| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| | |
Include Deprecation - Init Playbook Paths
|
| | | |
|
| |\ \
| | |
| | | |
Playbook Consolidation - openshift-node
|
| | | | |
|
| | | | |
|
| |\ \ \
| |/ /
|/| | |
Fix logic for any sys containers
|
| | | |
| | |
| | |
| | | |
Remove set_fact in favor of the variables directly.
|
| |\ \ \
| | | |
| | | | |
Playbook Consolidation - openshift-etcd
|
| | | |/
| |/| |
|
| |\ \ \
| |_|/
|/| | |
Playbook Consolidation - openshift-nfs
|
| | |/ |
|
| | | |
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Automatic merge from submit-queue.
Playbook Consolidation - openshift-checks
- Create playbooks/openshift-checks directory
- Move everything from playbooks/byo/openshift-checks to playbooks/openshift-checks
- Move everything from playbooks/common/openshift-checks to playbooks/openshift-checks/private
- Fix all include path references throughout playbooks/
Trello: https://trello.com/c/2Rx1uvjz/547-2-playbook-consolidation-openshift-checks
|
| | |/ |
|
| |\ \
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Automatic merge from submit-queue.
Combine openshift_node and openshift_node_upgrade
Currently, having openshift_node and openshift_node_upgrade
as two distinct roles has created a duplication across
handlers, templates, and some tasks.
This commit combines the roles to reduce duplication
and bugs encountered by not putting code in both places.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently, having openshift_node and openshift_node_upgrade
as two distinct roles has created a duplication across
handlers, templates, and some tasks.
This commit combines the roles to reduce duplication
and bugs encountered by not putting code in both places.
|
| |/ |
|
| |\
| |
| | |
Add the OpenStack provider
|
| | | |
|
| | |
| |
| |
| |
| | |
This makes sure that all the variables used in the `openshift_openstack`
role are prefixed with `openshift_openstack_` as is the convention.
|
| | |
| |
| |
| |
| | |
Most of the vars in `roles/openshift_openstack/defaults/main.yml` are
now prefixed with `openstack_`.
|
| | |
| |
| |
| |
| | |
These options will have no effect until we add static inventory and
bastion support back in.
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| | |
They're not necessary for the initial PR so let's add them properly
later.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
They're duplicating a lot of functionality that's already in
openshift-ansible and they're not actually used from the provisioning
playbooks.
We'll revisit them later.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
All the tasks that were previously in playbooks are now under
`roles/openshift_openstack`.
The `openshift-cluster` directory now only contains playbooks that
include tasks from that role. This makes the structure much closer to
that of the AWS provider.
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| | |
We move them from `playbooks/provisioning/openstack` to
`playbooks/openstack` to mirror `playbooks/aws`.
|
| | |\
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This moves all the OpenStack-related code from the -contrib[1] repo
including its git history to openshift-ansible. It will then be moved
around and updated to fit the rest of the project's structure.
[1]: https://github.com/openshift/openshift-ansible-contrib
|
| | | | |
|
| | | |
| | |
| | |
| | | |
We'll do it in a separate pull request.
|
| | | |\ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* add cas: playbook adding new CAs created
* add CAs: README updated, bug fixes
* README: improvements
* README: minor fixes
* README: removed code snippet
* README: fix
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Add flannel support
* Document Flannel SDN use case for a separate data network.
* Add post install step for flannel SDN
* Configure iptables rules as described for OCP 3.4 refarch
https://access.redhat.com/documentation/en-us/reference_architectures/2017/html/deploying_red_hat_openshift_container_platform_3.4_on_red_hat_openstack_platform_10/emphasis_manual_deployment_emphasis#run_ansible_installer
* Configure flannel interface options
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* Use os_firewall from galaxy for required flannel rules
For flannel SDN:
* Add openshift-ansible as a galaxy dependency module.
* Use openshift-ansible/roles/os_firewall to apply DNS rules
for flanel SDN.
* Apply the remaining advanced rules with direct
iptables commands as os_firewall do not support advanced rules.
* Persist only iptables rules w/o dynamic KUBe rules. Those are
added runtime and need restoration after reboot or iptables restart.
* Configure and enable the masked iptables service on the app nodes.
Enable it to allow the in-memory rules to be persisted.
Disable firewalld, which is the expected default behavior of the
os_firewall module.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* Allow access from nodes to masters' port 2379 when using flannel
Flannel requires to gather information from etcd to configure and
assign the subnets in the nodes, therefore, allow access from nodes to port 2379/tcp to the master security group.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Support separate data network for Flannel SDN
Document the use case for a separate flannel data network.
Allow Nova servers for openshift cluster to be provisioned
with that isolated data network created and connected to
masters, computes and infra nodes. Do not configure dns
nameservers and router for that network.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* Fix flannel use cases with provider network
Provider network cannot be used with flannel SDN
as the latter requires a separate isolated network,
while the provider network is an externally managed
single network.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* Drop unused data_net_name
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* add-docker-registry: playbook that adds docker registries to docker config file (in progress)
* indentation fix
* docker registries: add check for variable type
* another type conversion
* docker registry: try another unified formatting
* another attempt
* type error fix
* quotation attempt
* docker registry: bug fixes
* docker registry: fixed formatting
* docker registry: if docker is not available, skip the whole playbook
* README updated
* README: typo
* docker registries: suggested changes applied (in progress)
* docker registries: README updated, redundant check removed
* removed redundant become:true
|
| | | |\| |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
(#747)
* Allow for the specifying of server policies during OpenStack provisioning
* documentation for openstack server group policies
* add doc link detailing allowed policies
* changed default to anti-affinity
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* README, add-rhn-pools.yml: Add new custom post-provision playbook that attaches additional RHN pools
- also mention this example in the contrib README
* added become true
* README update
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Just like in the README, the Advanced Configuration will now rely on
the default `~/.ssh/id_rsa` key and mention Ansible's `--private-key`
option when using a different file.
|
| | | |/
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This moves all the extra configuration options and deployment notes to a
new `advanced-configuration.md` file and keeps the README much shorter.
The README now presents the simplest workflow with minimal configuration
and manual steps on part of the deployer.
The advanced configuration is in need of a little more cleanup, but we
can do that in another pull request.
|
| | | |\
| | | |
| | | | |
Add dynamic inventory
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
The DNS code expects a `public_v4` even when we use the provider
networks. Let's just always export it.
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This adds an `inventory.py` script to the `sample-inventory` that lists
all the necessary servers and groups dynamically, skipping the
`static_inventory` role as well as the `hosts` creation.
It also adds an `os_cinder` lookup function which is necessary for a
seamless Cinder OpenShift registry integration without a static
inventory.
|
| | | |/
| | |
| | |
| | |
| | |
| | | |
Following up on the initial port of the OpenStack roles from
casl-ansible to openshift-ansible-contrib. One of the points that was
brought up in the review was to drop the references to CASL in the
code since the code has now wider reach.
|
| | | |
| | |
| | |
| | |
| | | |
When using a bastion and a single master, add the bastion node's public IP the public master's IP for the DNS record.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
