summaryrefslogtreecommitdiffstats
path: root/roles
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #6044 from fabianvf/1510546-asb-fix-cert-conditionalScott Dodson2017-11-071-11/+11
|\ | | | | Fix ansible service broker etcd cert generation logic.
| * Move fact definition that breaks when check to end of blockFabian von Feilitzsch2017-11-071-11/+11
| |
* | Merge pull request #6036 from mgugino-upstream-stage/fix-prometheus-varsOpenShift Merge Robot2017-11-074-49/+48
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Fix prometheus default vars Currently, prometheus role tries to set some defaults depending on openshift_deployment_type. This commit simplifies that logic. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1509782
| * | Fix prometheus default varsMichael Gugino2017-11-074-49/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, prometheus role tries to set some defaults depending on openshift_deployment_type. This commit simplifies that logic. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1509782
* | | Merge pull request #6009 from dymurray/templateOpenShift Merge Robot2017-11-072-2/+18
|\ \ \ | |_|/ |/| | | | | | | | | | | | | | Automatic merge from submit-queue. Update service broker configmap and serviceaccount privileges Addresses Bugs https://bugzilla.redhat.com/show_bug.cgi?id=1503289 and https://bugzilla.redhat.com/show_bug.cgi?id=1507111
| * | Proper quotesDylan Murray2017-11-031-2/+2
| | |
| * | Update service broker configmap and serviceaccount privilegesDylan Murray2017-11-032-2/+18
| | |
* | | Merge pull request #6031 from abutcher/temporary-servinginfo-clientcaOpenShift Merge Robot2017-11-062-1/+31
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Temporarily set master servingInfo.clientCA as client-ca-bundle.crt during rolling CA redeployment. This PR temporarily configures master `servingInfo.clientCA` as `client-ca-bundle.crt` during CA redeploy so that clients referencing the old OpenShift CA can continue to function until all cluster certificates have been replaced and `servingInfo.clientCA` is reset to `ca.crt`. `client-ca-bundle.crt` is a new bundle created by the `openshift_ca` role which contains old and new OpenShift CA certificates. https://bugzilla.redhat.com/show_bug.cgi?id=1509124 Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1493276
| * | | Temporarily set master servingInfo.clientCA as client-ca-bundle.crt during ↵Andrew Butcher2017-11-062-1/+31
| | | | | | | | | | | | | | | | rolling CA redeployment.
* | | | Merge pull request #5976 from fabianvf/asb-etcd-certsScott Dodson2017-11-063-13/+174
|\ \ \ \ | | | | | | | | | | Bug 1507617- Move etcd into its own service/dc with SSL
| * | | | Bug 1507617- Move etcd into its own service/dc with SSLFabian von Feilitzsch2017-11-033-13/+174
| | | | |
* | | | | Merge pull request #6027 from ↵OpenShift Merge Robot2017-11-065-7/+30
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | mgugino-upstream-stage/retry-restart-master-controllers Automatic merge from submit-queue. Retry restarting master controllers Currently, master controller services may fail to restart if master api services are not fully initialized. This commit enables retry of master controllers. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1509837
| * | | | | Retry restarting master controllersMichael Gugino2017-11-065-7/+30
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, master controller services may fail to restart if master api services are not fully initialized. This commit enables retry of master controllers. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1509837
* | | | | Merge pull request #6030 from giuseppe/fix-selinux-docker-tooOpenShift Merge Robot2017-11-062-4/+9
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. container-engine: ensure /var/lib/containers/ is properly labelled we were doing it only when CRI-O is installed. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1509880 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | container-engine: ensure /var/lib/containers/ is properly labelledGiuseppe Scrivano2017-11-062-4/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | we were doing it only when CRI-O is installed. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1509880 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #6007 from kwoodson/container_locationOpenShift Merge Robot2017-11-062-0/+48
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Moving docker location to share path with system containers.
| * | | | | | Moving docker location to share path with system containers.Kenny Woodson2017-11-062-0/+48
| | | | | | |
* | | | | | | Merge pull request #6026 from fabianvf/1509680-asb-credential-checkScott Dodson2017-11-064-5/+7
|\ \ \ \ \ \ \ | |_|_|_|_|_|/ |/| | | | | | Bug 1509680- Fix ansible-service-broker registry settings/validations
| * | | | | | Bug 1509680- Fix ansible-service-broker registry validationsFabian von Feilitzsch2017-11-064-5/+7
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Remove outdated dockerhub registry validations - Add the local openshift registry by default - Add whitelist parameter for local registry - Set default dockerhub org to ansibleplaybookbundle
* | | | | | Merge pull request #5994 from djzager/bz1509052-broker-logfileScott Dodson2017-11-061-1/+0
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | Bug 1509052 - Remove logfile from broker config
| * | | | | Bug 1509052 - Remove logfile from broker configDavid Zager2017-11-021-1/+0
| | | | | |
* | | | | | Merge pull request #5988 from mgugino-upstream-stage/github-auth-fixScott Dodson2017-11-061-4/+2
|\ \ \ \ \ \ | | | | | | | | | | | | | | Fix github auth validation
| * | | | | | Fix github auth validationMichael Gugino2017-11-021-4/+2
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit ensures github auth validation filter works as intended. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1444367
* | | | | | Merge pull request #5836 from jkroepke/issue_5835Scott Dodson2017-11-062-2/+2
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | Remove provisioner restrictions on oc_storageclass
| * | | | | Re-generate lib_openshiftJan-Otto Kröpke2017-10-251-1/+1
| | | | | |
| * | | | | Remove provisioner restrictions on oc_storageclassJan-Otto Kröpke2017-10-221-1/+1
| | | | | |
* | | | | | Merge pull request #6010 from fabianvf/1507787-asb-fix-ocp-defaultsScott Dodson2017-11-051-1/+1
|\ \ \ \ \ \ | | | | | | | | | | | | | | Bug 1507787- add full path to default asb etcd image
| * | | | | | Bug 1507787- add full path to default asb etcd imageFabian von Feilitzsch2017-11-031-1/+1
| | |_|_|_|/ | |/| | | |
* | | | | | Revert "Bootstrap enhancements."Clayton Coleman2017-11-0523-321/+273
| | | | | |
* | | | | | Merge pull request #5991 from tbielawa/gate_cfmeOpenShift Merge Robot2017-11-042-4/+64
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. management: users must acknowledge use of beta software Adds a new role variable, openshift_management_install_beta. This variable defaults to false. The value of this variable is checked during the validation phase. * If true, the install will not continue. * If false, The user is presented with an informative message letting them know this is beta software and there is low/no support at this time. The installation will abort and instruct the user how to continue.
| * | | | | | management: enterprise users must acknowledge use of beta softwareTim Bielawa2017-11-032-4/+64
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds a new role variable, openshift_management_install_beta. This variable defaults to false. The value of this variable is checked during the validation phase for enterprise deployment types. * If true, the install will not continue. * If false, The user is presented with an informative message letting them know this is beta software and there is low/no support at this time. The installation will abort and instruct the user how to continue.
* | | | | | Merge pull request #6006 from mgugino-upstream-stage/elb-v2OpenShift Merge Robot2017-11-0323-273/+321
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Bootstrap enhancements. This includes the elb work.
| * | | | | | Bootstrap enhancements.Kenny Woodson2017-11-0323-273/+321
| | | | | | |
* | | | | | | Merge pull request #6005 from mgugino-upstream-stage/fix-master-version-detectOpenShift Merge Robot2017-11-032-1/+12
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Fix master upgrade version detect and systemd enable Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1508755 Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1509158
| * | | | | | | Fix master upgrade version detect and systemd enableMichael Gugino2017-11-032-1/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1508755 Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1509158
* | | | | | | | Merge pull request #5983 from ewolinetz/37_bz1508150OpenShift Merge Robot2017-11-031-2/+2
|\ \ \ \ \ \ \ \ | |_|_|_|/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Use the currently attached pvc for an ES dc if available Otherwise fall back to current logic of labelled PVCs or creating if necessary. This is to address https://bugzilla.redhat.com/show_bug.cgi?id=1508150 The order of the PVC priority is as follows: 1. The PVC currently claimed on the DC 1. A PVC from the list of PVCs as collected by logging_facts 1. Create a new PVC
| * | | | | | | Using the currently attached pvc for an ES dc if available, otherwise ↵Eric Wolinetz2017-11-011-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | falling back to current logic
* | | | | | | | Merge pull request #5959 from sdodson/sc-asb-tsb-on-by-defaultOpenShift Merge Robot2017-11-036-10/+28
|\ \ \ \ \ \ \ \ | |_|_|/ / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Enable SC, ASB, TSB by default It was decided that SC, ASB, and TSB should be installed by default. This will not install the components on an upgrade from 3.6 to 3.7, that will require that you run the sc playbook on your own. Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1508085
| * | | | | | | Use client binary and well defined kubeconfigScott Dodson2017-11-023-8/+8
| | | | | | | |
| * | | | | | | Ensure install and remove are mutually exclusive viaScott Dodson2017-11-021-0/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | openshift_sanitize_inventory
| * | | | | | | Enable SC, ASB, TSB by defaultScott Dodson2017-11-022-2/+2
| | |_|/ / / / | |/| | | | | | | | | | | | | | | | | | | This will not install the components on an upgrade.
* | | | | | | Merge pull request #5992 from abutcher/old-repo-fileOpenShift Merge Robot2017-11-031-0/+5
|\ \ \ \ \ \ \ | |_|_|/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Remove old /etc/yum.repos.d/openshift_additional.repo file. Repos defined in `openshift_additional_repos` will be configured individually in their own files so we can remove the old multi-repo file.
| * | | | | | Remove old /etc/yum.repos.d/openshift_additional.repo file.Andrew Butcher2017-11-021-0/+5
| |/ / / / /
* | | | | | Merge pull request #5995 from ashcrow/docker-gc-daemonsetOpenShift Merge Robot2017-11-034-0/+101
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. openshift_hosted: Add docker-gc Two new inventory variables have been created: - ``openshift_crio_enable_docker_gc``: Enable docker_gc daemon set - ``openshift_crio_docker_gc_node_selector``: Optional dictionary to use node selector When ``openshift_crio_enable_docker_gc`` and ``openshift_use_crio`` are both true then ``docker_gc`` daemonset will be created along with adding a ``docker-gc`` sa.
| * | | | | openshift_hosted: Add docker-gcSteve Milner2017-11-024-0/+101
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Two new inventory variables have been created: - openshift_crio_enable_docker_gc: Enable docker_gc daemon set - openshift_crio_docker_gc_node_selector: Optional dictionary to use node selector When openshift_crio_enable_docker_gc and openshift_use_crio are both true then dockergc daemonset will be created along with adding a dockergc sa. Signed-off-by: Steve Milner <smilner@redhat.com>
* | | | | Merge pull request #5945 from kwoodson/elb_fixesOpenShift Merge Robot2017-11-038-64/+74
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Fixing elb creation for infra and adding to scale group. Elb creation was missing for the infra nodes. This was either an issue with a refactor or it was missed. The other issue was that after instances were removed and re-added via a scale group the ELB no longer referenced those hosts. This PR names the ELBs so they are automatically tied to a scale group instead of an instance. This allows for instances to come and go but the ELBs will continue to work with all new instances in the ASG.
| * | | | | Adding elb changes to provision elbs and add to scale group.Kenny Woodson2017-11-018-64/+74
| | | | | |
* | | | | | Merge pull request #5989 from tbielawa/bz1506951OpenShift Merge Robot2017-11-031-1/+13
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. CFME: Use cluster_hostname if cluster_public_hostname isn't available The CFME 'automatically add provider' playbook would fail if openshift_master_cluster_public_hostname was not defined in the inventory. Now we use that value if it is available, and fallback to using the masters 'cluster_hostname' otherwise. * Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1506951
| * | | | | | CFME: Use cluster_hostname if cluster_public_hostname isn't availableTim Bielawa2017-11-021-1/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The CFME 'automatically add provider' playbook would fail if openshift_master_cluster_public_hostname was not defined in the inventory. Now we use that value if it is available, and fallback to using the masters 'cluster_hostname' otherwise. * Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1506951
* | | | | | | Merge pull request #5977 from ↵OpenShift Merge Robot2017-11-032-4/+5
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | staebler/1507598-patch_permissions_for_service_catalog Automatic merge from submit-queue. Give admin and edit roles permission to patch ServiceInstances and ServiceBindings Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1507598.