summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #5680 from ↵OpenShift Merge Robot2017-10-062-1/+4
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | mgugino-upstream-stage/ensure-docker-restarts-with-iptables Automatic merge from submit-queue. Ensure docker is restarted when iptables is restarted Currently, os_firewall role may run after docker role, and iptables.service may be restarted. When restarted, this negatively impacts docker's iptables rules. This commit ensures that if iptables is restarted, docker is restarted as well (by systemd) Fixes: https://github.com/openshift/origin/issues/16709
| * Ensure docker is restarted when iptables is restartedMichael Gugino2017-10-062-1/+4
| | | | | | | | | | | | | | | | | | | | | | Currently, os_firewall role may run after docker role, and iptables.service may be restarted. When restarted, this negatively impacts docker's iptables rules. This commit ensures that if iptables is restarted, docker is restarted as well (by systemd) Fixes: https://github.com/openshift/origin/issues/16709
* | Merge pull request #5660 from sdodson/one-exampleScott Dodson2017-10-062-970/+30
|\ \ | | | | | | Stop including origin and ose hosts example file
| * | Stop including origin and ose hosts example fileScott Dodson2017-10-062-970/+30
|/ / | | | | | | | | It's a pain keeping these two in sync so just mention the differences as necessary.
* | Merge pull request #4820 from dcbw/revert-change-requires-to-wants-openvswitchOpenShift Merge Robot2017-10-062-0/+2
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. node: make node service PartOf=openvswitch.service when openshift-sdn is used This reverts commit 7f805f9a0c41477365dd88b0ac73f0d221bd654a. The commit causes the behavior seen in https://bugzilla.redhat.com/show_bug.cgi?id=1453113 because openshift-node is no longer restarted when openvswitch is. @giuseppe @sdodson @knobunc RE https://github.com/openshift/openshift-ansible/pull/4213 can we get a more detailed explanation of why the various dependencies are not being restarted correctly?
| * | node: make node service PartOf=openvswitch.service when openshift-sdn is usedDan Williams2017-10-052-0/+2
| |/ | | | | | | | | | | | | | | | | | | | | | | | | Commit 7f805f9a0c41477365dd88b0ac73f0d221bd654a causes the behavior seen in https://bugzilla.redhat.com/show_bug.cgi?id=1453113 because openshift-node is no longer restarted when openvswitch is, due to the change from Requires to Wants. Turns out that making the openshift node service PartOf the OVS service can achieve the same result and ensure openshift-node gets restarted whenever OVS does, which ensures that networking doesn't break underneath the node. Suggested by Giuseppe Scrivano
* | Automatic commit of package [openshift-ansible] release [3.7.0-0.144.0].Jenkins CD Merge Bot2017-10-062-2/+47
| | | | | | | | | | | | Created by command: /usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
* | Merge pull request #5679 from mgugino-upstream-stage/fix-etcd-typoScott Dodson2017-10-051-1/+1
|\ \ | |/ |/| fix typo for default in etcd
| * fix typo for default in etcdMichael Gugino2017-10-051-1/+1
|/
* Merge pull request #5673 from ewolinetz/bz1497041Scott Dodson2017-10-051-1/+1
|\ | | | | Bumping version of service catalog image for 3.7
| * Bumping version of service catalog image for 3.7Eric Wolinetz2017-10-051-1/+1
| |
* | Merge pull request #5336 from tbielawa/cfme_4.6OpenShift Merge Robot2017-10-0553-1253/+5059
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Cfme 4.6 # Description * Implements support for **CFME 4.6** in OCP 3.7 * **Replaces** the Tech Preview CFME 4.5 release included in OCP 3.6 * Does not support graceful migrations from the CFME 4.5 tech preview release # References * [Trello - (5) Integrate CFME 4.6 into OCP Installation](https://trello.com/c/Rzfn5Qa8/380-5-integrate-cfme-46-into-ocp-installation) Ensure the following RFE/Errors do not happen again - [x] #4555 - Error creating the CFME user - [x] #4556 - Error in PV template evaluation - [x] #4822 - Changing `maxImagesBulkImportedPerRepository` parameter - [x] #4568 - Add NFS directory support # Features Ensure the following features are configurable in the role - [x] POC deployments can easily default to NFS storage - [ ] Production/Cloud deployments can use automatic storage providers - [ ] Able to select between podified vs. external PostgreSQL database (podified uses configured storage mechanism) - [x] Template resource requests can be overridden for POC deployments
| * | Fix lint errorTim Bielawa2017-10-041-10/+10
| | |
| * | Remove the no-longer-used App/DB pv size override variables from inventoriesTim Bielawa2017-10-042-15/+0
| | |
| * | Add notes about SA token. Improve NFS validation.Tim Bielawa2017-10-045-37/+107
| | |
| * | Hooks for installing CFME during full openshift installationTim Bielawa2017-10-044-30/+28
| | |
| * | DocumentationTim Bielawa2017-10-045-106/+294
| | | | | | | | | | | | | | | | | | | | | * Update README * Add parameter docs to inventory examples * Remove unused graphic * Update defaults
| * | Import upstream templates. Do the work. Validate parameters.Tim Bielawa2017-10-0443-494/+2846
| | |
| * | CFME 4.6 work begins. CFME 4.5 references added to the release-3.6 branchTim Bielawa2017-10-0426-1186/+2399
| | |
* | | Merge pull request #5644 from etsauer/installer-image-directory-supportScott Dodson2017-10-052-2/+7
|\ \ \ | |_|/ |/| | Adding support for an inventory directory/hybrid inventory
| * | Adding support for an inventory directory/hybrid inventoryEric Sauer2017-10-032-2/+7
| | |
* | | Merge pull request #5605 from mgugino-upstream-stage/build-provision-splitOpenShift Merge Robot2017-10-0515-137/+187
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Build provision split Make provisioning steps more reusable Reorganizing and making some of the plays more reusable. Depends-on: https://github.com/openshift/openshift-ansible/pull/5565
| * | | fix master-facts for provisioningMichael Gugino2017-10-022-4/+4
| | | |
| * | | Make provisioning steps more reusableMichael Gugino2017-10-0215-137/+187
| | | | | | | | | | | | | | | | | | | | Reorganizing and making some of the plays more reusable.
* | | | Merge pull request #5637 from wozniakjan/1496271_fixOpenShift Merge Robot2017-10-056-13/+28
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Bug 1496271 - Perserve SCC for ES local persistent storage ES can be modified to use node local persistent storage. This requires changing SCC and is described in docs: https://docs.openshift.com/container-platform/3.6/install_config/aggregate_logging.html During an upgrade, SCC defined by the user is ignored. This fix fetches SCC user defined as a fact and adds it to the ES DC which is later used. Also includes cherrypicked fix for - Bug 1482661 - Preserve ES dc nodeSelector and supplementalGroups cc @jcantrill
| * | | | Bug 1496271 - Perserve SCC for ES local persistent storageJeff Cantrill2017-10-035-6/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ES can be modified to use node local persistent storage. This requires changing SCC and is described in docs: https://docs.openshift.com/container-platform/3.6/install_config/aggregate_logging.html During an upgrade, SCC defined by the user is ignored. This fix fetches SCC user defined as a fact and adds it to the ES DC which is later used.
| * | | | bug 1482661. Preserve ES dc nodeSelector and supplementalGroupsJeff Cantrill2017-09-295-7/+18
| | | | | | | | | | | | | | | | | | | | (cherry picked from commit 601e35cbf4410972c7fa0a1d3d5c6327b82353ac)
* | | | | Merge pull request #5658 from sosiouxme/20171004-groups-for-checksOpenShift Merge Robot2017-10-0519-116/+122
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. nfs, lb, and groups for checks Checks have been using the byo group names for determining whether they need to be active or not. Now that everything is running through common initialization, stop assuming byo names and start referring to the common ones. As a follow-on [bugfix](https://bugzilla.redhat.com/show_bug.cgi?id=1496760), run docker checks only where docker will be: nodes, and containerized master/etcd. We specifically don't want to run against lb or nfs, but a whitelist approach is used.
| * | | | | openshift_checks: lb and nfs do not need dockerLuke Meyer2017-10-042-5/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fixes bug 1496760 https://bugzilla.redhat.com/show_bug.cgi?id=1496760
| * | | | | openshift_checks: use oo group names everywhereLuke Meyer2017-10-0419-112/+116
| | | | | |
* | | | | | Merge pull request #5564 from jcantrill/es_promOpenShift Merge Robot2017-10-057-5/+159
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Add logging es prometheus endpoint This PR adds changes to add a prometheus endpoint to the logging elasticsearch pod
| * | | | | | Add logging es prometheus endpointJeff Cantrill2017-10-037-5/+159
| | | | | | |
* | | | | | | Merge pull request #5616 from ↵OpenShift Merge Robot2017-10-041-1/+1
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | wozniakjan/logging/elasticsearch/honor_es_cpu_settings Automatic merge from submit-queue. logging: honor openshift_logging_es_cpu_limit PR https://github.com/openshift/openshift-ansible/pull/3509 has removed any usage of `openshift_logging_es_cpu_limit`. Currently, the `openshift_logging_elasticsearch_cpu_limit` is either default '1000m' or derived from `openshift_logging_es_ops_cpu_limit` but if user sets the `openshift_logging_es_cpu_limit` in the inventory as documented, its value is ignored. This PR fixes the issue by setting `openshift_logging_elasticsearch_cpu_limit=openshift_logging_es_cpu_limit` and when the role is included as -ops, it overrides this setting with `openshift_logging_es_ops_cpu_limit`.
| * | | | | | | logging: honor openshift_logging_es_cpu_limitJan Wozniak2017-10-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | PR https://github.com/openshift/openshift-ansible/pull/3509 has removed any usage of `openshift_logging_es_cpu_limit`. Currently, the `openshift_logging_elasticsearch_cpu_limit` is either default '1000m' or derived from `openshift_logging_es_ops_cpu_limit` but if user sets the `openshift_logging_es_cpu_limit` in the inventory as documented, its value is ignored. This PR fixes the issue by trying to set openshift_logging_elasticsearch_cpu_limit=openshift_logging_es_cpu_limit And including the role as -ops overrides this setting.
* | | | | | | | Merge pull request #5636 from ↵OpenShift Merge Robot2017-10-041-2/+2
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | mgugino-upstream-stage/limit-openshift-version-hosts Automatic merge from submit-queue. Limit hosts that run openshift_version role Currently, the openshift_version role is run against the oo_all_hosts group. This causes the dependencies, such as openshift_docker and docker, to be run against host groups that were not intended, such as nfs. This commit explicitly limits the openshift_version role to run only against masters, nodes, and etcd host groups. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1497144
| * | | | | | | | Limit hosts that run openshift_version roleMichael Gugino2017-10-031-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, the openshift_version role is run against the oo_all_hosts group. This causes the dependencies, such as openshift_docker and docker, to be run against host groups that were not intended, such as nfs. This commit explicitly limits the openshift_version role to run only against masters, nodes, and etcd host groups. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1497144
* | | | | | | | | Merge pull request #5647 from mgugino-upstream-stage/docker-reg-auth-after-startOpenShift Merge Robot2017-10-041-12/+12
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Ensure docker service started prior to credentials Currently, authenticated registry credentials are requested before docker might be started in the docker role. This commit moves the relevant registry credential tasks to after docker is started. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
| * | | | | | | | | Ensure docker service started prior to credentialsMichael Gugino2017-10-031-12/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, authenticated registry credentials are requested before docker might be started in the docker role. This commit moves the relevant registry credential tasks to after docker is started. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
* | | | | | | | | | Merge pull request #5543 from ewolinetz/bz1495150OpenShift Merge Robot2017-10-041-4/+0
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Removing setting pvc size and dynamic to remove looped var setting If we don't set openshift_logging_es_pvc_size but have `openshift_logging_es_pvc_dynamic=True` we see the variable openshift_logging_elasticsearch_pvc_size is set recursively as itself. Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1495150 https://bugzilla.redhat.com/show_bug.cgi?id=1496202
| * | | | | | | | | | Removing setting pvc size and dynamic to remove looped var settingEric Wolinetz2017-09-261-4/+0
| | | | | | | | | | |
* | | | | | | | | | | Merge pull request #5643 from mtnbikenc/refactor-certificatesOpenShift Merge Robot2017-10-0410-57/+15
|\ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Refactor certificate playbooks for checkpointing The recent breakout of the certificate playbooks resulted in the certificate portion of the install to be outside of the component checkpoint. This PR moves the certificate playbooks inside their respective config.yml playbook. Removes an unused tasks file from the openshift_named_certificates role.
| * | | | | | | | | | | Remove unused tasks file in openshift_named_certificatesRussell Teague2017-10-031-32/+0
| | | | | | | | | | | |
| * | | | | | | | | | | Move node cert playbook into node config pathRussell Teague2017-10-033-4/+2
| | | | | | | | | | | |
| * | | | | | | | | | | Move master cert playbooks into master config pathRussell Teague2017-10-036-17/+9
| | | | | | | | | | | |
| * | | | | | | | | | | Move etcd cert playbooks into etcd config pathRussell Teague2017-10-032-4/+4
| | |_|/ / / / / / / / | |/| | | | | | | | |
* | | | | | | | | | | Merge pull request #5566 from ewolinetz/bz1415297OpenShift Merge Robot2017-10-043-25/+66
|\ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Validate storage kinds aren't dynamic without dynamic provisioning enabled Checking if any openshift_*_storage_kind variables are set to dynamic without enabling dynamic provisioning nor setting a cloud provider. Addresses https://bugzilla.redhat.com/show_bug.cgi?id=1415297
| * | | | | | | | | | | Addressing tox issuesEric Wolinetz2017-09-292-5/+8
| | | | | | | | | | | |
| * | | | | | | | | | | Checking if any openshift_*_storage_kind variables are set to dynamic ↵Eric Wolinetz2017-09-273-25/+63
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | without enabling dynamic provisioning
* | | | | | | | | | | | Merge pull request #5314 from fabianvf/asb-config-updateOpenShift Merge Robot2017-10-0418-131/+313
|\ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Update broker configuration to track current broker Broker configuration has been drifting from this installer, updated configuration and deployment methods a bit to make it work with the new upstream broker. Note: This will not work well when deploying openshift-enterprise, to deploy openshift-enterprise you will need to use an older checkout of openshift-ansible, or specify the upstream broker + catalog and use a registry other than the RHCC. This is because the configuration for the current upstream broker is incompatible with the downstream broker.
| * | | | | | | | | | | | Update ansible-service-broker config to track latest brokerFabian von Feilitzsch2017-10-0218-131/+313
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | bring ansible service broker up to date with bearer token changes etcd -> 0.0.0.0 add auth information to broker resource in catalog add sandbox role to config simplify defaults add labels to oc_route use new oc_route label field Fix parameter ordering add port back Fix secret syntax