summaryrefslogtreecommitdiffstats
path: root/roles
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #2838 from mscherer/port_py3Jason DeTiberus2016-11-221-1/+2
|\ | | | | Make os_firewall_manage_iptables run on python3
| * Make os_firewall_manage_iptables run on python3Michael Scherer2016-11-221-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It fail with that traceback: Traceback (most recent call last): File \"/tmp/ansible_ib5gpbsp/ansible_module_os_firewall_manage_iptables.py\", line 273, in <module> main() File \"/tmp/ansible_ib5gpbsp/ansible_module_os_firewall_manage_iptables.py\", line 257, in main iptables_manager.add_rule(port, protocol) File \"/tmp/ansible_ib5gpbsp/ansible_module_os_firewall_manage_iptables.py\", line 87, in add_rule self.verify_chain() File \"/tmp/ansible_ib5gpbsp/ansible_module_os_firewall_manage_iptables.py\", line 82, in verify_chain self.create_jump() File \"/tmp/ansible_ib5gpbsp/ansible_module_os_firewall_manage_iptables.py\", line 142, in create_jump input_rules = [s.split() for s in output.split('\\n')]
* | Merge pull request #2817 from mtnbikenc/os_firewall-refactorJason DeTiberus2016-11-224-105/+26
|\ \ | | | | | | Refactor os_firewall role
| * | Refactor os_firewall roleRussell Teague2016-11-214-105/+26
| | | | | | | | | | | | | | | | | | * Remove unneeded tasks duplicated by new module functionality * Ansible systemd module has 'masked' and 'daemon_reload' options * Ansible firewalld module has 'immediate' option
* | | Merge pull request #2837 from vishpat/service-accountJason DeTiberus2016-11-221-1/+1
|\ \ \ | | | | | | | | Modified the error message being checked for
| * | | Modified the error message being checked forVishal Patil2016-11-211-1/+1
| | | |
* | | | Merge pull request #2711 from simon3z/hawkular-cluster-roleScott Dodson2016-11-222-0/+25
|\ \ \ \ | | | | | | | | | | Add hawkular admin cluster role to management admin
| * | | | Add hawkular admin cluster role to management adminFederico Simoncelli2016-11-032-0/+25
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
* | | | | Make the role work on F25 CloudMichael Scherer2016-11-221-0/+1
| |_|_|/ |/| | | | | | | | | | | | | | | | | | | On F24 and earlier, systemctl show always returned 0. On F25, it return 1 when a service do not exist, and thus the role fail on Fedora 25 cloud edition.
* | | | Merge pull request #2818 from mtnbikenc/package-refactorScott Dodson2016-11-2132-44/+58
|\ \ \ \ | | | | | | | | | | Refactor to use Ansible package module
| * | | | Refactor to use Ansible package moduleRussell Teague2016-11-1732-44/+58
| | | | | | | | | | | | | | | | | | | | | | | | | The Ansible package module will call the correct package manager for the underlying OS.
* | | | | Merge pull request #2833 from dustymabe/dusty-tunedJason DeTiberus2016-11-211-1/+7
|\ \ \ \ \ | | | | | | | | | | | | Only run tuned-adm if tuned exists.
| * | | | | Only run tuned-adm if tuned exists.Dusty Mabe2016-11-211-1/+7
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | Fedora Atomic Host does not have tuned installed. Fixes #2809
* | | | | Merge pull request #2827 from abutcher/BZ1377619Jason DeTiberus2016-11-211-8/+44
|\ \ \ \ \ | |/ / / / |/| | | | Allow ansible to continue when a node is unaccessible or fails.
| * | | | Delegate openshift_manage_node tasks to master host.Andrew Butcher2016-11-211-9/+44
| | | | |
| * | | | Allow ansible to continue when a node is unaccessible or fails.Andrew Butcher2016-11-181-0/+1
| | | | |
* | | | | Merge pull request #2822 from sdodson/onlydnsmasqScott Dodson2016-11-181-5/+10
|\ \ \ \ \ | |/ / / / |/| | | | node_dnsmasq -- Set dnsmasq as our only nameserver
| * | | | Create the file in two passes, atomicly copy it overScott Dodson2016-11-181-6/+8
| | | | |
| * | | | node_dnsmasq -- Set dnsmasq as our only nameserverScott Dodson2016-11-171-1/+4
| |/ / /
* | | | Merge pull request #379 from cgwalters/storage-nfs-lvmScott Dodson2016-11-171-1/+1
|\ \ \ \ | |/ / / |/| | | storage/nfs_lvm: Also export as ReadWriteOnce
| * | | storage/nfs_lvm: Also export as ReadWriteOnceColin Walters2015-07-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | While NFS supports `ReadWriteMany`, it's very common for pod authors to only need `ReadWriteOnce`. At the moment, kube will not auto-bind a `RWO` claim to a `RWM` volume.
* | | | Allow users to disable the origin repo creationScott Dodson2016-11-171-0/+2
| | | |
* | | | Merge pull request #2819 from vishpat/ip-forwardingScott Dodson2016-11-164-5/+31
|\ \ \ \ | | | | | | | | | | Added ip forwarding for nuage
| * | | | Added ip forwarding for nuageVishal Patil2016-11-154-5/+31
| | |_|/ | |/| |
* | | | Merge pull request #2702 from jkhelil/fix_master_config_templateAndrew Butcher2016-11-162-16/+18
|\ \ \ \ | | | | | | | | | | Prevent useless master restart by reworking template for master service enf file
| * | | | Prevent useless master by reworking template for master service enf fileJawed khelil2016-11-022-16/+18
| | |_|/ | |/| |
* | | | Merge pull request #2606 from abutcher/nuage-haproxy-portTim Bielawa2016-11-161-0/+5
|\ \ \ \ | | | | | | | | | | Add nuage rest server port to haproxy firewall rules.
| * | | | Add nuage rest server port to haproxy firewall rules.Andrew Butcher2016-10-141-0/+5
| | | | |
* | | | | Merge pull request #2636 from enlinxu/masterAndrew Butcher2016-11-163-0/+7
|\ \ \ \ \ | | | | | | | | | | | | Support 3rd party scheduler
| * | | | | support 3rd party schedulerenlinxu2016-10-203-0/+7
| | | | | |
* | | | | | Merge pull request #2803 from tbielawa/BZ1390849Scott Dodson2016-11-162-5/+28
|\ \ \ \ \ \ | | | | | | | | | | | | | | Fix metrics deployment in 3.4
| * | | | | | Add view permissions to hawkular saScott Dodson2016-11-151-0/+18
| | | | | | |
| * | | | | | Use multiple '-v's when creating the metrics deployer commandTim Bielawa2016-11-152-5/+10
| | | | | | |
* | | | | | | Merge pull request #2763 from yfauser/byo_cni_plugin_fixesAndrew Butcher2016-11-163-2/+4
|\ \ \ \ \ \ \ | |_|_|_|_|/ / |/| | | | | | [#2698] Change to allow cni deployments without openshift SDN
| * | | | | | Change to allow cni deployments without openshift SDNyfauser2016-11-083-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The roles/openshift_facts main task did not pass the cni plugin variable to the later role playbooks. The master.yaml and node.yaml templates did not allow for a cni configuration without either installing openshift sdn or nuage. This change will allow to use os_sdn_network_plugin_name=cni and set openshift_use_openshift_sdn=false for deployments that use a cni plugin that doesn't need and want openshift sdn to be installed
* | | | | | | Merge pull request #2810 from sdodson/BZ1390913Scott Dodson2016-11-151-5/+18
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Add rolebinding-reader
| * | | | | | | Fix typoScott Dodson2016-11-151-1/+1
| | | | | | | |
| * | | | | | | Fix a few places where we're not specifying the admin kubeconfigScott Dodson2016-11-151-6/+12
| | | | | | | |
| * | | | | | | Add rolebinding-readerScott Dodson2016-11-151-0/+7
| | |/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | Fixes Bug 1390913 Fixes BZ1390913
* | | | | | | Merge pull request #2677 from ↵Scott Dodson2016-11-141-11/+11
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | | | | | | | | | | | | | | | EricMountain-1A/fix_docker_fatal_selinux_4upstream-github Docker daemon is started prematurely.
| * | | | | | Docker daemon is started prematurely.Eric Mountain2016-11-141-11/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Docker service is started prior to configuration changes being applied. The service is then not restarted by the handlers, so configuration changes are not applied. We now start the docker service only once all config changes have been made.
* | | | | | | Sync logging deployer changes from origin to enterpriseScott Dodson2016-11-141-0/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pulls in https://github.com/openshift/origin-aggregated-logging/commit/d40fd9b83a6f6c0fb962db8869e6a35ef4f72751 https://github.com/openshift/origin-aggregated-logging/commit/f55cf03231d3ff2c7c9f2b9c8a4e1c29b4535c9c
* | | | | | | Sync latest enterprise/metrics-deployer.yamlScott Dodson2016-11-142-0/+12
| | | | | | |
* | | | | | | Sync latest s2i contentScott Dodson2016-11-141-3/+8
|/ / / / / /
* | | | | | Merge pull request #2562 from sdodson/etcd3Scott Dodson2016-11-145-3/+39
|\ \ \ \ \ \ | | | | | | | | | | | | | | etcd upgrade playbooks
| * | | | | | Add updates for containerizedScott Dodson2016-11-142-3/+14
| | | | | | |
| * | | | | | Drop /etc/profile.d/etcdctl.shScott Dodson2016-11-143-0/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Includes bash functions for etcdctl2 and etcdctl3 which provide reasonable defaults for etcdctl functions on a host that's configured with openshift_etcd.
* | | | | | | Merge pull request #2798 from tbielawa/BZ1389137Tim Bielawa2016-11-141-0/+5
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Fix commit-offsets in version detection for containerized installs
| * | | | | | | Fix commit-offsets in version detection for containerized installsTim Bielawa2016-11-141-0/+5
| |/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Applies the chomp_commit_offset logic to container version detection https://bugzilla.redhat.com/show_bug.cgi?id=1389137
* / / / / / / Added dependency of os_firewall to docker roleRussell Teague2016-11-145-6/+6
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The docker role requires iptables-services to be installed. Added dependency on so_firewall role to ensure the iptables service is installed first. Currently this will only work with iptables and not with firewalld. * Added allow_duplicates to os_firewall role meta * Removed unused task from docker/tasks * Corrected os_firewall Defaults in README