summaryrefslogtreecommitdiffstats
path: root/playbooks
Commit message (Collapse)AuthorAgeFilesLines
* BugfixesScott Dodson2015-06-101-1/+1
| | | | | - Don't include ./ in the tarball we transfer to the nodes - Fixup node argument ordering
* Templatize configs and 0.5.2 changesJason DeTiberus2015-06-109-44/+50
| | | | | | | | | | | | | | | | | | | | | | - Templatize node config - Templatize master config - Integrated sdn changes - Updates for openshift_facts - Added support for node, master and sdn related changes - registry_url - added identity provider facts - Removed openshift_sdn_* roles - Install httpd-tools if configuring htpasswd auth - Remove references to external_id - Setting external_id interferes with nodes associating with the generated node object when pre-registering nodes. - osc/oc and osadm/oadm binary detection in openshift_facts Misc Changes: - make non-errata puddle default for byo example - comment out master in list of nodes in inventory/byo/hosts - remove non-error errors from fluentd_* roles - Use admin kubeconfig instead of openshift-client
* Accomodate upstream configuration changeScott Dodson2015-06-101-1/+1
| | | | | | | | | | - Master config and certificates are now in /etc/openshift/master - Node config is now in /etc/openshift/node - Several certificates have been renamed to accomodate a flattening of structure to accomodate secret storage - Add openshift_data_dir to ensure etcd and volumes are stored in /var/lib/openshift - Add openshift_generated_configs_dir
* Merge pull request #270 from lhuard1A/fix_libvirtThomas Wiest2015-06-091-2/+2
|\ | | | | Fix libvirt playbook
| * Fix libvirt playbookLénaïc Huard2015-06-071-2/+2
| | | | | | | | | | | | | | If we don’t explicitly specify the libvirt URI to use for virsh, it will use the LIBVIRT_DEFAULT_URI environment variable. For a consistent behavior, all `virsh` invocation must be done with the `-c <libvirt_uri>` parameter.
* | Merge pull request #271 from lhuard1A/oo_lenThomas Wiest2015-06-094-4/+4
|\ \ | | | | | | Replace the custom oo_len filter by the Jinja2 standard one: length
| * | Replace the custom oo_len filter by the Jinja2 standard one: lengthLénaïc Huard2015-06-084-4/+4
| |/
* | Merge pull request #186 from lhuard1A/osThomas Wiest2015-06-0812-0/+422
|\ \ | | | | | | Implement OpenStack provider for openshift-ansible
| * | Implement OpenStack providerLénaïc Huard2015-06-0812-0/+422
| |/
* / add use_fluentd to openshift_factsJason DeTiberus2015-06-062-4/+8
|/ | | | | - Move use_fluentd into openshift_facts proper - default use_fluentd to False unless deployment_type == origin
* Infrastructure - Add service action to bin/clusterJhon Honce2015-06-036-0/+150
| | | | | * Add necessary playbooks/roles * Cleanup bin/cluster to meet new design guide lines
* * Rename create_services__master to g_svc_masterJhon Honce2015-06-013-9/+3
|
* * Make fluentd deployment optional with openshift_use_fluentdJhon Honce2015-06-012-2/+2
|
* Install fluentd on nodes and masterJhon Honce2015-05-292-0/+2
| | | | * Configure fluentd to aggragate container logs
* * Deploy services from common playbookJhon Honce2015-05-293-7/+30
|
* [WIP] Infrastructure - Deploy services in clusterJhon Honce2015-05-292-1/+16
| | | | | * Create OpenShift Docker Registry * Create OpenShift router
* removed references to atomic proxy.Thomas Wiest2015-05-2611-150/+8
|
* [libvirt cluster] Use net-dhcp-leases to find VMs’ IPsLénaïc Huard2015-05-221-9/+3
| | | | | Query libvirt’s DHCP leases rather than inspecting the host’s ARP cache to find the VMs’ IPs.
* Update online ami imageTroy Dawson2015-05-214-4/+4
|
* BYO playbook fixJason DeTiberus2015-05-201-0/+2
| | | | | - Fix bug where playbooks/byo/config.yml would error if only a master is defined in the inventory.
* openshift_fact and misc fixesJason DeTiberus2015-05-061-3/+2
| | | | | | | | | | | | | | | | - Do not attempt to fetch file to same file location when playbooks are run locally on master - Fix for openshift_facts when run against a host in a VPC that does not assign internal/external hostnames or ips - Fix setting of labels and annotations on node instances and in openshift_facts - converted openshift_facts to use json for local_fact storage instead of an ini file, included code that should migrate existing ini users to json - added region/zone setting to byo inventory - Fix fact related bug where deployment_type was being set on node role instead of common role for node hosts
* Add vagrantfile and minor bugfixesJason DeTiberus2015-04-281-0/+4
| | | | | | | | - Add Vagrantfile for configuring a basic cluster - Add an initial readme for using vagrant - explicitly set connection: local and sudo: false for localhost actions in playbooks/common/openshift-node/config.yml - Fix permissions issue with openshift config file for non-root user
* lvm-direct support for awsJason DeTiberus2015-04-235-3/+54
| | | | | | | | | | | | | | | | | - Create a separate docker volume in aws openshift-cluster playbooks - default to using ephemeral storage, but allow to be overriden - allow root volume settingsto be overriden as well - add user-data cloud-config to bootstrap the installation/configuration of docker-storage-setup - pylint cleanup for oo_filters.py - remove left over traces to the deployment_type tags which were previously removed - oo_get_deployment_type_from_groups filter in oo_filters.py - cluster list playbooks references to oo_get_deployment_type_from_groups filter
* Allow variable overriding for ec2 deployment_varsJason DeTiberus2015-04-228-27/+393
| | | | | | | | | | | | - users can now override the deployment_vars variables with the assocated ec2_* variables - added deployment_type and env specific vars files that load some ec2_* overrides - added the ability to search for amis by ami_name - this allows us to specify a base name with a wildcard to have the playbook choose the latest available image for that image name - added a copy of the ec2_find_ami module that will be in ansible 2.0 until we can make ansible 2.0 a requirement.
* Update openshift-cluster/vars for online defaultsWesley Hearn2015-04-221-5/+5
|
* Merge pull request #166 from detiber/awsTerminateThomas Wiest2015-04-214-121/+69
|\ | | | | aws terminate playbook improvements
| * aws terminate playbook improvementsJason DeTiberus2015-04-204-121/+69
| | | | | | | | | | | | | | | | | | | | | | | | | | - Reduce duplication in terminate playbooks between openshift-master and openshift-node (they both now just include playbooks/aws/terminate.yml - update openshift-cluster terminate playbook to include the new shared terminate playbook, also delete all cluster hosts at once instead of treating masters and nodes differently. - remove env, host-type and env-host-type tags from instance before terminating (since most users can't terminate, we are mostly just renaming instances to -terminate and stopping them, so this prevents "terminated" hosts from being returned by the dynamic inventory, at least after the cache is refreshed)
* | Merge pull request #172 from detiber/aws_vpcThomas Wiest2015-04-212-8/+33
|\ \ | | | | | | add vpc support to ec2 cluster, add more overrides for variables
| * | add vpc support to ec2 cluster, add more overrides for variablesJason DeTiberus2015-04-212-8/+33
| |/
* | Merge pull request #164 from detiber/bugFixRunOnMasterThomas Wiest2015-04-211-7/+10
|\ \ | | | | | | Fix common node config playbook when ansible is run on the first master
| * | Fix common node config playbook when ansible is run on the first masterJason DeTiberus2015-04-201-7/+10
| |/
* | Merge pull request #163 from detiber/todoForSyncThomas Wiest2015-04-211-0/+3
|\ \ | | | | | | Todo for sync
| * | Add TODO for making node certificate sync more efficientJason DeTiberus2015-04-201-0/+3
| |/
* / Remove deployment-type tagsJason DeTiberus2015-04-203-4/+1
|/
* Merge pull request #139 from detiber/configUpdatesMasterThomas Wiest2015-04-2066-819/+880
|\ | | | | Massive refactor, deployment-type support, config updates, reduce duplication
| * Fixup typosJason DeTiberus2015-04-152-2/+2
| |
| * Merge pull request #19 from lhuard1A/move_pool-refreshJason DeTiberus2015-04-152-4/+3
| |\ | | | | | | Move `virsh pool-refresh`
| | * Move `virsh pool-refresh`Lénaïc Huard2015-04-152-4/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | The `pool-refresh` command is used to ask libvirt to rescan the content of a volume pool. This is used to make `libvirt` take into account volumes that were created outside of livirt control i.e.: not with a `virsh` command. `pool-refresh` is useless after a `pool-create` as the content is scanned at creation. `pool-refresh` is mandatory after having created files inside an existing pool.
| * | Merge pull request #20 from lhuard1A/locale_proofJason DeTiberus2015-04-152-2/+2
| |\ \ | | | | | | | | Make the error message checks locale proof
| | * | Make the error message checks locale proofLénaïc Huard2015-04-152-2/+2
| | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On a computer which has a locale set, the error messages look like this: ``` $ virsh net-info foo erreur :impossible de récupérer le réseau « foo » erreur :Réseau non trouvé : no network with matching name 'foo' ``` ``` $ virsh pool-info foo erreur :impossible de récupérer le pool « foo » erreur :Pool de stockage introuvable : no storage pool with matching name 'foo' ``` The classical way to make those tests locale proof is to force a given locale. Like this: ``` $ LANG=POSIX virsh net-info foo error: failed to get network 'foo' error: Réseau non trouvé : no network with matching name 'foo' ``` ``` $ LANG=POSIX virsh pool-info foo error: failed to get pool 'foo' error: Pool de stockage introuvable : no storage pool with matching name 'foo' ``` It looks like the "Network not found" or "Storage pool not found" parts of the message are generated by the `libvirtd` daemon and are not subject to the locale of the `virsh` client. The clean fix consists in patching `libvirt` so that `virsh` sends its locale to the `libvirtd` daemon. But in the mean time, it is safer to have our playbook match the part of the message which is not subject to the daemon locale.
| * / Fix libvirt metadata used to store ansible tagsLénaïc Huard2015-04-161-4/+6
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | According to https://libvirt.org/formatdomain.html#elementsMetadata , the `metadata` tag can contain only one top-level element per namespace. Because of that, libvirt stored only the `deployment-type-{{ deployment_type }}` tag. As a consequence, the dynamic inventory reported no `env-{{ cluster }}` group. This is problematic for the `terminate.yml` playbook which iterates over `groups['tag-env-{{ cluster-id }}]` The symptom is that `oo_hosts_to_terminate` was not defined. In the end, as Ansible couldn’t iterate on the value of `groups['oo_hosts_to_terminate']`, it iterated on its letters: ``` TASK: [Destroy VMs] *********************************************************** failed: [localhost] => (item=['g', 'destroy']) => {"failed": true, "item": ["g", "destroy"]} msg: virtual machine g not found failed: [localhost] => (item=['g', 'undefine']) => {"failed": true, "item": ["g", "undefine"]} msg: virtual machine g not found failed: [localhost] => (item=['r', 'destroy']) => {"failed": true, "item": ["r", "destroy"]} msg: virtual machine r not found failed: [localhost] => (item=['r', 'undefine']) => {"failed": true, "item": ["r", "undefine"]} msg: virtual machine r not found failed: [localhost] => (item=['o', 'destroy']) => {"failed": true, "item": ["o", "destroy"]} msg: virtual machine o not found failed: [localhost] => (item=['o', 'undefine']) => {"failed": true, "item": ["o", "undefine"]} msg: virtual machine o not found failed: [localhost] => (item=['u', 'destroy']) => {"failed": true, "item": ["u", "destroy"]} msg: virtual machine u not found failed: [localhost] => (item=['u', 'undefine']) => {"failed": true, "item": ["u", "undefine"]} msg: virtual machine u not found failed: [localhost] => (item=['p', 'destroy']) => {"failed": true, "item": ["p", "destroy"]} msg: virtual machine p not found failed: [localhost] => (item=['p', 'undefine']) => {"failed": true, "item": ["p", "undefine"]} msg: virtual machine p not found failed: [localhost] => (item=['s', 'destroy']) => {"failed": true, "item": ["s", "destroy"]} msg: virtual machine s not found failed: [localhost] => (item=['s', 'undefine']) => {"failed": true, "item": ["s", "undefine"]} msg: virtual machine s not found failed: [localhost] => (item=['[', 'destroy']) => {"failed": true, "item": ["[", "destroy"]} msg: virtual machine [ not found failed: [localhost] => (item=['[', 'undefine']) => {"failed": true, "item": ["[", "undefine"]} msg: virtual machine [ not found failed: [localhost] => (item=["'", 'destroy']) => {"failed": true, "item": ["'", "destroy"]} msg: virtual machine ' not found failed: [localhost] => (item=["'", 'undefine']) => {"failed": true, "item": ["'", "undefine"]} msg: virtual machine ' not found failed: [localhost] => (item=['o', 'destroy']) => {"failed": true, "item": ["o", "destroy"]} msg: virtual machine o not found failed: [localhost] => (item=['o', 'undefine']) => {"failed": true, "item": ["o", "undefine"]} msg: virtual machine o not found etc… ```
| * fix missed absolute path reference to mktempJason DeTiberus2015-04-151-1/+1
| |
| * Configuration updates for latest builds and major refactorJason DeTiberus2015-04-1467-892/+952
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Configuration updates for latest builds - Switch to using create-node-config - Switch sdn services to use etcd over SSL - This re-uses the client certificate deployed on each node - Additional node registration changes - Do not assume that metadata service is available in openshift_facts module - Call systemctl daemon-reload after installing openshift-master, openshift-sdn-master, openshift-node, openshift-sdn-node - Fix bug overriding openshift_hostname and openshift_public_hostname in byo playbooks - Start moving generated configs to /etc/openshift - Some custom module cleanup - Add known issue with ansible-1.9 to README_OSE.md - Update to genericize the kubernetes_register_node module - Default to use kubectl for commands - Allow for overriding kubectl_cmd - In openshift_register_node role, override kubectl_cmd to openshift_kube - Set default openshift_registry_url for enterprise when deployment_type is enterprise - Fix openshift_register_node for client config change - Ensure that master certs directory is created - Add roles and filter_plugin symlinks to playbooks/common/openshift-master and node - Allow non-root user with sudo nopasswd access - Updates for README_OSE.md - Update byo inventory for adding additional comments - Updates for node cert/config sync to work with non-root user using sudo - Move node config/certs to /etc/openshift/node - Don't use path for mktemp. addresses: https://github.com/openshift/openshift-ansible/issues/154 Create common playbooks - create common/openshift-master/config.yml - create common/openshift-node/config.yml - update playbooks to use new common playbooks - update launch playbooks to call update playbooks - fix openshift_registry and openshift_node_ip usage Set default deployment type to origin - openshift_repo updates for enabling origin deployments - also separate repo and gpgkey file structure - remove kubernetes repo since it isn't currently needed - full deployment type support for bin/cluster - honor OS_DEPLOYMENT_TYPE env variable - add --deployment-type option, which will override OS_DEPLOYMENT_TYPE if set - if neither OS_DEPLOYMENT_TYPE or --deployment-type is set, defaults to origin installs Additional changes: - Add separate config action to bin/cluster that runs ansible config but does not update packages - Some more duplication reduction in cluster playbooks. - Rename task files in playbooks dirs to have tasks in their name for clarity. - update aws/gce scripts to use a directory for inventory (otherwise when there are no hosts returned from dynamic inventory there is an error) libvirt refactor and update - add libvirt dynamic inventory - updates to use dynamic inventory for libvirt
* | update tower ami image to latest libra-ops-rhel7Troy Dawson2015-04-161-1/+1
|/
* Merge pull request #152 from net-engine/aws_readmeThomas Wiest2015-04-141-1/+2
|\ | | | | Launch openshift on AWS issues
| * Add extra information for AWS READMERicardo Bernardeli2015-04-131-1/+2
| | | | | | Make security group an environment variable with default to ‘public’
* | Add libvirt as a providerLénaïc Huard2015-04-1018-0/+463
|/
* move zbxapi module to a new os_zabbix roleJason DeTiberus2015-04-083-2/+4
| | | | - cleans up repo root a bit
* Add byo playbooks and enterprise docsJason DeTiberus2015-04-039-0/+100
| | | | | | | | - added byo playbooks - added byo (example) inventory - added a README_OSE.md for getting started with Enterprise deployments - Added an ansible.cfg as an example for configuration helpful for playbooks/roles
* openshift_facts role/module refactor default settingsJason DeTiberus2015-04-0328-171/+502
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Add openshift_facts role and module - Created new role openshift_facts that contains an openshift_facts module - Refactor openshift_* roles to use openshift_facts instead of relying on defaults - Refactor playbooks to use openshift_facts - Cleanup inventory group_vars - Update defaults - update openshift_master role firewall defaults - remove etcd peer port, since we will not be supporting clustered embedded etcd - remove 8444 since console now runs on the api port by default - add 8444 and 7001 to disabled services to ensure removal if updating - Add new role os_env_extras_node that is a subset of the docker role - previously, we were starting/enabling docker which was causing issues with some installations - Does not install or start docker, since the openshift-node role will handle that for us - Only adds root to the dockerroot group - Update playbooks to use ops_env_extras_node role instead of docker role - os_firewall bug fixes - ignore ip6tables for now, since we are not configuring any ipv6 rules - if installing package do a daemon-reload before starting/enabling service - Add aws support to bin/cluster - Add list action to bin/cluster - Add update action to bin/cluster - cleanup some stray debug statements - some variable renaming for clarity