| Age | Commit message (Collapse) | Author |
|---|
|
Co-authored-by: Christina Kyriakidou <Ckyriaki@Redhat.com>
|
|
Change dnsmasq Requires to Wants
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1532960
Signed-off-by: Rajat Chopra <rchopra@redhat.com>
|
|
|
|
Variables that are specifically booleans should be
cast to bool. This is because users may sometimes
pass them as string values. This is particularly
prevalent when using ini-style inventories.
Affected-by: https://github.com/ansible/ansible/issues/34591
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1531592
|
|
This commit adds docker auth credentials mount to
system container systemd unit file.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1514324
|
|
This commit relocates filter_plugings to lib_utils,
changes the namespacing to prevent unintended use of
older versions that may be present in filter_plugins/
directory on existing installs.
Add lib_utils to meta depends for roles
Also consolidate some plugins into lib_utils from
various other areas.
Update rpm spec, obsolete plugin rpms.
|
|
This commit removes the remainder of openshift_node_facts
role.
|
|
Remove openshift_node_facts part 1
|
|
This commit removes some items from openshift_facts
for the openshit_node role.
|
|
it is required for OpenShift 3.9
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
This commit removes openshift.common.service_type
in favor of openshift_service_type.
This commit also removes r_openshift_excluder_service_type
from plays in favor of using the role's defaults.
|
|
|
|
This commit combines these two roles. This will
prevent openshift_node_facts from running twice.
|
|
This commit removes any references to versions < 1.5/3.5
We assume the version is always greater than or equal to 1.5/3.5.
|
|
This commit enables deploying Kuryr networking on top of OpenShift in
containers. kuryr-controller is a Deployment and kuryr-cni is deployed
as DaemonSet (container will drop all CNI configuration files).
Co-Authored-By: Antoni Segura Puimedon <celebdor@gmail.com>
|
|
|
|
Currently, imageConfig.latest is hard-coded to false.
This commit adds an appropriate boolean to enable
setting to true.
Fixes: https://github.com/openshift/openshift-ansible/issues/1422
|
|
Currently, profiles for the tuned daemon are set only for
OpenShift node(s). This excludes the OpenShift loadbalancer.
As a result, ARP cache limits on loadbalancers are not raised.
This causes problems with HA setups where loadbalancers serve
1k+ OpenShift nodes.
This commit ensures the openshift-control-plane role is applied
to loadbalancers, masters and OpenShift infra nodes. Regular
OpenShift worker nodes get the openshift-node profile.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1498213
|
|
Commit 7f805f9a0c41477365dd88b0ac73f0d221bd654a causes the behavior seen in
https://bugzilla.redhat.com/show_bug.cgi?id=1453113 because openshift-node
is no longer restarted when openvswitch is, due to the change from Requires
to Wants.
Turns out that making the openshift node service PartOf the OVS service
can achieve the same result and ensure openshift-node gets restarted whenever
OVS does, which ensures that networking doesn't break underneath the node.
Suggested by Giuseppe Scrivano
|
|
Automatic merge from submit-queue
Changes for Nuage atomic ansible install
|
|
This commit moves additional/block/insecure registries to
/etc/containers/registries.conf and comments existing lines in
/etc/sysconfig/docker.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1460930
|
|
|
|
Currently, openshift-anisble supports authentication to
container registries to pull down openshift container images.
The openshift_verison role uses the docker cli to gather
image information from container registries before authentication
credentials are provided by openshift-ansible.
This commit creates the necessary token to authenticate to
private registries during openshift_version. The token
is generated by the role 'docker' on all hosts where
docker is installed/configured when oreg_auth_users
is defined.
This commit also adds a read-only mount into the
openshift master and node container services. This
mount is '/var/lib/origin/.docker:/root/.docker:ro'.
This is because the container images do not currently
read the values in '/var/lib/origin/.docker' as this
may be a bug upstream.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341
|
|
Merged by openshift-bot
|
|
Most of this role's purpose was to set facts. The vast majority
of these facts were simply redefining user-supplied variables.
This commit also removes various artifacts leftover from
previous versions, as well as variables that seem to be
entirely unused.
|
|
|
|
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
On nodes with thousands of services it may take a very long time to
establish all of the network routing rules. The longest we've seen is
about 180s
|
|
|
|
|
|
|
|
|
|
|
|
Sometimes the node container is not started on a container-engine
restart. Use a weaker dependency on openvswitch that is causing this issue
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1451192
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
Adds service file templates for both maste and node. These will lay down
in /etc/system/systemd to override what may already be present from a
package. These instances take into account the name of the container
daemon (docker or container-engine).
|
|
- If using a system container: container-engine
- If using a package install: docker
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1448800
|
|
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1427807
|
|
|
|
Add parameters to allow overriding minTLSVersion and
cipherSuites in master and node servingInfo config stanzas.
|
|
around across node restart
With the move to a CNI plugin, docker no longer handles IPAM, but CNI does through
openshift-sdn's usage of the 'host-local' CNI IPAM plugin. That plugin stores
IPAM allocations under /var/lib/cni/.
If the node container gets restarted, without presreving /var/lib/cni, the IPs
currently allocated to running pods get lost and on restart, openshift-sdn
may allocate those IPs to new pods causing duplicate allocations.
This never happened with docker because it has its own persistent IPAM store that
does not get removed when docker restarts. Also because (historically) when docker
restarted, all the containers died and the IP allocations were released by the
daemon.
Fix this by ensuring that IPAM allocations (which are tied to the life of the pod,
*not* the life of the openshift-node process) persist even if the openshift-node
process restarts.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1427789
|
|
into Openshift Ansible. This is the first (beta) release of Contiv with Openshift and is only supported for Openshift Origin + Bare metal deployments at the time of this commit. Please refer to the Openshift and Contiv official documentation for details of the level of support for different features and modes of operation.
|
|
|
|
[#2698] Change to allow cni deployments without openshift SDN
|
