| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Also convert openshift_image_tag to and rpm versions for masters.
|
|\
| |
| | |
Add support for creating secure router
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Move openshift_router to openshift_hosted role which will eventually
contain registry, metrics and logging.
* Adds option for specifying an openshift_hosted_router_certificate
cert and key pair.
* Removes dependency on node label variables and retrieves the node
list from the API s.t. this role can be applied to any cluster with
existing nodes. I've added an openshift_hosted playbook that occurs
after node install to account for this.
* Infrastructure nodes are selected using
openshift_hosted_router_selector which is based on deployment type
by default; openshift-enterprise -> "region=infra" and online ->
"type=infra".
|
| | |
|
|\ \
| |/
|/| |
Fix a docker-storage sysconfig bug.
|
|/ |
|
|\
| |
| | |
update bootstrap-fedora to include python2-firewall for F24+
|
|/
|
|
| |
Signed-off-by: Adam Miller <maxamillion@fedoraproject.org>
|
|\
| |
| | |
Fix hosted facts
|
| | |
|
| | |
|
| | |
|
|\ \
| |/
|/| |
a-o-i: Support openshift_image_tag
|
| |
| |
| |
| |
| |
| | |
Somewhat hacky solution to let users install containerized 3.1.
A more flexible version will be forthcoming once we settle tagging
issues.
|
|\ \
| | |
| | | |
Bug 1324729 - Import xPaas image streams failed during 3.2 installation
|
| | | |
|
|\ \ \
| |/ /
|/| | |
Test docker_version_result.stdout when determining if docker should be installed/downgraded.
|
| | |
| | |
| | |
| | | |
installed/downgraded.
|
| | | |
|
|\ \ \
| | | |
| | | | |
oadm_router first attempt.
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
Bug 1324371: needn't install atomic-openshift packages on nfs server
|
| | |_|/
| |/| | |
|
|\ \ \ \
| | | | |
| | | | | |
Add cloudprovider config dir to docker options.
|
| | |_|/
| |/| | |
|
|\ \ \ \
| | | | |
| | | | | |
Check for kind in cloudprovider facts prior to accessing.
|
| | | | | |
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Add support for templating master admissionConfig.
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Allow users who wish to deploy configs with ansible to define templates for
oauth screens, and control the alwaysShowProviderSelection setting.
There are currently three supported oauth templates, and we have a pre-existing
'oauth_template' variable, but it is assumed to mean you are controlling the
'login' screen, and this is the only one you can configure.
To work around this, supporting all current and future templates, introduce a
pluralized variable 'oauth_templates', which contains a JSON dict allowing the
admin to control any template they wish. If both new and old variables are
defined, the old one is ignored. (and can be considered deprecated)
Internally the old value will be converted to the new dict, so the template
just references one value.
Example:
openshift_master_oauth_always_show_provider_selection=true
openshift_master_oauth_templates={"providerSelection": "provider-selection.html", "error": "oauth-error.html"}
Yeilds:
oauthConfig:
alwaysShowProviderSelection: true
templates:
error: oauth-error.html
providerSelection: provider-selection.html
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Adds four new inventory variables for setting sections in "admissionConfig" and
"kubernetesMasterConfig.admissionConfig".
openshift_master_admission_plugin_order allows configuring the list of origin
admission controller plugins to enable and what order to run them in. This must
be a JSON formatted list of strings:
openshift_master_admission_plugin_order=["RunOnceDuration", "NamespaceLifecycle", "OriginPodNodeEnvironment", "ClusterResourceOverride", "LimitRanger", "ServiceAccount", "SecurityContextConstraint", "ResourceQuota", "SCCExecRestrictions"]
openshift_master_kube_admission_plugin_order is identical but for the
kubernetes admission controller plugins which appear beneath
kubernetesMasterConfig.
openshift_master_admission_plugin_config allows setting free-form configuration
stanzas that match up with enabled admission controller plugins. This must be a
JSON formatted hash:
openshift_master_admission_plugin_config={"RunOnceDuration":{"configuration":{"apiVersion":"v1","kind":"RunOnceDurationConfig","activeDeadlineSecondsOverride":3600}},"ClusterResourceOverride":{"configuration":{"apiVersion":"v1","kind":"ClusterResourceOverrideConfig","limitCPUToMemoryPercent":200,"cpuRequestToLimitPercent":6,"memoryRequestToLimitPercent":60}}}
openshift_master_kube_admission_plugin_config is the equivalent for kubernetes
admission controller plugins.
Contains a change to merge_facts to fix issues with modifying inventory
variables that contain JSON dicts. If you modified a previously set variable,
the result would be a merge of old and new, which is completely wrong in this
case. Addded new overwrite_facts to shortcut to just taking the new values.
This differs from the pre-existing concept of "protected" in that we're not
protecting an old value, we're trashing it and taking the new.
|
| | | | | | |
|
|\ \ \ \ \ \
| |_|_|_|/ /
|/| | | | | |
Replace unused Dockerfile with one used for official builds.
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
A container that can be used to run the atomic-openshift-installer, or
by bypassing the entrypoint can be used to run ansible playbooks
directly.
Expects the user to mount a directory to /var/lib/openshift, where we'll
write out the installer.cfg, ansible.log, and hosts inventory.
WARNING: Don't run this on a host you're installing to, installation
restarts Docker which will kill your installer.
Example of running the quick installer:
docker run -ti -v ~/openshift/:/var/lib/openshift-installer/:Z -v ~/.ssh:/root/.ssh:Z openshift3/installer install
Example of running ansible directly:
docker run --entrypoint=/usr/bin/ansible-playbook -ti -v ~/openshift/:/var/lib/openshift-installer/:Z -v ~/.ssh:/root/.ssh:Z openshift3/installer -i /openshift-installer/install/.ansible/hosts /usr/share/ansible/openshift-ansible/playbooks/adhoc/uninstall.yml
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Adding refresh for zbx_user.
|
| | | | | | |
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Docker 1.9 is actually cool starting in origin 1.1.4
|
| | |_|_|/ /
| |/| | | | |
|
|\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
Unmask services
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | | |
Unmasking etcd is is important when switching from containerized installs to
RPM installs
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Fixing bugs 1322788 and 1323123
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
and atomic-openshift-master-controllers
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
ose3.2 repo
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
XPAAS v1.3 content
|
| | | | | | | |
|
| |/ / / / / |
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Add --gen-inventory command to atomic-openshift-installer.
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
With the addition of a --gen-inventory flag and always displaying the location
of the inventory written to disk, we should write the hosts file to a more
prominent location rather than a hidden directory.
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
This will just generate the Ansible inventory once all information is gathered,
inform the user where to find it, and exit.
Includes some test utility updates to make what broke as a result of this
change less fragile.
|
| | | | | | | |
|