summaryrefslogtreecommitdiffstats
path: root/playbooks/openshift-node
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #6926 from abutcher/etcd-ca-hostScott Dodson2018-02-081-1/+0
|\ | | | | Determine which host is the etcd CA host
| * Determine which etcd host is the etcd_ca_host rather than assume it is the ↵Andrew Butcher2018-02-011-1/+0
| | | | | | | | first host in the etcd host group.
* | Add base package installation to upgrade playbooksRussell Teague2018-02-071-0/+1
| | | | | | | | | | | | | | | | Hosts will need python ipaddress module installed if it was not installed during initial installation. Bug 1540537 https://bugzilla.redhat.com/show_bug.cgi?id=1540537
* | Don't restart docker when re-deploying node certificatesScott Dodson2018-01-242-0/+3
|/ | | | Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1537726
* Fix master scaleup playMichael Gugino2018-01-191-0/+8
| | | | | | | Allow playbooks/openshift-master/scaleup.yml to call prerequisites.yml at the proper time. Related-to: https://github.com/openshift/openshift-ansible/pull/6784
* Fix node scaleup playsMichael Gugino2018-01-181-3/+13
| | | | | | | | Currently, users have no way to run preqrequisites.yml on just newly added nodes during scaleup. This commit ensures only the new nodes are changed during scaleup as well as ensure prerequisites are run.
* Remove become statementsMichael Gugino2018-01-092-2/+0
| | | | | This commit removes become:no statements that break the installer in various ways.
* Merge pull request #6549 from mgugino-upstream-stage/node-meta-depends2OpenShift Merge Robot2018-01-082-0/+2
|\ | | | | | | | | | | | | | | Automatic merge from submit-queue. Remove last of openshift_node role meta-depends Remove last non-taskless meta-depends from openshift_node role.
| * Remove last of openshift_node role meta-dependsMichael Gugino2018-01-022-0/+2
| | | | | | | | | | | | | | | | Remove last non-taskless meta-depends from openshift_node role. Remove variable 'openshift_node_upgrade_in_progress' as it is no longer used.
* | Contiv multi-master and other fixesNick Bartos2018-01-081-3/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Contiv's etcd was not being deployed correctly when using more than one master. To make it easier to manage, it has been moved into a k8s container. The api proxy was hardcoded to an old version (1.1.1), and in some environments would run into a docker error. This has been moved into a k8s container for easier management. The firewall was too permissive on several ports. Many were open to the world when they should have only been accessible inside the cluster. Many of the contiv role variables were not prefixed with 'contiv', which may end up clobbering variables from another role. Now all the contiv specific role variables start with 'contiv_'. The api proxy's default self-signed certificate was bundled with the role. This means someone with read-only MITM access and this key could decrypt traffic. Granted a user defined certificate from a trusted CA should be used in a production environment, it is still better to generate one in each environment when one is not provided.
* | Migrate to import_role for static role inclusionScott Dodson2018-01-052-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In Ansible 2.2, the include_role directive came into existence as a Tech Preview. It is still a Tech Preview through Ansible 2.4 (and in current devel branch), but with a noteable change. The default behavior switched from static: true to static: false because that functionality moved to the newly introduced import_role directive (in order to stay consistent with include* being dynamic in nature and `import* being static in nature). The dynamic include is considerably more memory intensive as it will dynamically create a role import for every host in the inventory list to be used. (Also worth noting, there is at the time of this writing an object allocation inefficiency in the dynamic include that can in certain situations amplify this effect considerably) This change is meant to mitigate the pressure on memory for the Ansible control host. We need to evaluate where it makes sense to dynamically include roles and revert back to dynamic inclusion if and where it makes sense to do so.
* | Remove bootstrap.yml from main.yml in openshift_node roleMichael Gugino2017-12-211-0/+7
|/ | | | | | This commit utilizes include_role for bootstrapping the node instead of conditional include of tasks now that the node role has no meta includes that have tasks.
* Remove openshift.common.{is_atomic|is_containerized}Michael Gugino2017-12-202-2/+2
| | | | | We set these variables using facts in init, no need to duplicate the logic all around the codebase.
* Relocate filter plugins to lib_utilsMichael Gugino2017-12-184-6/+4
| | | | | | | | | | | | | | This commit relocates filter_plugings to lib_utils, changes the namespacing to prevent unintended use of older versions that may be present in filter_plugins/ directory on existing installs. Add lib_utils to meta depends for roles Also consolidate some plugins into lib_utils from various other areas. Update rpm spec, obsolete plugin rpms.
* Merge pull request #6484 from mtnbikenc/tests-as-filtersRussell Teague2017-12-152-2/+2
|\ | | | | Deprecate using Ansible tests as filters
| * Deprecate using Ansible tests as filtersRussell Teague2017-12-142-2/+2
| |
* | Add missing openshift_service_typeMichael Gugino2017-12-131-0/+1
|/ | | | | | Pull in openshift_facts to define the variable. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1525429
* Remove unneeded embedded etcd logicMichael Gugino2017-12-081-1/+0
| | | | | Removing some remaining embedded etcd facts except for the migration plays.
* Merge pull request #6278 from mgugino-upstream-stage/service_typeMichael Gugino2017-12-083-6/+4
|\ | | | | Remove openshift.common.service_type
| * Remove openshift.common.service_typeMichael Gugino2017-12-073-6/+4
| | | | | | | | | | | | | | | | This commit removes openshift.common.service_type in favor of openshift_service_type. This commit also removes r_openshift_excluder_service_type from plays in favor of using the role's defaults.
* | Add os_firewall to prerequisites.ymlMichael Gugino2017-12-072-2/+0
| | | | | | | | | | | | | | This needs to be in place for crio. This role only installs and enables iptables, thus should only be run once.
* | Include Deprecation: Convert to import_playbookRussell Teague2017-12-072-5/+5
|/
* Fix ami building.Kenny Woodson2017-12-061-7/+5
|
* Merge pull request #6350 from mtnbikenc/fix-dup-importRussell Teague2017-12-061-2/+0
|\ | | | | Remove duplicate init import in network_manager.yml
| * Remove duplicate init import in network_manager.ymlRussell Teague2017-12-051-2/+0
| |
* | Merge pull request #6297 from mgugino-upstream-stage/crt_roleScott Dodson2017-12-043-6/+0
|\ \ | |/ |/| Implement container runtime role
| * Implement container runtime roleMichael Gugino2017-12-013-6/+0
| |
* | Merge pull request #6324 from mtnbikenc/consolidate-redeploy-certificatesOpenShift Merge Robot2017-12-043-0/+36
|\ \ | |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatic merge from submit-queue. Playbook Consolidation - Redeploy Certificates This PR moves the certificate redeploy playbooks out of {byo,common}/openshift-cluster and into their respective component areas. - playbooks/openshift-etcd (redeploy-certificates.yml, redeploy-ca.yml) - playbooks/openshift-master (redeploy-certificates.yml, redeploy-openshift-ca.yml) - playbooks/openshift-node (redeploy-certificates.yml) - playbooks/openshift-hosted (redeploy-registry-certificates.yml, redeploy-router-certificates.yml) playbooks/byo/openshift-cluster/redeploy-certificates.yml was moved to playbooks/redeploy-certificates.yml Trello: https://trello.com/c/zCz6RIHM/578-2-playbook-consolidation-openshift-cluster-redeploy-certificates
| * Playbook Consolidation - Redeploy CertificatesRussell Teague2017-12-013-0/+36
| |
* | retry package operationsLuke Meyer2017-11-301-0/+2
|/ | | | | | When a package install/update fails due to network blips or other spotty availability, retry it. If the failure is a real failure (e.g. package is really not there) it still fails after 3 tries (Ansible default).
* Merge pull request #6269 from mgugino-upstream-stage/clock-dependsMichael Gugino2017-11-282-0/+2
|\ | | | | Remove openshift_clock from meta depends
| * Remove openshift_clock from meta dependsMichael Gugino2017-11-272-0/+2
| | | | | | | | | | This commit adds openshift_clock role to required plays instead of using meta_depends.
* | remove schedulable from openshift_factsMichael Gugino2017-11-271-0/+1
|/ | | | | | This commit removes schedulable from openshift_facts in favor of detecting whether or not a host is a master via inventory.
* Include Deprecation - openshift-nodeRussell Teague2017-11-229-27/+27
|
* Playbook Consolidation - openshift-nodeRussell Teague2017-11-2121-0/+364
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 04:30:46 +0000