete it before continuing, if it does. Resolves: #438 * Differentiate gold image deployment when deploying origin So there can be both gold images present in one gcp project.
* Add a role to generate a static inventory (#540)Bogdan Dobrelya2017-07-175-0/+154
| | | | | | * Add the static-inventory role that configures the inventory/hosts file by the given path, or creates it for you. Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* Retry tasks in the subscription manager role (#552)Tlacenka2017-07-171-0/+28
| | | | | | | | * subscription manager: added 10 retries after 1 second delay * subscription manager: added untils * sub manager: typo
* Set docker registry to 3 (#555)Glenn S West2017-07-170-0/+0
|
* Merge pull request #536 from e-minguez/azure_logging_metrics_postGlenn S West2017-07-170-0/+0
|\ | | | | Azure logging metrics and logging deployment in post installation step
| * Premium storage for logging/metricsEduardo Minguez Perez2017-07-130-0/+0
| |
| * Container name should be vhdsEduardo Minguez Perez2017-07-130-0/+0
| |
| * Back to openshift/master repoEduardo Minguez Perez2017-07-110-0/+0
| |
| * Added OCP aggregated loggingEduardo Minguez Perez2017-07-110-0/+0
| | | | | | | | | | | | | | | | | | * App logging enabled by default * Ops logging disabled by default * Elasticsearch HA by default * Fluentd on all nodes/masters * All the rest of the components deployed on infra nodes * Dynamic storage
* | RHV provider BYO code (#548)Chandler Wilkerson2017-07-140-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add ssh keys to ovirt VM template * Adjusted role path * Adding .example to list of ignored inventory files * Fixed ssh-key placement * instance group and install code for OCP * Added info about certs and qcow to README * Not a Vsphere * Added load balancer to instance groups * Added check for installing local satellite katello rpm * Reorganized variables * Formatting * Playbook to output DNS entries in nsupdate format * Hosts commented out for publishing * Added variables file for user edit * Moved variables around for centralized management by user * Updated documentation * Formatting * Renaming to match style of repo * Changing underscores to dashes for style * Updated naming convention to match rest of repo * Updated naming convention to match rest of repo * Fixed link * Resolving Lint issues
* | Set up NetworkManager automatically (#542)Tomas Sedovic2017-07-143-5/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Set up NetworkManager automatically This removes the extra step of running the `openshift-ansible/playbooks/byo/openshift-node/network_manager.yml` before installing openshift. In addition, the playbook relies on a host group that the provisioning doesn't provide (oo_all_hosts). Instead, we set up NetworkManager on CentOS nodes automatically. And we restart it on RHEL (which is necessary for the nodes to pick up the new DNS we configured the subnet with). This makes the provisioning easier and more resilient. * Apply the node-network-manager role to every node It makes the code simpler and more consistent across distros.
* | Merge pull request #546 from tomassedovic/jinja-versionBogdan Dobrelya2017-07-141-4/+4
|\ \ | | | | | | Replace greaterthan and equalto in openstack-stack
| * | Replace greaterthan and equalto in openstack-stackTomas Sedovic2017-07-131-4/+4
| | | | | | | | | | | | | | | | | | These two Jinja filters were added in 2.8 which is notably not packaged in CentOS and RHEL. This removes them in favour of the `==` and `>` operators which are available in Jinja 2.7.
* | | add missing ansible rpm to sample command (#545)Ilkka Tengvall2017-07-130-0/+0
| | |
* | | Move OCP variables to one place (#547)Peter Schiffer2017-07-130-0/+0
|/ / | | | | | | | | | | | | | | * Refactor gcloud.sh script for DRY Introduce run_playbook() fn so the rest of the script can be simplified. * Move OCP variables to one place
* | needed to expand name (#543)Ryan Cook2017-07-120-0/+0
| |
* | Switch the sample inventory to CentOS (#541)Tomas Sedovic2017-07-122-3/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Switch the sample inventory to CentOS This changes the image name and deployment types to use centos instead of rhel and sets `rhsm_register` to false. With these changes, the inventory should be immediately deployable using the default values (assuming the image, network and flavor names match). Ideally, the upstream CI will just end up using this inventory with little to no changes, too at some point. * Specify the origin openshift_release
* | Add defaults values for some openstack vars (#539)Tomas Sedovic2017-07-123-9/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add defaults values for some openstack vars Ansible shows errors when the `rhsm_register` and `openstack_flat_secgrp` values are not present in the inventory even though they have sensible default values. This makes them both default to false when they're not specified. * Comment out the flat security group option in inv It's no longer required to be there so let's comment it out.
* | Install DNS roles from casl-infra with galaxy (#529)Bogdan Dobrelya2017-07-123-3/+26
|/ | | Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* Playbook prerequisites.yml checks that prerequisites are met before ↵Tlacenka2017-07-102-0/+78
| | | | | | | | | | | | | | | | | | | provisioning (#518) * prerequisites.yml: check prerequisites on localhost needed for provisioning provision.yml: includes prerequisites.yml * prerequisites: indentation fixed * prerequisites.yml: used ansible_version variable, openstack modules for ansible * prerequisites.yml: os_keypair is not suitable for this purpose * prerequisites.yml: openstack keypair command exchanged for shade - there is no Ansible module for this now - os_keypair is not suitable for this purpose - python-openstackclient dependency is not desirable
* Merge pull request #534 from dav1x/heketi-service-startingDavis Phillips2017-07-070-0/+0
|\ | | | | setting enabled=yes for heketi
| * mendDavis Phillips2017-07-070-0/+0
| |
| * setting enabled=yes for heketiDavis Phillips2017-07-070-0/+0
|/
* Merge pull request #531 from dav1x/missing-playbooks-crsDavis Phillips2017-07-050-0/+0
|\ | | | | adding some fixes for annette issues
| * enable heketiDavis Phillips2017-07-050-0/+0
| |
| * adding some fixes for annette issuesDavis Phillips2017-07-050-0/+0
| |
* | GCP: Allow for custom VPC subnet II (#530)Peter Schiffer2017-07-040-0/+0
| | | | | | | | | | | | | | | | * GCP: Allow for custom VPC subnet * Couple of cosmetic fixes to the PR #500 * Better description of config value
* | Merge pull request #501 from bogdando/github_templatesTomas Sedovic2017-06-300-0/+0
|\ \ | | | | | | Add ISSUE/PR github templates
| * | Add ISSUE/PR github templatesBogdan Dobrelya2017-06-260-0/+0
| | | | | | | | | | | | Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* | | Added optional metrics to AzureEduardo Minguez Perez2017-06-300-0/+0
| | |
* | | Merge pull request #510 from e-minguez/azure-swapGlenn S West2017-06-300-0/+0
|\ \ \ | | | | | | | | Disable swap on nodes
| * | | Disable swap on nodesEduardo Minguez Perez2017-06-270-0/+0
| | | |
* | | | Merge pull request #520 from e-minguez/enable_dnsmasq_azureGlenn S West2017-06-300-0/+0
|\ \ \ \ | | | | | | | | | | Enable dnsmasq or it fails resolving k8s svc
| * | | | Variable not used and dnsmasq installation by OCPEduardo Minguez Perez2017-06-290-0/+0
| | | | |
| * | | | Enable dnsmasq or it fails resolving k8s svcEduardo Minguez Perez2017-06-290-0/+0
| | | | |
* | | | | Merge pull request #525 from bogdando/manage_packagesTomas Sedovic2017-06-303-9/+25
|\ \ \ \ \ | | | | | | | | | | | | Manage packages to install/update for openstack provider
| * | | | | Manage packages to install/update for openstack providerBogdan Dobrelya2017-06-303-9/+25
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow required packages and yum update all steps to be optionally disabled. Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* | | | | Merge pull request #522 from bogdando/native_dns_firstTomas Sedovic2017-06-307-73/+108
|\ \ \ \ \ | | | | | | | | | | | | Persist DNS configuration for nodes for openstack provider
| * | | | | Persist DNS configuration for nodes for openstack providerBogdan Dobrelya2017-06-307-73/+108
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Firstly, provision a Heat stack with given public resolvers. * After the DNS node configured as an authoritative server, switch the Heat stack's Neutron subnet to that resolver (private_dns_server) the way it to become the first entry pushed into the hosts /etc/resolv.conf. It will be serving the cluster domain requests for OpenShift nodes and workloads. * Drop post-provision /etc/reslov.conf nameserver hacks as not needed anymore. * Fix dns floating IPs output and add the priv IPs output as well. * Update docs, clarify localhost vs servers requirements, add required Network Manager setup step. * Use post-provision task names instead of comments. Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* | | | | Merge pull request #523 from tomassedovic/wait_for_connectionBogdan Dobrelya2017-06-301-3/+7
|\ \ \ \ \ | | | | | | | | | | | | Use wait_for_connection for the Heat nodes
| * | | | | Fix yaml indentationTomas Sedovic2017-06-291-1/+1
| | | | | |
| * | | | | Use wait_for_connection for the Heat nodesTomas Sedovic2017-06-291-3/+7
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `wait_for_connection` module is more reliable as it uses Ansible's `ping` to verify the nodes are really accessible. Using `wait_for` and checking that port 22 is open runs into the possibility of SSH being up but the public keys or users not being set up yet (as that's done with cloud-init). In addition, we were gathering facts before running the wait_for task which rendered it useless.
* / / / / By default htpasswd is overwritten by reinstalling (#519)Eduardo Mínguez2017-06-300-0/+0
|/ / / / | | | | | | | | https://github.com/openshift/openshift-ansible/blob/master/roles/openshift_master_facts/tasks/main.yml#L73
* | | | Sets mapping_method to claim for github (#517)Takeshi2017-06-280-0/+0
| | | | | | | | | | | | | | | | Set the mapping method to claim like it is set for the deployment. Mapping method true is invalid and the ansible playbook will error out.
* | | | Uncomments the ose identify providerTakeshi2017-06-280-0/+0
| | | |
* | | | Merge pull request #502 from bogdando/sec_groupsTomas Sedovic2017-06-281-13/+4
|\ \ \ \ | | | | | | | | | | Modify sec groups for provisioned openstack servers
| * | | | Modify sec groups for provisioned openstack serversBogdan Dobrelya2017-06-261-13/+4
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Drop ingress DNS rules from the common secgrp. Add an ingress ICMP rule, restricted by the ssh ingress cidr, to the common secgrp. This allows to ping servers from the control node (ansible admin node). Add dns servers into the common secgrp as well. Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* | | | Merge pull request #511 from Tlacenka/jinja_dependencyTomas Sedovic2017-06-281-0/+1
|\ \ \ \ | | | | | | | | | | List jinja2 as a dependency in provisioning README
| * | | | README.md: fixing typoKaterina Pilatova2017-06-271-1/+1
| | | | |