summaryrefslogtreecommitdiffstats
path: root/roles
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #5890 from staebler/svc-cat-rc0.1.0Scott Dodson2017-10-271-1/+1
|\ | | | | Fix CA Bundle passed to service-catalog broker for ansible-service-broker
| * Fix CA Bundle passed to service-catalog broker for ansible-service-brokerstaebler2017-10-251-1/+1
| |
* | Merge pull request #5891 from mgugino-upstream-stage/dns-bind-interfacesMichael Gugino2017-10-272-1/+9
|\ \ | | | | | | Change dnsmasq to bind-interfaces + except-interfaces
| * | Change dnsmasq to bind-interfaces + except-interfacesMichael Gugino2017-10-252-1/+9
| | | | | | | | | | | | | | | | | | | | | | | | Currently, we have to set the listen ip for dnsmasq via ansible during installation. This commit enables dnsmasq to bind-interfaces + exclude interfaces to ensure dnsmasq doesn't listen on lo interface.
* | | Merge pull request #5885 from kwoodson/fix_image_cleanScott Dodson2017-10-261-7/+0
|\ \ \ | | | | | | | | Moving removal of unwanted artifacts to image_prep.
| * | | Moving removal of unwanted artifacts to image_prep.Kenny Woodson2017-10-251-7/+0
| | | |
* | | | Merge pull request #5882 from mgugino-upstream-stage/persistent-journald-logsScott Dodson2017-10-261-0/+5
|\ \ \ \ | | | | | | | | | | Ensure journald persistence directories exist
| * | | | Ensure journald persistence directories existMichael Gugino2017-10-251-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, we configure openshfit masters to modify journald to use persistent storage. The directory structure must be created manually according to documentation. This commit ensures the needed directory is created. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1506141
* | | | | Merge pull request #5793 from tbielawa/openshift_management_moduleOpenShift Merge Robot2017-10-2612-83/+341
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Openshift MGMT Fixes and Container Provider Integration Various small fixes/polishing to the openshift management role. * Updated uninstall script * Automatically add cluster to new management deployment * Scaffolding for scripts to add *N* number of OCP/Origin clusters as Container Providers in any arbitrary MIQ/CFME instance * Fix mis-named task in `openshift_nfs/create_export` * Uninstall playbook only runs on one master
| * | | | | Fix lintTim Bielawa2017-10-201-2/+7
| | | | | |
| * | | | | Move add_many_container_providers.yml to playbooks/byo/openshift-management ↵Andrew Butcher2017-10-203-42/+2
| | | | | | | | | | | | | | | | | | | | | | | | with a noop task include to load filter plugins.
| * | | | | Refactor adding multiple container providersTim Bielawa2017-10-206-53/+94
| | | | | |
| * | | | | Management Cleanup and Provider IntegrationTim Bielawa2017-10-209-52/+304
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add container provider integration * General cleanup * Poll until service fully starts * Add notes on multiple-provider additions
* | | | | | Merge pull request #5856 from sngchlko/fix-typo-in-kuryrMichael Gugino2017-10-261-3/+3
|\ \ \ \ \ \ | | | | | | | | | | | | | | Fix typo and add detailed comments in kuryr
| * | | | | | Fix typo and add detailed comments in kuryrSeungcheol Ko2017-10-241-3/+3
| | | | | | |
* | | | | | | Merge pull request #5863 from mgugino-upstream-stage/fix-logging-loop-warningsOpenShift Merge Robot2017-10-261-12/+21
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Fix loop_var warnings during logging install Currently, install_logging.yml in openshift_logging role loops over other roles. This creates a collision with the keyword 'item' in those roles. This commit adds the loop_var as suggested by ansible warnings.
| * | | | | | | Fix loop_var warnings during logging installMichael Gugino2017-10-241-12/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, install_logging.yml in openshift_logging role loops over other roles. This creates a collision with the keyword 'item' in those roles. This commit adds the loop_var as suggested by ansible warnings.
* | | | | | | | Merge pull request #5655 from giuseppe/etcd-additional-bind-mountOpenShift Merge Robot2017-10-259-76/+33
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. etcd: remove hacks for the system container This removes the special handling of the etcd directories when running as a system container. Marked as WIP as it depends from this [change](https://bugzilla.redhat.com/show_bug.cgi?id=1484326) in the etcd image to be reflected into `registry.access.redhat.com/rhel7/etcd`
| * | | | | | | | etcd: remove hacks for the system containerGiuseppe Scrivano2017-10-239-76/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use ADDTL_MOUNTS to add a bind mount to the etcd configuration. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | | | | Merge pull request #5830 from abutcher/registry-deploymentOpenShift Merge Robot2017-10-251-0/+2
|\ \ \ \ \ \ \ \ \ | |_|_|_|_|_|_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Ensure deployment_subtype is set within openshift_sanitize_inventory. https://bugzilla.redhat.com/show_bug.cgi?id=1504021
| * | | | | | | | Ensure deployment_subtype is set within openshift_sanitize_inventory.Andrew Butcher2017-10-201-0/+2
| | |_|_|/ / / / | |/| | | | | |
* | | | | | | | Merge pull request #5861 from mtnbikenc/fix-1505537Scott Dodson2017-10-251-27/+3
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | 1505537 Remove pause from master service startup
| * | | | | | | | Remove pause from master service startupRussell Teague2017-10-251-27/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes 1505537 https://bugzilla.redhat.com/show_bug.cgi?id=1505537
* | | | | | | | | Merge pull request #5850 from mgugino-upstream-stage/remove-base-packageScott Dodson2017-10-252-11/+0
|\ \ \ \ \ \ \ \ \ | |_|_|_|_|_|_|_|/ |/| | | | | | | | Remove base package install
| * | | | | | | | Remove base package installMichael Gugino2017-10-232-11/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, base atomic-openshift package is installed for versioning. This doesn't appear to be necessary. This commit removes this step. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1504196
* | | | | | | | | Merge pull request #5573 from vshn/registryclaim1OpenShift Merge Robot2017-10-251-1/+0
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Remove unused registry_volume_claim variable The "registry_volume_claim" variable has not been used since at least commit 7cf5cc1 (February 21, 2017) and this commit removes the last mention.
| * | | | | | | | | Remove unused registry_volume_claim variableMichael Hanselmann2017-10-191-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The "registry_volume_claim" variable has not been used since at least commit 7cf5cc1 (February 21, 2017) and this commit removes the last mention.
* | | | | | | | | | Merge pull request #5854 from sdodson/image-stream-syncScott Dodson2017-10-2567-215/+14386
|\ \ \ \ \ \ \ \ \ \ | |_|_|_|_|_|_|_|/ / |/| | | | | | | | | Sync latest imagestreams and templates
| * | | | | | | | | Sync latest imagestreams and templatesScott Dodson2017-10-2367-215/+14386
| | | | | | | | | |
* | | | | | | | | | Merge pull request #5810 from zgalor/refactor-prom-entryOpenShift Merge Robot2017-10-251-0/+7
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Add installer checkpoint for prometheus
| * | | | | | | | | | Add installer checkpoint for prometheusZohar Galor2017-10-191-0/+7
| | |/ / / / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | Add checkpoint steps for full cluster install and individual entry point playbook.
* | | | | | | | | | Merge pull request #5848 from zgalor/pvc_default_alignScott Dodson2017-10-253-4/+10
|\ \ \ \ \ \ \ \ \ \ | |_|_|_|_|_|_|_|_|/ |/| | | | | | | | | Change default in prometheus storage type to emptydir
| * | | | | | | | | Change default in prometheus storage type to emptydirZohar Galor2017-10-243-4/+10
| | |_|_|/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Only create pvcs when openshift_prometheus_<alertmanager|buffer>_storage_type==pvc By default deployment will use emptydir. Add some documentation and examples. bz: https://bugzilla.redhat.com/show_bug.cgi?id=1495446
* | | | | | | | | Merge pull request #5857 from wozniakjan/bz_1491636/logging/nodeselectorOpenShift Merge Robot2017-10-251-6/+6
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Bug 1491636 - honor node selectors The deprecation of `*_hosted_*` vars made logging node selectors set in the inventory to be ignored. Node selectors were set as 'facts' and they have higher priority than inventory variables. Setting logging node selectors could be achieved only by using command line --extra-vars. It is related to the same BZ as https://github.com/openshift/openshift-ansible/pull/5858 but the issue is different.
| * | | | | | | | | Bug 1491636 - honor node selectorsJan Wozniak2017-10-241-6/+6
| | |_|_|_|_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The deprecation of `*_hosted_*` vars made logging node selectors set in the inventory to be ignored. Node selectors were set as 'facts' and they have higher priority than inventory variables. Setting logging node selectors could be achieved only by using command line --extra-vars.
* | | | | | | | | Merge pull request #5787 from zgalor/image_prefixOpenShift Merge Robot2017-10-243-11/+17
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Split prometheus image defaults to prefix and version To allow easier testing and deployment from different repos, image defaults were split to prefix and version that can be set externally. bz: https://bugzilla.redhat.com/show_bug.cgi?id=1493431
| * | | | | | | | | Split prometheus image defaults to prefix and versionZohar Galor2017-10-243-11/+17
| | |/ / / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | To allow easier testing and deployment from different repos, image defaults were split to prefix and version that can be set externally. bz: https://bugzilla.redhat.com/show_bug.cgi?id=1493431
* | | | | | | | | Merge pull request #5780 from ↵OpenShift Merge Robot2017-10-241-2/+7
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | smarterclayton/allow_per_node_group_bootstrap_and_image Automatic merge from submit-queue. Handle bootstrap behavior in GCP template Allow each node group to request bootstrap, allow per node group image override, and ensure the provision logic does not wait for bootstrapping node groups before continuing. This is an incremental step to allow GCP clusters to use bootstrap logic on cluster deploy without having fully baked images. We will switch over slowly and ensure both code paths function. Then we can remove this as necessary. For metadata, we set the cluster id and bootstrap state into instance metadata. On GCP, we'll use project metadata to set the bootstrap kubeconfig file and a startup-script to call it (not in a PR yet). Pairs with openshift/origin-gce#54 @kwoodson
| * | | | | | | | | Handle bootstrap behavior in GCP templateClayton Coleman2017-10-181-2/+7
| | |_|/ / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow each node group to request bootstrap, allow per node group image override, and ensure the provision logic does not wait for bootstrapping node groups before continuing. This is an incremental step to allow GCP clusters to use bootstrap logic on cluster deploy without having fully baked images. We will switch over slowly and ensure both code paths function.
* | | | | | | | | Merge pull request #5700 from wozniakjan/bz_1452939OpenShift Merge Robot2017-10-2414-14/+164
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Bug 1452939 - change imagePullPolicy in logging and metrics cc: @jcantrill
| * | | | | | | | | Bug 1452939 - change Logging & Metrics imagePullPolicyJan Wozniak2017-10-2314-14/+164
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - all images logging and metrics change their default imagePullPolicy from Always to IfNotPresent
* | | | | | | | | | Merge pull request #5806 from staebler/service_catalog_uninstall_issuesOpenShift Merge Robot2017-10-247-17/+47
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Fix a few small issues in service catalog uninstall * Service catalog install was not re-creating the apiserver.crt and apiserver.key files when generating certs. But the ca.crt and ca.key files were being re-created. This was causing non-verifiable certs to be used when service catalog was uninstalled and re-installed. The service catalog installer was changed to delete the apiserver.crt and apiserver.key files so that they are re-created using the new ca.crt and ca.key files. * The asb auth token secret was not being deleted correctly and causing the uninstaller to fail. * The asb uninstaller was attempting to delete the broker registration from the service catalog. However, the service catalog is uninstalled first. When the asb uninstaller would fail when attempting to delete the ClusterServiceBroker. The uninstaller was changed to verify that the servicecatalog APIService exists first before attempting to delete the ClusterServiceBroker. * The service catalog uninstaller was attempting to delete policybindings. The server does not have a resource type name policybinding. I do not know what the intention is there, but I have commented out that part of the uninstaller.
| * | | | | | | | | | Remove extraneous spaces that yamllint dislikesstaebler2017-10-231-3/+3
| | | | | | | | | | |
| * | | | | | | | | | Remove role bindings during service catalog un-installstaebler2017-10-225-15/+28
| | | | | | | | | | |
| * | | | | | | | | | Fix a few small issues in service catalog uninstallstaebler2017-10-223-6/+23
| |/ / / / / / / / /
* | | | | | | | | | Merge pull request #5814 from mgugino-upstream-stage/docker-auth-upgradesOpenShift Merge Robot2017-10-242-11/+13
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Enable oreg_auth credential replace during upgrades Currently, upgrades run a docker image pull prior to upgrading masters and nodes for containerized installs. If using a secure registry, and a user wishes to upgrade their credentials due to expiry, the image pull will fail. This commit ensures docker login credentials are updated during upgrades, if necessary. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1503995
| * | | | | | | | | | Enable oreg_auth credential replace during upgradesMichael Gugino2017-10-192-11/+13
| | |/ / / / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, upgrades run a docker image pull prior to upgrading masters and nodes for containerized installs. If using a secure registry, and a user wishes to upgrade their credentials due to expiry, the image pull will fail. This commit ensures docker login credentials are updated during upgrades, if necessary. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1503995
* | | | | | | | | | Merge pull request #5828 from mgugino-upstream-stage/fix-openid-challengeScott Dodson2017-10-241-1/+0
|\ \ \ \ \ \ \ \ \ \ | |_|_|_|_|_|_|_|_|/ |/| | | | | | | | | Remove incorrect validation for OpenIDIdentityProvider
| * | | | | | | | | Remove incorrect validation for OpenIDIdentityProviderMichael Gugino2017-10-201-1/+0
| | |_|_|_|_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, OpenIDIdentityProvider does not support 'challenge=true' in openshift-ansible. This is incorrect, the auth plugin OpenIDIdentityProvider does support this. This commit removes the unnecessary validation of challenge key. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1444367 Fixes: https://github.com/openshift/openshift-ansible/issues/4417
* | | | | | | | | Merge pull request #5840 from staebler/service_catalog_role_patchingOpenShift Merge Robot2017-10-241-2/+2
|\ \ \ \ \ \ \ \ \ | |_|_|_|/ / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Fix edit and admin role patching for service catalog Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1496694. Update the jinja files used to patch the edit and admin ClusterRoles so that it uses the new resource names of ServiceInstances and ServiceBindings.