summaryrefslogtreecommitdiffstats
path: root/playbooks/common
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #5495 from abutcher/ca-redeploy-expired-etcdOpenShift Merge Robot2017-09-244-31/+88
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Improve CA redeploy restart logic Expired etcd certificates require special casing around restarts in the certificate redeploy playbooks. When etcd certificates are expired we can't restart masters or nodes. We also can't simply restart etcd because peers also had expired certificates so we must start/stop etcd when we detect expired etcd certificates. `openshift-ca.yml`: * No longer restart master services when etcd certificates were previously expired. * No longer restart node services when master or etcd certificates were previously expired. `etcd-ca.yml`: * No longer restart master services when etcd certificates were previously expired. Tested using [gen_expired_tls.sh](https://gist.github.com/abutcher/bdd20b9d582675d89fb22658689c49e4) on one of my master/etcd hosts to ensure that restart logic changes caused us to skip the right restarts and do a full start/stop of etcd in the `redeploy-certificates.yml` and `redeploy-etcd-certificates.yml` playbooks. Note: When this happens with a cluster and you want to replace all certificates, you can run: `redeploy-etcd-ca.yml`, `redeploy-openshift-ca.yml` (which will both skip restarts) and then run `redeploy-certificates.yml` which will now be able to full/stop start etcd.
| * Do a full stop/start when etcd certificates had expired.Andrew Butcher2017-09-212-0/+30
| |
| * Improve CA playbook restart logic and skip restarts when related services ↵Andrew Butcher2017-09-212-31/+58
| | | | | | | | had previously expired certificates.
* | Merge pull request #5507 from abutcher/etcd-scaleup-urlsOpenShift Merge Robot2017-09-231-9/+11
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Set master facts prior to adding new etcd client urls to master config. `openshift_master` role dependencies were moved out of the role in https://github.com/openshift/openshift-ansible/pull/5392 so we need to call `openshift_master_facts` prior to patching the master config in etcd scaleup. https://bugzilla.redhat.com/show_bug.cgi?id=1490304
| * | Set master facts prior to adding new etcd client urls to master config.Andrew Butcher2017-09-221-9/+11
| | |
* | | Merge pull request #5460 from ingvagabund/consolidate-etcd-migrate-roleOpenShift Merge Robot2017-09-231-30/+37
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Consolidate etcd migrate role The PR is based on top of https://github.com/openshift/openshift-ansible/pull/5371 and https://github.com/openshift/openshift-ansible/pull/5451. Once both PRs are merged, I will rebase.
| * | | consolidate etcd_migrate roleJan Chaloupka2017-09-221-30/+37
| | | |
* | | | Merge pull request #5413 from ingvagabund/disable-excluders-after-pre-checksOpenShift Merge Robot2017-09-233-20/+20
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Move some pre-checks before excluders are disabled Some pre-checks needs an OCP version which is detected by a set of tasks that need the excluders to be disabled. So at the best I can move some pre-checks before the excluders are disabled. However, there will be still some checks that can fail with excluders updated to the newer version. Bug: 1484304
| * | | | disable excluders after all pre-checksJan Chaloupka2017-09-213-20/+20
| | | | |
* | | | | Merge pull request #5498 from mgugino-upstream-stage/fedora-pyyamlScott Dodson2017-09-221-1/+1
|\ \ \ \ \ | | | | | | | | | | | | Add python3-PyYAML for Fedora installs
| * | | | | Add python3-PyYAML for Fedora installsMichael Gugino2017-09-211-1/+1
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fedora installs currently fail because nodes require the usage of python3. python3-PyYAML must be installed in order to support usage of python3. This commit adds the rpm python3-PyYAML to fedora nodes. Fixes: https://github.com/openshift/openshift-ansible/issues/5469
* | | | | Add booleans to prevent unwanted install of nuage roles.Michael Gugino2017-09-221-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Recently, some role dependencies were removed from meta depends into playbooks. Particularly, the nuage role requires several roles. Currently, only the nuage_master role requires openshift_use_nuage to be true. This commit requires the other nuage roles to reference the variable openshift_use_nuage before install.
* | | | | Merge pull request #5176 from ewolinetz/deprecate_log_met_varsOpenShift Merge Robot2017-09-222-23/+13
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Creating structure to warn for use of deprecated variables and set th… …em in a single location before they are no longer honored Implementation of https://trello.com/c/XKOGHSkP/460-3-deprecate-openshifthostedloggingmetrics-installer-variables Tried to implement this in a way such that we can easily and cleanly add/remove variables in the future for any role we choose. Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1449812 https://bugzilla.redhat.com/show_bug.cgi?id=1464349
| * | | | | Creating structure to warn for use of deprecated variables and set them in a ↵Eric Wolinetz2017-09-202-23/+13
| | | | | | | | | | | | | | | | | | | | | | | | single location before they are no longer honored
* | | | | | Remove debugging statements and pause moduleScott Dodson2017-09-221-3/+0
| |_|_|_|/ |/| | | | | | | | | | | | | | | | | | | How on earth did the bot merge this? The upgrade test should've stalled indefinitely.
* | | | | Merge pull request #5478 from sdodson/bz1490677OpenShift Merge Robot2017-09-222-4/+10
|\ \ \ \ \ | |_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Default openshift_pkg_version to full version-release during upgrades Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1490677 The versioning scheme for 3.7 pre-releases has changed and now all versions are 3.7.0 and the release is incremented on builds, ie: 3.7.0-0.124.0 upgraded to 3.7.0-0.125.0. If we know we're an upgrade and they haven't requested a specific package version defer the defaulting of openshift_pkg_version until the upgrade playbooks and there set it to the available version including the release.
| * | | | Default openshift_pkg_version to full version-release during upgradesScott Dodson2017-09-202-4/+10
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1490677 The versioning scheme for 3.7 pre-releases has changed and now all versions are 3.7.0 and the release is incremented on builds, ie: 3.7.0-0.124.0 upgraded to 3.7.0-0.125.0. If we know we're an upgrade and they haven't requested a specific package version defer the defaulting of openshift_pkg_version until the upgrade playbooks and there set it to the available version including the release.
* | | | Merge pull request #5226 from ewolinetz/template_service_brokerOpenShift Merge Robot2017-09-211-0/+1
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Creating initial tsb role to consume and apply templates provided for… … tsb cc: @deads2k @sdodson Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1486623 https://bugzilla.redhat.com/show_bug.cgi?id=1470623 https://bugzilla.redhat.com/show_bug.cgi?id=1491626
| * | | | Creating initial tsb role to consume and apply templates provided for tsbEric Wolinetz2017-09-201-0/+1
| | | | |
* | | | | Merge pull request #5371 from ingvagabund/consolidate-etcd-certs-rolesOpenShift Merge Robot2017-09-214-15/+33
|\ \ \ \ \ | |_|_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue consolidate etcd certs roles This is a starter for consolidation of all etcd like roles into a single `etcd` action-based role. I have intentionally started with the simplest one to demonstrate the steps needed to make it so and to make the review easy enough for everyone.
| * | | | Consolidate etcd certs rolesJan Chaloupka2017-09-184-15/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a part of the etcd_ like role consolidationi into an action-based role. As part of the consilidation some roles have been removed and some replaced by include_role module. Resulting in reorder and shift of role dependencies from a role into a play.
* | | | | Merge pull request #5473 from abutcher/scaleup-network-valuesScott Dodson2017-09-212-0/+30
|\ \ \ \ \ | |_|_|_|/ |/| | | | Set network facts using first master's config during scaleup.
| * | | | Set network facts using first master's config during scaleup.Andrew Butcher2017-09-202-0/+30
| | |/ / | |/| |
* | | | Merge pull request #5363 from ewolinetz/default_aggregationOpenShift Merge Robot2017-09-202-12/+11
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Updating to always configure api aggregation with installation This moves the wiring of the aggregator up into the config playbook as we want to enable this by default with an installation. Resolves https://github.com/openshift/openshift-ansible/issues/5056
| * | | | Updating to always configure api aggregation with installationEric Wolinetz2017-09-202-12/+11
| |/ / /
* | | | Merge pull request #5474 from simo5/noreconcileOpenShift Merge Robot2017-09-201-4/+3
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Do not reconcile in >= 3.7 Starting with 3.7 we use kube's RBAC which happens to do a forceful reconcile at server startup. Explicit reconciles are not needed anymore.
| * | | | Do not reconcile in >= 3.7Simo Sorce2017-09-201-4/+3
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | Starting with 3.7 we use kube's RBAC which happens to do a forceful reconcile at server startup. Explicit reconciles are not needed anymore. Also drop obsolete version checks and simplify 'when' conditional Signed-off-by: Simo Sorce <simo@redhat.com>
* | | | Merge pull request #5357 from ↵OpenShift Merge Robot2017-09-204-0/+16
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | juanvallejo/jvallejo/add-health-checks-upgrade-path Automatic merge from submit-queue add health checks 3_6,3_7 upgrade path Related BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1483931 Adds health checks to `upgrade_control_plane` and `upgrade_nodes` in 3_6 and 3_7. cc @sosiouxme @rhcarvalho @brenton
| * | | | add health checks 3_6,3_7 upgrade pathjuanvallejo2017-09-114-0/+16
| | | | |
* | | | | Merge pull request #5014 from ↵OpenShift Merge Robot2017-09-201-0/+1
|\ \ \ \ \ | |_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | juanvallejo/jvallejo/add-additonal-checks-upgrade-path Automatic merge from submit-queue Adding additonal checks upgrade path Depends on https://github.com/openshift/openshift-ansible/pull/4960 TODO - Possibly handle `upgrade` playbook context on `etcd_volume` check cc @sosiouxme @rhcarvalho
| * | | | add additional preflight checks to upgrade pathjuanvallejo2017-08-281-0/+1
| | | | |
* | | | | Cleanup old deployment typesMichael Gugino2017-09-203-5/+10
| |_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, openshift-ansible supported various types of deployments using the variable "openshift_deployment_type" Currently, openshift-ansible only supports two deployment types, "origin" and "openshift-enterprise". This commit removes all logic and references to deprecated deployment types.
* | | | Merge pull request #5380 from ↵OpenShift Merge Robot2017-09-191-0/+8
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | mgugino-upstream-stage/fix-openshift-version-pkg-install Automatic merge from submit-queue Only install base openshift package on masters and nodes Recent refactoring to remove openshift_common resulted in base openshift rpm's being installed on more hosts than previous. This situation results in hosts that would otherwise not need access to openshift repositories to require them. This patch set results in only openshift_masters and openshift_nodes to have the openshift base package installed.
| * | | | Only install base openshift package on masters and nodesMichael Gugino2017-09-121-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Recent refactoring to remove openshift_common resulted in base openshift rpm's being installed on more hosts than previous. This situation results in hosts that would otherwise not need access to openshift repositories to require them. This patch set results in only openshift_masters and openshift_nodes to have the openshift base package installed.
* | | | | more retries on repoquery_cmdLuke Meyer2017-09-191-0/+4
| | | | |
* | | | | Merge pull request #5430 from ashcrow/always-required-new-variablesOpenShift Merge Robot2017-09-181-15/+0
|\ \ \ \ \ | |_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue Always required new variables Related to https://bugzilla.redhat.com/show_bug.cgi?id=1451023
| * | | | openshift_sanitize_inventory: Check for required varsSteve Milner2017-09-151-15/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Moved the checks for osm_cluster_network_cidr, osm_host_subnet_length, openshift_portal_net from upgrade to openshift_sanitize_inventory as we now consider it a required variable for install, updrade, or scale up. Signed-off-by: Steve Milner <smilner@redhat.com>
* | | | | Merge pull request #5392 from ↵OpenShift Merge Robot2017-09-181-15/+22
|\ \ \ \ \ | |/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ingvagabund/pull-openshift_master-deps-out-into-a-play Automatic merge from submit-queue Pull openshift_master deps out into a play The `openshift_master` role is called only in a single play. Thus, we can pull out all its dependencies without duplicating all dependency role invocations. Both `lib_openshift` and `lib_os_firewall` are required deps as they defined ansible modules used inside the `openshift_master` role. I have also rearranged definition of variables so variable used only inside a single role are part of the `include_role` statement. Atm, we can't use `include_role` due to https://github.com/ansible/ansible/issues/21890
| * | | | pull openshift_master deps out into a playJan Chaloupka2017-09-131-15/+22
| | | | |
* | | | | Correct firewall install for openshift-nfsRussell Teague2017-09-151-1/+1
| | | | |
* | | | | Merge pull request #5360 from sdodson/embedded-etcdScott Dodson2017-09-141-4/+7
|\ \ \ \ \ | | | | | | | | | | | | Clarify requirement of having etcd group
| * | | | | Clarify requirement of having etcd groupScott Dodson2017-09-111-4/+7
| | | | | |
* | | | | | Merge pull request #5396 from abutcher/etcd-migrate-openshift-ipScott Dodson2017-09-141-3/+3
|\ \ \ \ \ \ | | | | | | | | | | | | | | Use openshift.common.ip rather than ansible_default_ipv4 in etcd migration playbook.
| * | | | | | Use openshift.common.ip rather than ansible_default_ipv4 in etcd migration ↵Andrew Butcher2017-09-131-3/+3
| | |/ / / / | |/| | | | | | | | | | | | | | | | playbook.
* | | | | | Merge pull request #5367 from abutcher/etcd-scaleup-master-client-urlsScott Dodson2017-09-141-0/+19
|\ \ \ \ \ \ | | | | | | | | | | | | | | Bug 1490304: Etcd scale-up playbook should add new member to etcdClientInfo of master-config.yaml
| * | | | | | Update master config with new client urls during etcd scaleup.Andrew Butcher2017-09-121-0/+19
| | | | | | |
* | | | | | | Merge pull request #5389 from tremble/storage_migrationScott Dodson2017-09-141-9/+9
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Don't assume storage_migration control variables are already boolean
| * | | | | | | Don't assume storage_migration control variables are already booleanMark Chappell2017-09-131-9/+9
| | |_|_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | openshift_upgrade_pre_storage_migration_enabled openshift_upgrade_pre_storage_migration_fatal openshift_upgrade_post_storage_migration_enabled openshift_upgrade_post_storage_migration_enabled because the 4 variables are not already defaulted/evaluated there's no guarantee that they're actually the boolean type at this point. Example: if they're passed in on the command line
* | | | | | | Merge pull request #5386 from ashcrow/fix-wording-in-upgrade-noticeOpenShift Bot2017-09-131-1/+1
|\ \ \ \ \ \ \ | |_|_|/ / / / |/| | | | | | Merged by openshift-bot
| * | | | | | upgrade: Updates warning on missing required variablesSteve Milner2017-09-121-1/+1
| |/ / / / / | | | | | | | | | | | | | | | | | | Signed-off-by: Steve Milner <smilner@redhat.com>