summaryrefslogtreecommitdiffstats
path: root/playbooks
Commit message (Collapse)AuthorAgeFilesLines
* The manage_node commands should only run on the first masterBrenton Leanhardt2015-06-291-23/+13
|
* delegate_to doesn't appear to be thread safeBrenton Leanhardt2015-06-291-0/+25
|
* Add openshift_examples roleScott Dodson2015-06-221-0/+1
| | | | | | This role installs db-templates, image-streams, and quickstart-templates into /usr/share/openshift/examples on the master and then uses `oc create` to import them.
* Update for RC2 changesScott Dodson2015-06-161-4/+6
| | | | | | | | | | | | | Remove openshift-deployer.kubeconfig from master template Sync config template Update enterprise image names Switch to node auto registration Add deployer to list of serviceAccountConfig.managedNames Move package installation before registering facts change default kubeconfig location Change system:openshift-client to system:openshift-master Rename node cert/key/kubeconfig per openshift/origin#3160 Update references to /var/lib/openshift/openshift.local.certificates
* Merge pull request #248 from detiber/configTemplatesWesley Hearn2015-06-119-44/+50
|\ | | | | Config templates
| * BugfixesScott Dodson2015-06-101-1/+1
| | | | | | | | | | - Don't include ./ in the tarball we transfer to the nodes - Fixup node argument ordering
| * Templatize configs and 0.5.2 changesJason DeTiberus2015-06-109-44/+50
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Templatize node config - Templatize master config - Integrated sdn changes - Updates for openshift_facts - Added support for node, master and sdn related changes - registry_url - added identity provider facts - Removed openshift_sdn_* roles - Install httpd-tools if configuring htpasswd auth - Remove references to external_id - Setting external_id interferes with nodes associating with the generated node object when pre-registering nodes. - osc/oc and osadm/oadm binary detection in openshift_facts Misc Changes: - make non-errata puddle default for byo example - comment out master in list of nodes in inventory/byo/hosts - remove non-error errors from fluentd_* roles - Use admin kubeconfig instead of openshift-client
| * Accomodate upstream configuration changeScott Dodson2015-06-101-1/+1
| | | | | | | | | | | | | | | | | | | | - Master config and certificates are now in /etc/openshift/master - Node config is now in /etc/openshift/node - Several certificates have been renamed to accomodate a flattening of structure to accomodate secret storage - Add openshift_data_dir to ensure etcd and volumes are stored in /var/lib/openshift - Add openshift_generated_configs_dir
* | added environment tag (will eventually replace env tag).Thomas Wiest2015-06-091-0/+1
|/
* Merge pull request #270 from lhuard1A/fix_libvirtThomas Wiest2015-06-091-2/+2
|\ | | | | Fix libvirt playbook
| * Fix libvirt playbookLénaïc Huard2015-06-071-2/+2
| | | | | | | | | | | | | | If we don’t explicitly specify the libvirt URI to use for virsh, it will use the LIBVIRT_DEFAULT_URI environment variable. For a consistent behavior, all `virsh` invocation must be done with the `-c <libvirt_uri>` parameter.
* | Merge pull request #271 from lhuard1A/oo_lenThomas Wiest2015-06-094-4/+4
|\ \ | | | | | | Replace the custom oo_len filter by the Jinja2 standard one: length
| * | Replace the custom oo_len filter by the Jinja2 standard one: lengthLénaïc Huard2015-06-084-4/+4
| |/
* | Merge pull request #186 from lhuard1A/osThomas Wiest2015-06-0812-0/+422
|\ \ | | | | | | Implement OpenStack provider for openshift-ansible
| * | Implement OpenStack providerLénaïc Huard2015-06-0812-0/+422
| |/
* / add use_fluentd to openshift_factsJason DeTiberus2015-06-062-4/+8
|/ | | | | - Move use_fluentd into openshift_facts proper - default use_fluentd to False unless deployment_type == origin
* Infrastructure - Add service action to bin/clusterJhon Honce2015-06-036-0/+150
| | | | | * Add necessary playbooks/roles * Cleanup bin/cluster to meet new design guide lines
* * Rename create_services__master to g_svc_masterJhon Honce2015-06-013-9/+3
|
* * Make fluentd deployment optional with openshift_use_fluentdJhon Honce2015-06-012-2/+2
|
* Install fluentd on nodes and masterJhon Honce2015-05-292-0/+2
| | | | * Configure fluentd to aggragate container logs
* * Deploy services from common playbookJhon Honce2015-05-293-7/+30
|
* [WIP] Infrastructure - Deploy services in clusterJhon Honce2015-05-292-1/+16
| | | | | * Create OpenShift Docker Registry * Create OpenShift router
* removed references to atomic proxy.Thomas Wiest2015-05-2611-150/+8
|
* [libvirt cluster] Use net-dhcp-leases to find VMs’ IPsLénaïc Huard2015-05-221-9/+3
| | | | | Query libvirt’s DHCP leases rather than inspecting the host’s ARP cache to find the VMs’ IPs.
* Update online ami imageTroy Dawson2015-05-214-4/+4
|
* BYO playbook fixJason DeTiberus2015-05-201-0/+2
| | | | | - Fix bug where playbooks/byo/config.yml would error if only a master is defined in the inventory.
* openshift_fact and misc fixesJason DeTiberus2015-05-061-3/+2
| | | | | | | | | | | | | | | | - Do not attempt to fetch file to same file location when playbooks are run locally on master - Fix for openshift_facts when run against a host in a VPC that does not assign internal/external hostnames or ips - Fix setting of labels and annotations on node instances and in openshift_facts - converted openshift_facts to use json for local_fact storage instead of an ini file, included code that should migrate existing ini users to json - added region/zone setting to byo inventory - Fix fact related bug where deployment_type was being set on node role instead of common role for node hosts
* Add vagrantfile and minor bugfixesJason DeTiberus2015-04-281-0/+4
| | | | | | | | - Add Vagrantfile for configuring a basic cluster - Add an initial readme for using vagrant - explicitly set connection: local and sudo: false for localhost actions in playbooks/common/openshift-node/config.yml - Fix permissions issue with openshift config file for non-root user
* lvm-direct support for awsJason DeTiberus2015-04-235-3/+54
| | | | | | | | | | | | | | | | | - Create a separate docker volume in aws openshift-cluster playbooks - default to using ephemeral storage, but allow to be overriden - allow root volume settingsto be overriden as well - add user-data cloud-config to bootstrap the installation/configuration of docker-storage-setup - pylint cleanup for oo_filters.py - remove left over traces to the deployment_type tags which were previously removed - oo_get_deployment_type_from_groups filter in oo_filters.py - cluster list playbooks references to oo_get_deployment_type_from_groups filter
* Allow variable overriding for ec2 deployment_varsJason DeTiberus2015-04-228-27/+393
| | | | | | | | | | | | - users can now override the deployment_vars variables with the assocated ec2_* variables - added deployment_type and env specific vars files that load some ec2_* overrides - added the ability to search for amis by ami_name - this allows us to specify a base name with a wildcard to have the playbook choose the latest available image for that image name - added a copy of the ec2_find_ami module that will be in ansible 2.0 until we can make ansible 2.0 a requirement.
* Update openshift-cluster/vars for online defaultsWesley Hearn2015-04-221-5/+5
|
* Merge pull request #166 from detiber/awsTerminateThomas Wiest2015-04-214-121/+69
|\ | | | | aws terminate playbook improvements
| * aws terminate playbook improvementsJason DeTiberus2015-04-204-121/+69
| | | | | | | | | | | | | | | | | | | | | | | | | | - Reduce duplication in terminate playbooks between openshift-master and openshift-node (they both now just include playbooks/aws/terminate.yml - update openshift-cluster terminate playbook to include the new shared terminate playbook, also delete all cluster hosts at once instead of treating masters and nodes differently. - remove env, host-type and env-host-type tags from instance before terminating (since most users can't terminate, we are mostly just renaming instances to -terminate and stopping them, so this prevents "terminated" hosts from being returned by the dynamic inventory, at least after the cache is refreshed)
* | Merge pull request #172 from detiber/aws_vpcThomas Wiest2015-04-212-8/+33
|\ \ | | | | | | add vpc support to ec2 cluster, add more overrides for variables
| * | add vpc support to ec2 cluster, add more overrides for variablesJason DeTiberus2015-04-212-8/+33
| |/
* | Merge pull request #164 from detiber/bugFixRunOnMasterThomas Wiest2015-04-211-7/+10
|\ \ | | | | | | Fix common node config playbook when ansible is run on the first master
| * | Fix common node config playbook when ansible is run on the first masterJason DeTiberus2015-04-201-7/+10
| |/
* | Merge pull request #163 from detiber/todoForSyncThomas Wiest2015-04-211-0/+3
|\ \ | | | | | | Todo for sync
| * | Add TODO for making node certificate sync more efficientJason DeTiberus2015-04-201-0/+3
| |/
* / Remove deployment-type tagsJason DeTiberus2015-04-203-4/+1
|/
* Merge pull request #139 from detiber/configUpdatesMasterThomas Wiest2015-04-2066-819/+880
|\ | | | | Massive refactor, deployment-type support, config updates, reduce duplication
| * Fixup typosJason DeTiberus2015-04-152-2/+2
| |
| * Merge pull request #19 from lhuard1A/move_pool-refreshJason DeTiberus2015-04-152-4/+3
| |\ | | | | | | Move `virsh pool-refresh`
| | * Move `virsh pool-refresh`Lénaïc Huard2015-04-152-4/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | The `pool-refresh` command is used to ask libvirt to rescan the content of a volume pool. This is used to make `libvirt` take into account volumes that were created outside of livirt control i.e.: not with a `virsh` command. `pool-refresh` is useless after a `pool-create` as the content is scanned at creation. `pool-refresh` is mandatory after having created files inside an existing pool.
| * | Merge pull request #20 from lhuard1A/locale_proofJason DeTiberus2015-04-152-2/+2
| |\ \ | | | | | | | | Make the error message checks locale proof
| | * | Make the error message checks locale proofLénaïc Huard2015-04-152-2/+2
| | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On a computer which has a locale set, the error messages look like this: ``` $ virsh net-info foo erreur :impossible de récupérer le réseau « foo » erreur :Réseau non trouvé : no network with matching name 'foo' ``` ``` $ virsh pool-info foo erreur :impossible de récupérer le pool « foo » erreur :Pool de stockage introuvable : no storage pool with matching name 'foo' ``` The classical way to make those tests locale proof is to force a given locale. Like this: ``` $ LANG=POSIX virsh net-info foo error: failed to get network 'foo' error: Réseau non trouvé : no network with matching name 'foo' ``` ``` $ LANG=POSIX virsh pool-info foo error: failed to get pool 'foo' error: Pool de stockage introuvable : no storage pool with matching name 'foo' ``` It looks like the "Network not found" or "Storage pool not found" parts of the message are generated by the `libvirtd` daemon and are not subject to the locale of the `virsh` client. The clean fix consists in patching `libvirt` so that `virsh` sends its locale to the `libvirtd` daemon. But in the mean time, it is safer to have our playbook match the part of the message which is not subject to the daemon locale.
| * / Fix libvirt metadata used to store ansible tagsLénaïc Huard2015-04-161-4/+6
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | According to https://libvirt.org/formatdomain.html#elementsMetadata , the `metadata` tag can contain only one top-level element per namespace. Because of that, libvirt stored only the `deployment-type-{{ deployment_type }}` tag. As a consequence, the dynamic inventory reported no `env-{{ cluster }}` group. This is problematic for the `terminate.yml` playbook which iterates over `groups['tag-env-{{ cluster-id }}]` The symptom is that `oo_hosts_to_terminate` was not defined. In the end, as Ansible couldn’t iterate on the value of `groups['oo_hosts_to_terminate']`, it iterated on its letters: ``` TASK: [Destroy VMs] *********************************************************** failed: [localhost] => (item=['g', 'destroy']) => {"failed": true, "item": ["g", "destroy"]} msg: virtual machine g not found failed: [localhost] => (item=['g', 'undefine']) => {"failed": true, "item": ["g", "undefine"]} msg: virtual machine g not found failed: [localhost] => (item=['r', 'destroy']) => {"failed": true, "item": ["r", "destroy"]} msg: virtual machine r not found failed: [localhost] => (item=['r', 'undefine']) => {"failed": true, "item": ["r", "undefine"]} msg: virtual machine r not found failed: [localhost] => (item=['o', 'destroy']) => {"failed": true, "item": ["o", "destroy"]} msg: virtual machine o not found failed: [localhost] => (item=['o', 'undefine']) => {"failed": true, "item": ["o", "undefine"]} msg: virtual machine o not found failed: [localhost] => (item=['u', 'destroy']) => {"failed": true, "item": ["u", "destroy"]} msg: virtual machine u not found failed: [localhost] => (item=['u', 'undefine']) => {"failed": true, "item": ["u", "undefine"]} msg: virtual machine u not found failed: [localhost] => (item=['p', 'destroy']) => {"failed": true, "item": ["p", "destroy"]} msg: virtual machine p not found failed: [localhost] => (item=['p', 'undefine']) => {"failed": true, "item": ["p", "undefine"]} msg: virtual machine p not found failed: [localhost] => (item=['s', 'destroy']) => {"failed": true, "item": ["s", "destroy"]} msg: virtual machine s not found failed: [localhost] => (item=['s', 'undefine']) => {"failed": true, "item": ["s", "undefine"]} msg: virtual machine s not found failed: [localhost] => (item=['[', 'destroy']) => {"failed": true, "item": ["[", "destroy"]} msg: virtual machine [ not found failed: [localhost] => (item=['[', 'undefine']) => {"failed": true, "item": ["[", "undefine"]} msg: virtual machine [ not found failed: [localhost] => (item=["'", 'destroy']) => {"failed": true, "item": ["'", "destroy"]} msg: virtual machine ' not found failed: [localhost] => (item=["'", 'undefine']) => {"failed": true, "item": ["'", "undefine"]} msg: virtual machine ' not found failed: [localhost] => (item=['o', 'destroy']) => {"failed": true, "item": ["o", "destroy"]} msg: virtual machine o not found failed: [localhost] => (item=['o', 'undefine']) => {"failed": true, "item": ["o", "undefine"]} msg: virtual machine o not found etc… ```
| * fix missed absolute path reference to mktempJason DeTiberus2015-04-151-1/+1
| |
| * Configuration updates for latest builds and major refactorJason DeTiberus2015-04-1467-892/+952
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Configuration updates for latest builds - Switch to using create-node-config - Switch sdn services to use etcd over SSL - This re-uses the client certificate deployed on each node - Additional node registration changes - Do not assume that metadata service is available in openshift_facts module - Call systemctl daemon-reload after installing openshift-master, openshift-sdn-master, openshift-node, openshift-sdn-node - Fix bug overriding openshift_hostname and openshift_public_hostname in byo playbooks - Start moving generated configs to /etc/openshift - Some custom module cleanup - Add known issue with ansible-1.9 to README_OSE.md - Update to genericize the kubernetes_register_node module - Default to use kubectl for commands - Allow for overriding kubectl_cmd - In openshift_register_node role, override kubectl_cmd to openshift_kube - Set default openshift_registry_url for enterprise when deployment_type is enterprise - Fix openshift_register_node for client config change - Ensure that master certs directory is created - Add roles and filter_plugin symlinks to playbooks/common/openshift-master and node - Allow non-root user with sudo nopasswd access - Updates for README_OSE.md - Update byo inventory for adding additional comments - Updates for node cert/config sync to work with non-root user using sudo - Move node config/certs to /etc/openshift/node - Don't use path for mktemp. addresses: https://github.com/openshift/openshift-ansible/issues/154 Create common playbooks - create common/openshift-master/config.yml - create common/openshift-node/config.yml - update playbooks to use new common playbooks - update launch playbooks to call update playbooks - fix openshift_registry and openshift_node_ip usage Set default deployment type to origin - openshift_repo updates for enabling origin deployments - also separate repo and gpgkey file structure - remove kubernetes repo since it isn't currently needed - full deployment type support for bin/cluster - honor OS_DEPLOYMENT_TYPE env variable - add --deployment-type option, which will override OS_DEPLOYMENT_TYPE if set - if neither OS_DEPLOYMENT_TYPE or --deployment-type is set, defaults to origin installs Additional changes: - Add separate config action to bin/cluster that runs ansible config but does not update packages - Some more duplication reduction in cluster playbooks. - Rename task files in playbooks dirs to have tasks in their name for clarity. - update aws/gce scripts to use a directory for inventory (otherwise when there are no hosts returned from dynamic inventory there is an error) libvirt refactor and update - add libvirt dynamic inventory - updates to use dynamic inventory for libvirt
* | update tower ami image to latest libra-ops-rhel7Troy Dawson2015-04-161-1/+1
|/