| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
We move them from `playbooks/provisioning/openstack` to
`playbooks/openstack` to mirror `playbooks/aws`.
|
|
This moves all the OpenStack-related code from the -contrib[1] repo
including its git history to openshift-ansible. It will then be moved
around and updated to fit the rest of the project's structure.
[1]: https://github.com/openshift/openshift-ansible-contrib
|
|
|
|
|
|
We'll do it in a separate pull request.
|
|
|
|
* add cas: playbook adding new CAs created
* add CAs: README updated, bug fixes
* README: improvements
* README: minor fixes
* README: removed code snippet
* README: fix
|
|
* Add flannel support
* Document Flannel SDN use case for a separate data network.
* Add post install step for flannel SDN
* Configure iptables rules as described for OCP 3.4 refarch
https://access.redhat.com/documentation/en-us/reference_architectures/2017/html/deploying_red_hat_openshift_container_platform_3.4_on_red_hat_openstack_platform_10/emphasis_manual_deployment_emphasis#run_ansible_installer
* Configure flannel interface options
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* Use os_firewall from galaxy for required flannel rules
For flannel SDN:
* Add openshift-ansible as a galaxy dependency module.
* Use openshift-ansible/roles/os_firewall to apply DNS rules
for flanel SDN.
* Apply the remaining advanced rules with direct
iptables commands as os_firewall do not support advanced rules.
* Persist only iptables rules w/o dynamic KUBe rules. Those are
added runtime and need restoration after reboot or iptables restart.
* Configure and enable the masked iptables service on the app nodes.
Enable it to allow the in-memory rules to be persisted.
Disable firewalld, which is the expected default behavior of the
os_firewall module.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* Allow access from nodes to masters' port 2379 when using flannel
Flannel requires to gather information from etcd to configure and
assign the subnets in the nodes, therefore, allow access from nodes to port 2379/tcp to the master security group.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
A broking change has been introduced in Vagrant 2.0 with this commit:
https://github.com/hashicorp/vagrant/commit/ac75e409a3470897d56a0841a575e981d60e2e3d
The change puts additional quotes around the node labels.
As a fix, use different quoting mechanism for Vagrant >=2.0
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
Updating openshift-ansible.spec file to include files dir
|
|
|
|
Restart all controllers to force reconfiguration during upgrade
|
|
Updating ES proxy image prefix and version to match other components
|
|
Bug 1501768: fix eventrouter nodeSelector padding
|
|
Automatic merge from submit-queue.
Ensure controllerConfig.serviceServingCert is correctly set during upgrade.
A typo was originally introduced in https://github.com/openshift/openshift-ansible/pull/2449 causing an incorrect key to be configured within the master config. This commit ensures that the correct key is set during upgrades.
/cc @dlbewley
https://bugzilla.redhat.com/show_bug.cgi?id=1500981
|
|
Automatic merge from submit-queue.
cri-o: error out when node is a Docker container
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1489555
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
* Added task to stop docker before templating config
* Rearranged storage roles in rhv install
|
|
* hostfile parameter deprecated
* hostfile parameter deprecated
|
|
Automatic merge from submit-queue.
Rewire openshift_template_service_broker_namespaces configurable
@ewolinetz
@bparees
|
|
Automatic merge from submit-queue.
Add ability to set node and master imageConfig to latest
Currently, imageConfig.latest is hard-coded to false.
This commit adds an appropriate boolean to enable
setting to true.
Fixes: https://github.com/openshift/openshift-ansible/issues/1422
|
|
Merge server with nofloating server heat templates
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
|
|
Automatic merge from submit-queue.
Add switch to enable/disable container engine's audit log being stored in elasticsearch
If enabled, tho logs are stored in ES' operations index, accessible only by cluster admins.
|
|
Automatic merge from submit-queue.
Refactor openshift-management entry point
Moves checkpointing steps into path for both full cluster install and individual entry point playbook.
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
ingvagabund/data-migrate-of-embedded-etcd-not-allowed
Automatic merge from submit-queue.
data migration of embedded etcd not allowed
The v2->v3 migration of an embedded etcd is depricated. Instead, one needs to run:
1. `playbooks/byo/openshift-etcd/embedded2external.yml` to migrate the embedded etcd to an external one (see https://github.com/openshift/openshift-ansible/pull/5672)
2. then `playbooks/byo/openshift-etcd/migrate.yml` to migrate the v2 data to v3 data
|
|
* Updating the issue template to be more consistant in format.
* Removing the links and the extra spaces.
* Changed BUG REQUEST to BUG REPORT in the header.
|
|
Fix deploy host setup
|
|
|
|
* Support separate data network for Flannel SDN
Document the use case for a separate flannel data network.
Allow Nova servers for openshift cluster to be provisioned
with that isolated data network created and connected to
masters, computes and infra nodes. Do not configure dns
nameservers and router for that network.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* Fix flannel use cases with provider network
Provider network cannot be used with flannel SDN
as the latter requires a separate isolated network,
while the provider network is an externally managed
single network.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
* Drop unused data_net_name
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
GlusterFS: remove topology reference from deploy-heketi
|
|
|
|
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1489555
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
ingvagabund/set-initial-etcd-cluster-properly-system-container-scale-up
Automatic merge from submit-queue.
Set initial etcd cluster properly during system container scale up
When a cluster is scaled up, the ETCD_INITIAL_CLUSTER must not contain etcd members that are not about to start or are not part of the etcd cluster.
Consolidating `initial_etcd_cluster` and `etcd_initial_cluster` as they do exactly the same.
Bug: 1500667
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
Created by command:
/usr/bin/tito tag --debug --accept-auto-changelog --keep-version --debug
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
