diff options
Diffstat (limited to 'roles')
-rw-r--r-- | roles/etcd_common/defaults/main.yml | 4 | ||||
-rw-r--r-- | roles/etcd_migrate/tasks/migrate.yml | 6 | ||||
-rwxr-xr-x | roles/openshift_facts/library/openshift_facts.py | 4 | ||||
-rw-r--r-- | roles/openshift_logging_fluentd/defaults/main.yml | 1 | ||||
-rw-r--r-- | roles/openshift_logging_fluentd/templates/fluentd.j2 | 12 | ||||
-rw-r--r-- | roles/openshift_service_catalog/vars/openshift-enterprise.yml | 2 |
6 files changed, 24 insertions, 5 deletions
diff --git a/roles/etcd_common/defaults/main.yml b/roles/etcd_common/defaults/main.yml index b5b38c1e1..b1bfa4592 100644 --- a/roles/etcd_common/defaults/main.yml +++ b/roles/etcd_common/defaults/main.yml @@ -44,6 +44,10 @@ etcd_ca_serial: "{{ etcd_ca_dir }}/serial" etcd_ca_crl_number: "{{ etcd_ca_dir }}/crlnumber" etcd_ca_default_days: 1825 +r_etcd_common_master_peer_cert_file: /etc/origin/master/master.etcd-client.crt +r_etcd_common_master_peer_key_file: /etc/origin/master/master.etcd-client.key +r_etcd_common_master_peer_ca_file: /etc/origin/master/master.etcd-ca.crt + # etcd server & certificate vars etcd_hostname: "{{ inventory_hostname }}" etcd_ip: "{{ ansible_default_ipv4.address }}" diff --git a/roles/etcd_migrate/tasks/migrate.yml b/roles/etcd_migrate/tasks/migrate.yml index 7f441568a..4f987a051 100644 --- a/roles/etcd_migrate/tasks/migrate.yml +++ b/roles/etcd_migrate/tasks/migrate.yml @@ -36,9 +36,9 @@ - name: Re-introduce leases (as a replacement for key TTLs) command: > oadm migrate etcd-ttl \ - --cert {{ etcd_peer_cert_file }} \ - --key {{ etcd_peer_key_file }} \ - --cacert {{ etcd_peer_ca_file }} \ + --cert {{ r_etcd_common_master_peer_cert_file }} \ + --key {{ r_etcd_common_master_peer_key_file }} \ + --cacert {{ r_etcd_common_master_peer_ca_file }} \ --etcd-address 'https://{{ etcd_peer }}:{{ etcd_client_port }}' \ --ttl-keys-prefix {{ item }} \ --lease-duration 1h diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 30701a518..c960630ed 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -1657,7 +1657,9 @@ def set_proxy_facts(facts): # at this point common['no_proxy'] is a LIST datastructure. It # may be empty, or it may contain some hostnames or ranges. - # We always add local dns domain and ourselves no matter what + # We always add local dns domain, the service domain, and + # ourselves, no matter what + common['no_proxy'].append('.svc') common['no_proxy'].append('.' + common['dns_domain']) common['no_proxy'].append(common['hostname']) diff --git a/roles/openshift_logging_fluentd/defaults/main.yml b/roles/openshift_logging_fluentd/defaults/main.yml index 228196d74..07f02804b 100644 --- a/roles/openshift_logging_fluentd/defaults/main.yml +++ b/roles/openshift_logging_fluentd/defaults/main.yml @@ -49,6 +49,7 @@ openshift_logging_fluentd_aggregating_strict: "no" openshift_logging_fluentd_aggregating_cert_path: none openshift_logging_fluentd_aggregating_key_path: none openshift_logging_fluentd_aggregating_passphrase: none +openshift_logging_use_mux_client: False ### Deprecating in 3.6 openshift_logging_fluentd_es_copy: false diff --git a/roles/openshift_logging_fluentd/templates/fluentd.j2 b/roles/openshift_logging_fluentd/templates/fluentd.j2 index d9814370f..4b87379f6 100644 --- a/roles/openshift_logging_fluentd/templates/fluentd.j2 +++ b/roles/openshift_logging_fluentd/templates/fluentd.j2 @@ -62,6 +62,11 @@ spec: - name: dockerdaemoncfg mountPath: /etc/docker readOnly: true +{% if openshift_logging_use_mux_client | bool %} + - name: muxcerts + mountPath: /etc/fluent/muxkeys + readOnly: true +{% endif %} env: - name: "K8S_HOST_URL" value: "{{ openshift_logging_fluentd_master_url }}" @@ -107,6 +112,8 @@ spec: resourceFieldRef: containerName: "{{ daemonset_container_name }}" resource: limits.memory + - name: "USE_MUX_CLIENT" + value: "{{ openshift_logging_use_mux_client | default('false') | lower }}" volumes: - name: runlogjournal hostPath: @@ -135,3 +142,8 @@ spec: - name: dockerdaemoncfg hostPath: path: /etc/docker +{% if openshift_logging_use_mux_client | bool %} + - name: muxcerts + secret: + secretName: logging-mux +{% endif %} diff --git a/roles/openshift_service_catalog/vars/openshift-enterprise.yml b/roles/openshift_service_catalog/vars/openshift-enterprise.yml index 3a96ff76c..4df60e9a8 100644 --- a/roles/openshift_service_catalog/vars/openshift-enterprise.yml +++ b/roles/openshift_service_catalog/vars/openshift-enterprise.yml @@ -1,3 +1,3 @@ --- __openshift_service_catalog_image_prefix: "registry.access.redhat.com/openshift3/ose-" -__openshift_service_catalog_image_version: "3.6.0" +__openshift_service_catalog_image_version: "v3.6" |