From 4712e72c912a1102bff0508c98bd97da3f33ae95 Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Mon, 23 Mar 2015 23:53:17 -0400
Subject: openshift_facts role/module refactor default settings

- Add openshift_facts role and module
  - Created new role openshift_facts that contains an openshift_facts module
  - Refactor openshift_* roles to use openshift_facts instead of relying on
    defaults
  - Refactor playbooks to use openshift_facts
  - Cleanup inventory group_vars

- Update defaults
  - update openshift_master role firewall defaults
    - remove etcd peer port, since we will not be supporting clustered embedded
      etcd
    - remove 8444 since console now runs on the api port by default
    - add 8444 and 7001 to disabled services to ensure removal if updating

- Add new role os_env_extras_node that is a subset of the docker role
  - previously, we were starting/enabling docker which was causing issues with some
  installations
  - Does not install or start docker, since the openshift-node role will
    handle that for us
  - Only adds root to the dockerroot group
  - Update playbooks to use ops_env_extras_node role instead of docker role

- os_firewall bug fixes
  - ignore ip6tables for now, since we are not configuring any ipv6 rules
  - if installing package do a daemon-reload before starting/enabling service

- Add aws support to bin/cluster

- Add list action to bin/cluster

- Add update action to bin/cluster

- cleanup some stray debug statements

- some variable renaming for clarity
---
 roles/openshift_common/vars/main.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'roles/openshift_common/vars')

diff --git a/roles/openshift_common/vars/main.yml b/roles/openshift_common/vars/main.yml
index 623aed9bf..50816d319 100644
--- a/roles/openshift_common/vars/main.yml
+++ b/roles/openshift_common/vars/main.yml
@@ -1,6 +1,7 @@
 ---
-openshift_master_credentials_dir: /var/lib/openshift/openshift.local.certificates/admin/
-
 # TODO: Upstream kubernetes only supports iptables currently, if this changes,
 # then these variable should be moved to defaults
+# TODO: it might be possible to still use firewalld if we wire up the created
+# chains with the public zone (or the zone associated with the correct
+# interfaces)
 os_firewall_use_firewalld: False
-- 
cgit v1.2.3