summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/docker/tasks/main.yml2
-rwxr-xr-xroles/openshift_facts/library/openshift_facts.py2
-rw-r--r--roles/openshift_hosted_metrics/tasks/install.yml2
-rw-r--r--roles/openshift_master/templates/atomic-openshift-master.j22
-rw-r--r--roles/openshift_master/templates/master.yaml.v1.j24
-rw-r--r--roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j22
-rw-r--r--roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j22
-rw-r--r--roles/openshift_master_facts/tasks/main.yml5
-rw-r--r--roles/openshift_node/tasks/systemd_units.yml2
-rw-r--r--roles/os_firewall/tasks/firewall/firewalld.yml5
-rw-r--r--roles/os_firewall/tasks/firewall/iptables.yml5
11 files changed, 21 insertions, 12 deletions
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index 66c9cfa0f..c34700aeb 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -85,7 +85,7 @@
- reg_conf_var: HTTPS_PROXY
reg_fact_val: "{{ docker_https_proxy | default('') }}"
- reg_conf_var: NO_PROXY
- reg_fact_val: "{{ docker_no_proxy | default('') | join(',') }}"
+ reg_fact_val: "{{ docker_no_proxy | default('') }}"
notify:
- restart docker
when:
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index 78886dcea..5ca8879b3 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -1641,7 +1641,7 @@ def set_proxy_facts(facts):
# We always add local dns domain and ourselves no matter what
common['no_proxy'].append('.' + common['dns_domain'])
common['no_proxy'].append(common['hostname'])
- common['no_proxy'] = sort_unique(common['no_proxy'])
+ common['no_proxy'] = ','.join(sort_unique(common['no_proxy']))
facts['common'] = common
return facts
diff --git a/roles/openshift_hosted_metrics/tasks/install.yml b/roles/openshift_hosted_metrics/tasks/install.yml
index 2c839996e..6a442cefc 100644
--- a/roles/openshift_hosted_metrics/tasks/install.yml
+++ b/roles/openshift_hosted_metrics/tasks/install.yml
@@ -128,5 +128,5 @@
modify_yaml:
dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
yaml_key: assetConfig.metricsPublicURL
- yaml_value: "{{ openshift_hosted_metrics_public_url }}"
+ yaml_value: "{{ openshift_hosted_metrics_deploy_url }}"
notify: restart master
diff --git a/roles/openshift_master/templates/atomic-openshift-master.j2 b/roles/openshift_master/templates/atomic-openshift-master.j2
index 7aea89578..6e2439fd9 100644
--- a/roles/openshift_master/templates/atomic-openshift-master.j2
+++ b/roles/openshift_master/templates/atomic-openshift-master.j2
@@ -29,7 +29,7 @@ HTTP_PROXY={{ openshift.common.http_proxy | default('') }}
HTTPS_PROXY={{ openshift.common.https_proxy | default('')}}
{% endif %}
{% if 'no_proxy' in openshift.common %}
-NO_PROXY={{ openshift.common.no_proxy | default('') | join(',') }},{{ openshift.common.portal_net }},{{ openshift.master.sdn_cluster_network_cidr }}
+NO_PROXY={{ openshift.common.no_proxy | default('') }},{{ openshift.common.portal_net }},{{ openshift.master.sdn_cluster_network_cidr }}
{% endif %}
{% if not ('https_proxy' in openshift.common or 'https_proxy' in openshift.common or 'no_proxy' in openshift.common) %}
{% for item in master_proxy %}
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index fcb8125e9..cf7ceacff 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -15,8 +15,8 @@ assetConfig:
{% if 'logging_public_url' in openshift.master %}
loggingPublicURL: {{ openshift.master.logging_public_url }}
{% endif %}
-{% if openshift_hosted_metrics_deploy | default(false) | bool %}
- metricsPublicURL: {{ openshift_hosted_metrics_public_url }}
+{% if openshift_hosted_metrics_deploy_url is defined %}
+ metricsPublicURL: {{ openshift_hosted_metrics_deploy_url }}
{% endif %}
{% if 'extension_scripts' in openshift.master %}
extensionScripts: {{ openshift.master.extension_scripts | to_padded_yaml(1, 2) }}
diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2
index 43fb3cafa..c484d23cc 100644
--- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2
+++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2
@@ -24,5 +24,5 @@ HTTP_PROXY={{ openshift.common.http_proxy | default('') }}
HTTPS_PROXY={{ openshift.common.https_proxy | default('')}}
{% endif %}
{% if 'no_proxy' in openshift.common %}
-NO_PROXY={{ openshift.common.no_proxy | default('') | join(',') }},{{ openshift.common.portal_net }},{{ openshift.master.sdn_cluster_network_cidr }}
+NO_PROXY={{ openshift.common.no_proxy | default('') }},{{ openshift.common.portal_net }},{{ openshift.master.sdn_cluster_network_cidr }}
{% endif %}
diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2
index 6d26a69eb..e0adbbf52 100644
--- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2
+++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2
@@ -24,5 +24,5 @@ HTTP_PROXY={{ openshift.common.http_proxy | default('') }}
HTTPS_PROXY={{ openshift.common.https_proxy | default('')}}
{% endif %}
{% if 'no_proxy' in openshift.common %}
-NO_PROXY={{ openshift.common.no_proxy | default('') | join(',') }},{{ openshift.common.portal_net }},{{ openshift.master.sdn_cluster_network_cidr }}
+NO_PROXY={{ openshift.common.no_proxy | default('') }},{{ openshift.common.portal_net }},{{ openshift.master.sdn_cluster_network_cidr }}
{% endif %}
diff --git a/roles/openshift_master_facts/tasks/main.yml b/roles/openshift_master_facts/tasks/main.yml
index 0dba4b3ba..74885d713 100644
--- a/roles/openshift_master_facts/tasks/main.yml
+++ b/roles/openshift_master_facts/tasks/main.yml
@@ -21,11 +21,10 @@
g_metrics_hostname: "{{ openshift_hosted_metrics_public_url
| default('hawkular-metrics.' ~ (openshift_master_default_subdomain))
| oo_hostname_from_url }}"
- when: openshift_hosted_metrics_deploy | default(false) | bool
- set_fact:
- openshift_hosted_metrics_public_url: "https://{{ g_metrics_hostname }}/hawkular/metrics"
- when: openshift_hosted_metrics_deploy | default(false) | bool
+ openshift_hosted_metrics_deploy_url: "https://{{ g_metrics_hostname }}/hawkular/metrics"
+ when: (openshift_hosted_metrics_deploy | default(false) | bool) or (openshift_hosted_metrics_public_url is defined)
- name: Set master facts
openshift_facts:
diff --git a/roles/openshift_node/tasks/systemd_units.yml b/roles/openshift_node/tasks/systemd_units.yml
index 626c47387..5243a87fe 100644
--- a/roles/openshift_node/tasks/systemd_units.yml
+++ b/roles/openshift_node/tasks/systemd_units.yml
@@ -90,7 +90,7 @@
- regex: '^HTTPS_PROXY='
line: "HTTPS_PROXY={{ openshift.common.https_proxy | default('') }}"
- regex: '^NO_PROXY='
- line: "NO_PROXY={{ openshift.common.no_proxy | default([]) | join(',') }},{{ openshift.common.portal_net }},{{ hostvars[groups.oo_first_master.0].openshift.master.sdn_cluster_network_cidr }}"
+ line: "NO_PROXY={{ openshift.common.no_proxy | default([]) }},{{ openshift.common.portal_net }},{{ hostvars[groups.oo_first_master.0].openshift.master.sdn_cluster_network_cidr }}"
when: ('http_proxy' in openshift.common and openshift.common.http_proxy != '')
notify:
- restart node
diff --git a/roles/os_firewall/tasks/firewall/firewalld.yml b/roles/os_firewall/tasks/firewall/firewalld.yml
index c4db197ca..a9a69f73c 100644
--- a/roles/os_firewall/tasks/firewall/firewalld.yml
+++ b/roles/os_firewall/tasks/firewall/firewalld.yml
@@ -16,6 +16,11 @@
register: task_result
failed_when: "task_result|failed and 'could not' not in task_result.msg|lower"
+- name: Wait 10 seconds after disabling iptables
+ pause:
+ seconds: 10
+ when: task_result | changed
+
- name: Start and enable firewalld service
systemd:
name: firewalld
diff --git a/roles/os_firewall/tasks/firewall/iptables.yml b/roles/os_firewall/tasks/firewall/iptables.yml
index 930b32cf2..38ea2477c 100644
--- a/roles/os_firewall/tasks/firewall/iptables.yml
+++ b/roles/os_firewall/tasks/firewall/iptables.yml
@@ -9,6 +9,11 @@
register: task_result
failed_when: "task_result|failed and 'could not' not in task_result.msg|lower"
+- name: Wait 10 seconds after disabling firewalld
+ pause:
+ seconds: 10
+ when: task_result | changed
+
- name: Install iptables packages
package: name={{ item }} state=present
with_items: