summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDevan Goodwin <dgoodwin@redhat.com>2016-04-11 09:34:15 -0300
committerDevan Goodwin <dgoodwin@redhat.com>2016-04-12 16:08:52 -0300
commit79984668190f25310d907fb175f82c875387d30b (patch)
treeac1b04cbae44f8d1333d805b164694a1502918ba
parent51e390459d7eda90c44d9ffd7f1199a3590beac1 (diff)
downloadopenshift-79984668190f25310d907fb175f82c875387d30b.tar.gz
openshift-79984668190f25310d907fb175f82c875387d30b.tar.bz2
openshift-79984668190f25310d907fb175f82c875387d30b.tar.xz
openshift-79984668190f25310d907fb175f82c875387d30b.zip
Support setting imagePolicyConfig JSON in inventory.
For flexibility this is another pure JSON field to translate directly to yaml in the master config. Also updated to more safely handle JSON inventory variables as this uncovered a bug with booleans where you end up with a string containing json in your yaml.
-rw-r--r--inventory/byo/hosts.aep.example4
-rw-r--r--inventory/byo/hosts.origin.example4
-rw-r--r--inventory/byo/hosts.ose.example4
-rwxr-xr-xroles/openshift_facts/library/openshift_facts.py16
-rw-r--r--roles/openshift_master/templates/master.yaml.v1.j23
-rw-r--r--roles/openshift_master_facts/tasks/main.yml1
6 files changed, 27 insertions, 5 deletions
diff --git a/inventory/byo/hosts.aep.example b/inventory/byo/hosts.aep.example
index 43b646c93..bedaffbdc 100644
--- a/inventory/byo/hosts.aep.example
+++ b/inventory/byo/hosts.aep.example
@@ -58,6 +58,10 @@ deployment_type=atomic-enterprise
# See: https://docs.openshift.com/enterprise/latest/install_config/aggregate_logging.html
#openshift_master_logging_public_url=https://kibana.example.com
+# Configure imagePolicyConfig in the master config
+# See: https://godoc.org/github.com/openshift/origin/pkg/cmd/server/api#ImagePolicyConfig
+#openshift_master_image_policy_config={"maxImagesBulkImportedPerRepository": 3, "disableScheduledImport": true}
+
# Docker Configuration
# Add additional, insecure, and blocked registries to global docker configuration
# For enterprise deployment types we ensure that registry.access.redhat.com is
diff --git a/inventory/byo/hosts.origin.example b/inventory/byo/hosts.origin.example
index 8b8dbade0..3ecf898fb 100644
--- a/inventory/byo/hosts.origin.example
+++ b/inventory/byo/hosts.origin.example
@@ -59,6 +59,10 @@ deployment_type=origin
# See: https://docs.openshift.org/latest/install_config/aggregate_logging.html
#openshift_master_logging_public_url=https://kibana.example.com
+# Configure imagePolicyConfig in the master config
+# See: https://godoc.org/github.com/openshift/origin/pkg/cmd/server/api#ImagePolicyConfig
+#openshift_master_image_policy_config={"maxImagesBulkImportedPerRepository": 3, "disableScheduledImport": true}
+
# Docker Configuration
# Add additional, insecure, and blocked registries to global docker configuration
# For enterprise deployment types we ensure that registry.access.redhat.com is
diff --git a/inventory/byo/hosts.ose.example b/inventory/byo/hosts.ose.example
index 4c6aae0bd..126d44487 100644
--- a/inventory/byo/hosts.ose.example
+++ b/inventory/byo/hosts.ose.example
@@ -57,6 +57,10 @@ deployment_type=openshift-enterprise
# Configure loggingPublicURL in the master config for aggregate logging
# See: https://docs.openshift.com/enterprise/latest/install_config/aggregate_logging.html
#openshift_master_logging_public_url=https://kibana.example.com
+#
+# Configure imagePolicyConfig in the master config
+# See: https://godoc.org/github.com/openshift/origin/pkg/cmd/server/api#ImagePolicyConfig
+#openshift_master_image_policy_config={"maxImagesBulkImportedPerRepository": 3, "disableScheduledImport": true}
# Docker Configuration
# Add additional, insecure, and blocked registries to global docker configuration
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index 32e608e86..4313790bf 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -1142,17 +1142,23 @@ def merge_facts(orig, new, additive_facts_to_overwrite, protected_facts_to_overw
protected_facts = ['ha', 'master_count']
# Facts we do not ever want to merge. These originate in inventory variables
- # and typically contain JSON dicts. We don't ever want to trigger a merge
+ # and contain JSON dicts. We don't ever want to trigger a merge
# here, just completely overwrite with the new if they are present there.
- overwrite_facts = ['admission_plugin_config',
- 'kube_admission_plugin_config']
+ inventory_json_facts = ['admission_plugin_config',
+ 'kube_admission_plugin_config',
+ 'image_policy_config']
facts = dict()
for key, value in orig.iteritems():
# Key exists in both old and new facts.
if key in new:
- if key in overwrite_facts:
- facts[key] = copy.deepcopy(new[key])
+ if key in inventory_json_facts:
+ # Watchout for JSON facts that sometimes load as strings.
+ # (can happen if the JSON contains a boolean)
+ if isinstance(new[key], str):
+ facts[key] = yaml.safe_load(new[key])
+ else:
+ facts[key] = copy.deepcopy(new[key])
# Continue to recurse if old and new fact is a dictionary.
elif isinstance(value, dict) and isinstance(new[key], dict):
# Collect the subset of additive facts to overwrite if
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index e89fdc0ce..1009aa318 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -89,6 +89,9 @@ etcdStorageConfig:
imageConfig:
format: {{ openshift.master.registry_url }}
latest: false
+{% if 'image_policy_config' in openshift.master %}
+imagePolicyConfig:{{ openshift.master.image_policy_config | to_padded_yaml(level=1) }}
+{% endif %}
kind: MasterConfig
kubeletClientInfo:
{# TODO: allow user specified kubelet port #}
diff --git a/roles/openshift_master_facts/tasks/main.yml b/roles/openshift_master_facts/tasks/main.yml
index f43b8c59d..4d7c04065 100644
--- a/roles/openshift_master_facts/tasks/main.yml
+++ b/roles/openshift_master_facts/tasks/main.yml
@@ -72,3 +72,4 @@
oauth_template: "{{ openshift_master_oauth_template | default(None) }}" # deprecated in origin 1.2 / OSE 3.2
oauth_templates: "{{ openshift_master_oauth_templates | default(None) }}"
oauth_always_show_provider_selection: "{{ openshift_master_oauth_always_show_provider_selection | default(None) }}"
+ image_policy_config: "{{ openshift_master_image_policy_config | default(None) }}"