summaryrefslogtreecommitdiffstats
path: root/roles
Commit message (Collapse)AuthorAgeFilesLines
* Conditionalize master config update for admission_plugin_config.Andrew Butcher2016-12-052-2/+4
|
* Merge pull request #2888 from sdodson/dnsmasq-no-strict-orderScott Dodson2016-12-012-2/+0
|\ | | | | openshift_node_dnsmasq - Remove strict-order option from dnsmasq
| * openshift_node_dnsmasq - Remove strict-order option from dnsmasqScott Dodson2016-12-012-2/+0
| | | | | | | | | | | | | | | | | | | | | | strict-order forces dnsmasq to iterate through nameservers in order. If one of the nameservers is down this will slow things down while dnsmasq waits for a timeout. Also, this option prevents dnsmasq from querying other nameservers if the first one returns a negative result. While I think it's odd to have a nameserver that returns negative results for a query that another returns positive results for this does seem to fix the issue in testing. Fixes Bug 1399577
* | Merge pull request #2859 from dgoodwin/ovs-docker-restartScott Dodson2016-11-302-3/+4
|\ \ | | | | | | Cleanup ovs file and restart docker on every upgrade.
| * | Cleanup ovs file and restart docker on every upgrade.Devan Goodwin2016-11-302-3/+4
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In 3.3 one of our services lays down a systemd drop-in for configuring Docker networking to use lbr0. In 3.4, this has been changed but the file must be cleaned up manually by us. However, after removing the file docker requires a restart. This had big implications particularly in containerized environments where upgrade is a very fragile series of upgrading and service restarts. To avoid double docker restarts, and thus double service restarts in containerized environments, this change does the following: - Skip restart during docker upgrade, if it is required. We will restart on our own later. - Skip containerized service restarts when we upgrade the services themselves. - Clean shutdown of all containerized services. - Restart Docker. (always, previously this only happened if it needed an upgrade) - Ensure all containerized services are restarted. - Restart rpm node services. (always) - Mark node schedulable again. At the end of this process, docker0 should be back on the system.
* / Sync latest image stream and templates for v1.3 and v1.4Scott Dodson2016-11-3021-190/+434
|/
* Merge pull request #2882 from sjenning/allow-latest-image-tagScott Dodson2016-11-291-1/+1
|\ | | | | allow 'latest' origin_image_tag
| * allow 'latest' origin_image_tagSeth Jennings2016-11-291-1/+1
| |
* | Merge pull request #2884 from sdodson/image-stream-syncScott Dodson2016-11-2910-25/+3689
|\ \ | | | | | | xpaas v1.3.5
| * | xpaas v1.3.5Scott Dodson2016-11-2910-25/+3689
| |/
* | Merge pull request #2855 from detiber/updateSchedulerDefaultsScott Dodson2016-11-2914-182/+748
|\ \ | |/ |/| Update scheduler defaults
| * refactor handling of scheduler defaultsJason DeTiberus2016-11-298-39/+579
| |
| * update tests and flake8/pylint fixesJason DeTiberus2016-11-297-143/+169
| |
* | Merge pull request #2853 from alexcern/dhcpv6Scott Dodson2016-11-291-1/+1
|\ \ | | | | | | Set nameservers on DHCPv6 event
| * | Set nameservers on DHCPv6 eventAlex Lossent2016-11-231-1/+1
| | | | | | | | | | | | | | | | | | A dhcp6-change event may happen on nodes running dual stack IPv4/IPv6 and DHCP, even if Openshift itself doesn't use IPv6. /etc/resolv.conf needs be adjusted as well in this case.
* | | Merge pull request #2876 from dustymabe/dusty-fix-etcd-selinuxScott Dodson2016-11-291-1/+1
|\ \ \ | |_|/ |/| | fix selinux issues with etcd container
| * | fix selinux issues with etcd containerDusty Mabe2016-11-281-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | Make it so that we don't relabel /etc/etcd/ (via `:z`) on every run. Doing this causes systemd to fail accessing /etc/etcd/etcd.conf when trying to run the systemd unit file on the next run. Convert it from `:z` to `:ro` since we only need read-only access to the files. Fixes #2811
* | | Refactored to use Ansible systemd moduleRussell Teague2016-11-2856-189/+230
|/ / | | | | | | | | | | * Ansible systemd module used in place of service module * Refactored command tasks which are no longer necessary * Applying rules from openshift-ansible Best Practices Guide
* | Merge pull request #2865 from mtnbikenc/ansible-2.2-docsScott Dodson2016-11-284-4/+4
|\ \ | | | | | | Updating docs for Ansible 2.2 requirements
| * | Updating docs for Ansible 2.2 requirementsRussell Teague2016-11-284-4/+4
| |/
* | Merge pull request #2842 from mscherer/check_dbus_moduleScott Dodson2016-11-281-2/+10
|\ \ | | | | | | Verify the presence of dbus python binding
| * | Verify the presence of dbus python bindingMichael Scherer2016-11-231-2/+10
| | | | | | | | | | | | | | | | | | While the proper fix is to have it installed by default, this commit will also permit to have a better error message in the case the module is not present (as running on python 3)
* | | Merge pull request #2836 from abutcher/BZ1393645Scott Dodson2016-11-283-26/+30
|\ \ \ | |_|/ |/| | Merge admission plugin configs
| * | Merge kube_admission_plugin_config with admission_plugin_configSamuel Munilla2016-11-223-26/+30
| | | | | | | | | | | | | | | | | | | | | | | | Move the values in kube_admission_plugin_config up one level per the new format from 1.3: "The kubernetesMasterConfig.admissionConfig.pluginConfig should be moved and merged into admissionConfig.pluginConfig."
* | | Systemd `systemctl show` workaroundRussell Teague2016-11-232-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `systemctl show` would exit with RC=1 for non-existent services in v231. This caused the Ansible systemd module to exit with a failure of running the `systemctl show` command instead of exiting stating the service was not found. This change catches both failures on either older or newer versions of systemd. The change in systemd exit status could be resolved in systemd v232. https://github.com/systemd/systemd/commit/3dced37b7c2c9a5c733817569d2bbbaa397adaf7
* | | Merge pull request #2845 from abutcher/fix-mixed-envJason DeTiberus2016-11-222-5/+5
|\ \ \ | | | | | | | | Fix issues encountered in mixed environments
| * | | Reference master binaries when delegating from node hosts which may be ↵Andrew Butcher2016-11-222-5/+5
| | | | | | | | | | | | | | | | containerized.
* | | | Merge pull request #2838 from mscherer/port_py3Jason DeTiberus2016-11-221-1/+2
|\ \ \ \ | |/ / / |/| | | Make os_firewall_manage_iptables run on python3
| * | | Make os_firewall_manage_iptables run on python3Michael Scherer2016-11-221-1/+2
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It fail with that traceback: Traceback (most recent call last): File \"/tmp/ansible_ib5gpbsp/ansible_module_os_firewall_manage_iptables.py\", line 273, in <module> main() File \"/tmp/ansible_ib5gpbsp/ansible_module_os_firewall_manage_iptables.py\", line 257, in main iptables_manager.add_rule(port, protocol) File \"/tmp/ansible_ib5gpbsp/ansible_module_os_firewall_manage_iptables.py\", line 87, in add_rule self.verify_chain() File \"/tmp/ansible_ib5gpbsp/ansible_module_os_firewall_manage_iptables.py\", line 82, in verify_chain self.create_jump() File \"/tmp/ansible_ib5gpbsp/ansible_module_os_firewall_manage_iptables.py\", line 142, in create_jump input_rules = [s.split() for s in output.split('\\n')]
* | | Merge pull request #2817 from mtnbikenc/os_firewall-refactorJason DeTiberus2016-11-224-105/+26
|\ \ \ | | | | | | | | Refactor os_firewall role
| * | | Refactor os_firewall roleRussell Teague2016-11-214-105/+26
| | | | | | | | | | | | | | | | | | | | | | | | * Remove unneeded tasks duplicated by new module functionality * Ansible systemd module has 'masked' and 'daemon_reload' options * Ansible firewalld module has 'immediate' option
* | | | Merge pull request #2837 from vishpat/service-accountJason DeTiberus2016-11-221-1/+1
|\ \ \ \ | | | | | | | | | | Modified the error message being checked for
| * | | | Modified the error message being checked forVishal Patil2016-11-211-1/+1
| | | | |
* | | | | Merge pull request #2711 from simon3z/hawkular-cluster-roleScott Dodson2016-11-222-0/+25
|\ \ \ \ \ | | | | | | | | | | | | Add hawkular admin cluster role to management admin
| * | | | | Add hawkular admin cluster role to management adminFederico Simoncelli2016-11-032-0/+25
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Federico Simoncelli <fsimonce@redhat.com>
* | | | | | Make the role work on F25 CloudMichael Scherer2016-11-221-0/+1
| |_|_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | On F24 and earlier, systemctl show always returned 0. On F25, it return 1 when a service do not exist, and thus the role fail on Fedora 25 cloud edition.
* | | | | Merge pull request #2818 from mtnbikenc/package-refactorScott Dodson2016-11-2132-44/+58
|\ \ \ \ \ | | | | | | | | | | | | Refactor to use Ansible package module
| * | | | | Refactor to use Ansible package moduleRussell Teague2016-11-1732-44/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Ansible package module will call the correct package manager for the underlying OS.
* | | | | | Merge pull request #2833 from dustymabe/dusty-tunedJason DeTiberus2016-11-211-1/+7
|\ \ \ \ \ \ | |_|_|_|_|/ |/| | | | | Only run tuned-adm if tuned exists.
| * | | | | Only run tuned-adm if tuned exists.Dusty Mabe2016-11-211-1/+7
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | Fedora Atomic Host does not have tuned installed. Fixes #2809
* | | | | Merge pull request #2827 from abutcher/BZ1377619Jason DeTiberus2016-11-211-8/+44
|\ \ \ \ \ | |/ / / / |/| | | | Allow ansible to continue when a node is unaccessible or fails.
| * | | | Delegate openshift_manage_node tasks to master host.Andrew Butcher2016-11-211-9/+44
| | | | |
| * | | | Allow ansible to continue when a node is unaccessible or fails.Andrew Butcher2016-11-181-0/+1
| | | | |
* | | | | Merge pull request #2822 from sdodson/onlydnsmasqScott Dodson2016-11-181-5/+10
|\ \ \ \ \ | |/ / / / |/| | | | node_dnsmasq -- Set dnsmasq as our only nameserver
| * | | | Create the file in two passes, atomicly copy it overScott Dodson2016-11-181-6/+8
| | | | |
| * | | | node_dnsmasq -- Set dnsmasq as our only nameserverScott Dodson2016-11-171-1/+4
| |/ / /
* | | | Merge pull request #379 from cgwalters/storage-nfs-lvmScott Dodson2016-11-171-1/+1
|\ \ \ \ | |/ / / |/| | | storage/nfs_lvm: Also export as ReadWriteOnce
| * | | storage/nfs_lvm: Also export as ReadWriteOnceColin Walters2015-07-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | While NFS supports `ReadWriteMany`, it's very common for pod authors to only need `ReadWriteOnce`. At the moment, kube will not auto-bind a `RWO` claim to a `RWM` volume.
* | | | Allow users to disable the origin repo creationScott Dodson2016-11-171-0/+2
| | | |
* | | | Merge pull request #2819 from vishpat/ip-forwardingScott Dodson2016-11-164-5/+31
|\ \ \ \ | | | | | | | | | | Added ip forwarding for nuage
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 15:27:34 +0000