From 17c6b4c5da76ecff6f8c68254ab6424d0d9a736e Mon Sep 17 00:00:00 2001 From: Jhon Honce Date: Fri, 12 Jun 2015 11:19:29 -0700 Subject: Infrastructure - Set OpenShift Registry * TODO: update to secure when 'add volume' feature available in origin --- roles/openshift_node/tasks/main.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'roles') diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index c5202650f..7dd76e0b8 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -56,6 +56,17 @@ notify: - restart openshift-node +- stat: path=/etc/sysconfig/docker + register: docker_check + + # TODO: Enable secure registry when code available in origin +- name: Secure OpenShift Registry + lineinfile: + dest: /etc/sysconfig/docker + regexp: '^OPTIONS=.*' + line: "OPTIONS='--insecure-registry=172.30.0.0/16 --selinux-enabled'" + when: docker_check.stat.isreg + - name: Allow NFS access for VMs seboolean: name=virt_use_nfs state=yes persistent=yes -- cgit v1.2.3 From ccf7dfedb636c2fc7392f1c2ec1f1d06f0d0c5b5 Mon Sep 17 00:00:00 2001 From: Jhon Honce Date: Fri, 12 Jun 2015 13:43:46 -0700 Subject: * Make portal_net configurable when wetting up the nodes OpenShift Registry --- roles/openshift_facts/library/openshift_facts.py | 2 +- roles/openshift_node/tasks/main.yml | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) (limited to 'roles') diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index e4d3bf26f..cb67a13de 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -705,7 +705,7 @@ class OpenShiftFacts(object): defaults['master'] = master if 'node' in roles: - node = dict(pod_cidr='', labels={}, annotations={}) + node = dict(pod_cidr='', labels={}, annotations={}, portal_net='172.30.0.0/16') node['resources_cpu'] = self.system_facts['processor_cores'] node['resources_memory'] = int( int(self.system_facts['memtotal_mb']) * 1024 * 1024 * 0.75 diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 7dd76e0b8..15d18f510 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -20,6 +20,7 @@ annotations: "{{ openshift_node_annotations | default(none) }}" registry_url: "{{ oreg_url | default(none) }}" debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}" + portal_net: "{{ openshift_master_portal_net | default(None) }}" - name: Install OpenShift Node package yum: pkg=openshift-node state=present @@ -64,7 +65,7 @@ lineinfile: dest: /etc/sysconfig/docker regexp: '^OPTIONS=.*' - line: "OPTIONS='--insecure-registry=172.30.0.0/16 --selinux-enabled'" + line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} --selinux-enabled'" when: docker_check.stat.isreg - name: Allow NFS access for VMs -- cgit v1.2.3