From 22eb2be9a1131279f1057912c36eba9591450dac Mon Sep 17 00:00:00 2001 From: Diego Castro Date: Thu, 17 Dec 2015 08:58:12 -0300 Subject: Controllers_port and firewall rules --- playbooks/common/openshift-master/config.yml | 1 + 1 file changed, 1 insertion(+) (limited to 'playbooks') diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 4ecdf2a0c..543583642 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -43,6 +43,7 @@ api_port: "{{ openshift_master_api_port | default(None) }}" api_url: "{{ openshift_master_api_url | default(None) }}" api_use_ssl: "{{ openshift_master_api_use_ssl | default(None) }}" + controllers_port: "{{ openshift_master_controllers_port | default(None) }}" public_api_url: "{{ openshift_master_public_api_url | default(None) }}" cluster_hostname: "{{ openshift_master_cluster_hostname | default(None) }}" cluster_public_hostname: "{{ openshift_master_cluster_public_hostname | default(None) }}" -- cgit v1.2.3 From 7d7de31659bb15e9690df082d4129c73c4c413cf Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 8 Jan 2016 12:28:35 -0500 Subject: Remove default disable of SDN for GCE - Update openshift_facts to no longer default use_openshift_sdn for GCE installs - Remove workarounds in the GCE playbooks that were forcing SDN configuration --- playbooks/gce/openshift-cluster/config.yml | 1 - playbooks/gce/openshift-cluster/join_node.yml | 2 -- playbooks/gce/openshift-cluster/vars.yml | 3 --- 3 files changed, 6 deletions(-) (limited to 'playbooks') diff --git a/playbooks/gce/openshift-cluster/config.yml b/playbooks/gce/openshift-cluster/config.yml index 3231ecc8e..84a3f84d4 100644 --- a/playbooks/gce/openshift-cluster/config.yml +++ b/playbooks/gce/openshift-cluster/config.yml @@ -13,4 +13,3 @@ openshift_debug_level: "{{ debug_level }}" openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ gce_private_ip }}" - openshift_use_openshift_sdn: "{{ do_we_use_openshift_sdn }}" diff --git a/playbooks/gce/openshift-cluster/join_node.yml b/playbooks/gce/openshift-cluster/join_node.yml index acf5e5110..75343dffa 100644 --- a/playbooks/gce/openshift-cluster/join_node.yml +++ b/playbooks/gce/openshift-cluster/join_node.yml @@ -48,6 +48,4 @@ openshift_debug_level: 4 openshift_deployment_type: "{{ deployment_type }}" openshift_hostname: "{{ ansible_default_ipv4.address }}" - openshift_use_openshift_sdn: true openshift_node_labels: "{{ lookup('oo_option', 'openshift_node_labels') }} " - os_sdn_network_plugin_name: "redhat/openshift-ovs-subnet" diff --git a/playbooks/gce/openshift-cluster/vars.yml b/playbooks/gce/openshift-cluster/vars.yml index 7fb13c7a6..f004a9e6b 100644 --- a/playbooks/gce/openshift-cluster/vars.yml +++ b/playbooks/gce/openshift-cluster/vars.yml @@ -1,8 +1,5 @@ --- -do_we_use_openshift_sdn: true -sdn_network_plugin: redhat/openshift-ovs-subnet debug_level: 2 -# os_sdn_network_plugin_name can be ovssubnet or multitenant, see https://docs.openshift.org/latest/architecture/additional_concepts/sdn.html#ovssubnet-plugin-operation deployment_rhel7_ent_base: image: rhel-7 -- cgit v1.2.3 From 670fc1cff44bd0ad82c0dd2748c5c028f0f304ed Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Wed, 20 Jan 2016 11:14:26 -0500 Subject: Use haproxy frontend port for os_firewall. --- playbooks/common/openshift-master/config.yml | 1 + 1 file changed, 1 insertion(+) (limited to 'playbooks') diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 296176e49..9f8443599 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -219,6 +219,7 @@ hosts: oo_lb_to_config vars: sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" + haproxy_frontend_port: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_port }}" haproxy_frontends: - name: atomic-openshift-api mode: tcp -- cgit v1.2.3 From da807dddde807754fb535facebf63608f7d466e9 Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Wed, 20 Jan 2016 13:56:37 -0500 Subject: Check master certificates during upgrade. --- .../upgrades/v3_0_to_v3_1/upgrade.yml | 30 +++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) (limited to 'playbooks') diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml index 68df2153d..2a4eecad9 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml @@ -248,7 +248,31 @@ config_base: "{{ hostvars[inventory_hostname].openshift.common.config_base }}" - set_fact: - master_certs_missing: True + openshift_master_certs_no_etcd: + - admin.crt + - master.kubelet-client.crt + - "{{ 'master.proxy-client.crt' if openshift.common.version_greater_than_3_1_or_1_1 else omit }}" + - master.server.crt + - openshift-master.crt + - openshift-registry.crt + - openshift-router.crt + - etcd.server.crt + openshift_master_certs_etcd: + - master.etcd-client.crt + + - set_fact: + openshift_master_certs: "{{ (openshift_master_certs_no_etcd | union(openshift_master_certs_etcd)) if (groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config) else openshift_master_certs_no_etcd }}" + + - name: Check status of master certificates + stat: + path: "{{ openshift.common.config_base }}/master/{{ item }}" + with_items: openshift_master_certs + register: g_master_cert_stat_result + + - set_fact: + master_certs_missing: "{{ False in (g_master_cert_stat_result.results + | oo_collect(attribute='stat.exists') + | list ) }}" master_cert_subdir: master-{{ openshift.common.hostname }} master_cert_config_dir: "{{ openshift.common.config_base }}/master" @@ -262,8 +286,8 @@ | oo_flatten | unique }}" master_generated_certs_dir: "{{ openshift.common.config_base }}/generated-configs" masters_needing_certs: "{{ hostvars - | oo_select_keys(groups.oo_masters_to_config) - | difference([groups.oo_first_master.0]) }}" + | oo_select_keys(groups['oo_masters_to_config'] | difference(groups['oo_first_master'])) + | oo_filter_list(filter_attr='master_certs_missing') }}" sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" openshift_deployment_type: "{{ deployment_type }}" roles: -- cgit v1.2.3