summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/etcd_common/defaults/main.yml4
-rw-r--r--roles/etcd_migrate/tasks/migrate.yml6
-rwxr-xr-xroles/openshift_facts/library/openshift_facts.py4
-rw-r--r--roles/openshift_logging_fluentd/defaults/main.yml1
-rw-r--r--roles/openshift_logging_fluentd/templates/fluentd.j212
-rw-r--r--roles/openshift_service_catalog/vars/openshift-enterprise.yml2
6 files changed, 24 insertions, 5 deletions
diff --git a/roles/etcd_common/defaults/main.yml b/roles/etcd_common/defaults/main.yml
index b5b38c1e1..b1bfa4592 100644
--- a/roles/etcd_common/defaults/main.yml
+++ b/roles/etcd_common/defaults/main.yml
@@ -44,6 +44,10 @@ etcd_ca_serial: "{{ etcd_ca_dir }}/serial"
etcd_ca_crl_number: "{{ etcd_ca_dir }}/crlnumber"
etcd_ca_default_days: 1825
+r_etcd_common_master_peer_cert_file: /etc/origin/master/master.etcd-client.crt
+r_etcd_common_master_peer_key_file: /etc/origin/master/master.etcd-client.key
+r_etcd_common_master_peer_ca_file: /etc/origin/master/master.etcd-ca.crt
+
# etcd server & certificate vars
etcd_hostname: "{{ inventory_hostname }}"
etcd_ip: "{{ ansible_default_ipv4.address }}"
diff --git a/roles/etcd_migrate/tasks/migrate.yml b/roles/etcd_migrate/tasks/migrate.yml
index 7f441568a..4f987a051 100644
--- a/roles/etcd_migrate/tasks/migrate.yml
+++ b/roles/etcd_migrate/tasks/migrate.yml
@@ -36,9 +36,9 @@
- name: Re-introduce leases (as a replacement for key TTLs)
command: >
oadm migrate etcd-ttl \
- --cert {{ etcd_peer_cert_file }} \
- --key {{ etcd_peer_key_file }} \
- --cacert {{ etcd_peer_ca_file }} \
+ --cert {{ r_etcd_common_master_peer_cert_file }} \
+ --key {{ r_etcd_common_master_peer_key_file }} \
+ --cacert {{ r_etcd_common_master_peer_ca_file }} \
--etcd-address 'https://{{ etcd_peer }}:{{ etcd_client_port }}' \
--ttl-keys-prefix {{ item }} \
--lease-duration 1h
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index 30701a518..c960630ed 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -1657,7 +1657,9 @@ def set_proxy_facts(facts):
# at this point common['no_proxy'] is a LIST datastructure. It
# may be empty, or it may contain some hostnames or ranges.
- # We always add local dns domain and ourselves no matter what
+ # We always add local dns domain, the service domain, and
+ # ourselves, no matter what
+ common['no_proxy'].append('.svc')
common['no_proxy'].append('.' + common['dns_domain'])
common['no_proxy'].append(common['hostname'])
diff --git a/roles/openshift_logging_fluentd/defaults/main.yml b/roles/openshift_logging_fluentd/defaults/main.yml
index 228196d74..07f02804b 100644
--- a/roles/openshift_logging_fluentd/defaults/main.yml
+++ b/roles/openshift_logging_fluentd/defaults/main.yml
@@ -49,6 +49,7 @@ openshift_logging_fluentd_aggregating_strict: "no"
openshift_logging_fluentd_aggregating_cert_path: none
openshift_logging_fluentd_aggregating_key_path: none
openshift_logging_fluentd_aggregating_passphrase: none
+openshift_logging_use_mux_client: False
### Deprecating in 3.6
openshift_logging_fluentd_es_copy: false
diff --git a/roles/openshift_logging_fluentd/templates/fluentd.j2 b/roles/openshift_logging_fluentd/templates/fluentd.j2
index d9814370f..4b87379f6 100644
--- a/roles/openshift_logging_fluentd/templates/fluentd.j2
+++ b/roles/openshift_logging_fluentd/templates/fluentd.j2
@@ -62,6 +62,11 @@ spec:
- name: dockerdaemoncfg
mountPath: /etc/docker
readOnly: true
+{% if openshift_logging_use_mux_client | bool %}
+ - name: muxcerts
+ mountPath: /etc/fluent/muxkeys
+ readOnly: true
+{% endif %}
env:
- name: "K8S_HOST_URL"
value: "{{ openshift_logging_fluentd_master_url }}"
@@ -107,6 +112,8 @@ spec:
resourceFieldRef:
containerName: "{{ daemonset_container_name }}"
resource: limits.memory
+ - name: "USE_MUX_CLIENT"
+ value: "{{ openshift_logging_use_mux_client | default('false') | lower }}"
volumes:
- name: runlogjournal
hostPath:
@@ -135,3 +142,8 @@ spec:
- name: dockerdaemoncfg
hostPath:
path: /etc/docker
+{% if openshift_logging_use_mux_client | bool %}
+ - name: muxcerts
+ secret:
+ secretName: logging-mux
+{% endif %}
diff --git a/roles/openshift_service_catalog/vars/openshift-enterprise.yml b/roles/openshift_service_catalog/vars/openshift-enterprise.yml
index 3a96ff76c..4df60e9a8 100644
--- a/roles/openshift_service_catalog/vars/openshift-enterprise.yml
+++ b/roles/openshift_service_catalog/vars/openshift-enterprise.yml
@@ -1,3 +1,3 @@
---
__openshift_service_catalog_image_prefix: "registry.access.redhat.com/openshift3/ose-"
-__openshift_service_catalog_image_version: "3.6.0"
+__openshift_service_catalog_image_version: "v3.6"