| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Set up NetworkManager automatically
This removes the extra step of running the
`openshift-ansible/playbooks/byo/openshift-node/network_manager.yml`
before installing openshift. In addition, the playbook relies on a
host group that the provisioning doesn't provide (oo_all_hosts).
Instead, we set up NetworkManager on CentOS nodes automatically. And
we restart it on RHEL (which is necessary for the nodes to pick up the
new DNS we configured the subnet with).
This makes the provisioning easier and more resilient.
* Apply the node-network-manager role to every node
It makes the code simpler and more consistent across distros.
|
|\
| |
| | |
Replace greaterthan and equalto in openstack-stack
|
| |
| |
| |
| |
| |
| | |
These two Jinja filters were added in 2.8 which is notably not packaged in
CentOS and RHEL. This removes them in favour of the `==` and `>` operators
which are available in Jinja 2.7.
|
| | |
|
|/
|
|
|
|
|
|
| |
* Refactor gcloud.sh script for DRY
Introduce run_playbook() fn so the rest of the script can be simplified.
* Move OCP variables to one place
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Switch the sample inventory to CentOS
This changes the image name and deployment types to use centos instead
of rhel and sets `rhsm_register` to false.
With these changes, the inventory should be immediately deployable
using the default values (assuming the image, network and flavor names
match).
Ideally, the upstream CI will just end up using this inventory with
little to no changes, too at some point.
* Specify the origin openshift_release
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add defaults values for some openstack vars
Ansible shows errors when the `rhsm_register` and
`openstack_flat_secgrp` values are not present in the inventory even
though they have sensible default values.
This makes them both default to false when they're not specified.
* Comment out the flat security group option in inv
It's no longer required to be there so let's comment it out.
|
|
|
| |
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
provisioning (#518)
* prerequisites.yml: check prerequisites on localhost needed for provisioning
provision.yml: includes prerequisites.yml
* prerequisites: indentation fixed
* prerequisites.yml: used ansible_version variable, openstack modules for ansible
* prerequisites.yml: os_keypair is not suitable for this purpose
* prerequisites.yml: openstack keypair command exchanged for shade
- there is no Ansible module for this now
- os_keypair is not suitable for this purpose
- python-openstackclient dependency is not desirable
|
|\
| |
| | |
setting enabled=yes for heketi
|
| | |
|
|/ |
|
|\
| |
| | |
adding some fixes for annette issues
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| | |
* GCP: Allow for custom VPC subnet
* Couple of cosmetic fixes to the PR #500
* Better description of config value
|
|\ \
| | |
| | | |
Add ISSUE/PR github templates
|
| | |
| | |
| | |
| | | |
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
| | | |
|
|\ \ \
| | | |
| | | | |
Disable swap on nodes
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
Enable dnsmasq or it fails resolving k8s svc
|
| | | | | |
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Manage packages to install/update for openstack provider
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Allow required packages and yum update all steps to be optionally
disabled.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Persist DNS configuration for nodes for openstack provider
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* Firstly, provision a Heat stack with given public resolvers.
* After the DNS node configured as an authoritative server,
switch the Heat stack's Neutron subnet to that resolver
(private_dns_server) the way it to become the first entry pushed
into the hosts /etc/resolv.conf. It will be serving the cluster
domain requests for OpenShift nodes and workloads.
* Drop post-provision /etc/reslov.conf nameserver hacks as not
needed anymore.
* Fix dns floating IPs output and add the priv IPs output as well.
* Update docs, clarify localhost vs servers requirements, add
required Network Manager setup step.
* Use post-provision task names instead of comments.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Use wait_for_connection for the Heat nodes
|
| | | | | | |
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The `wait_for_connection` module is more reliable as it uses Ansible's `ping`
to verify the nodes are really accessible. Using `wait_for` and checking that
port 22 is open runs into the possibility of SSH being up but the public keys
or users not being set up yet (as that's done with cloud-init).
In addition, we were gathering facts before running the wait_for task which
rendered it useless.
|
|/ / / /
| | | |
| | | | |
https://github.com/openshift/openshift-ansible/blob/master/roles/openshift_master_facts/tasks/main.yml#L73
|
| | | |
| | | |
| | | |
| | | | |
Set the mapping method to claim like it is set for the deployment.
Mapping method true is invalid and the ansible playbook will error out.
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
Modify sec groups for provisioned openstack servers
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Drop ingress DNS rules from the common secgrp.
Add an ingress ICMP rule, restricted by the ssh ingress cidr,
to the common secgrp. This allows to ping servers from the
control node (ansible admin node).
Add dns servers into the common secgrp as well.
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
List jinja2 as a dependency in provisioning README
|
| | | | | |
|
| | |/ /
| |/| | |
|
|\ \ \ \
| | | | |
| | | | | |
Put back node/flat secgrp for infra nodes on openstack
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | | |
Partially undo 2028883e936c8a1a0be031a19d531d0804a32b68
to unblock end-to-end deployments
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | /
| | |/
| |/| |
adding missing playbooks
|
| | | |
|
|/ / |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* fix add-node functionality and finalize crs changes
* nfs_host var change
* remove ssh key
* fixing lint issues
* fixing lint issues
|
| |
| |
| |
| |
| |
| | |
* Add ansibledeployocp to support ansible deployment of arm template
* Change to example
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Added ovirt-ansible roles to path for rhv
* Added example playbooks from ovirt-ansible repo
* Fixed yamllint errors
* Automated inventory from gh://ansible/ansible/contrib/inventory
* Better example URL for qcow
* Example ini script to work with dynamic inventory
|
|\ \
| | |
| | | |
Add node_removal_policies variable to openstack provisioning to allow for scaling down
|
| | | |
|