| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Recent commit removed these checks. These two auth providers
are specifically excluded in origin, thus we should enable
the checks to ensure challenge auth is not enabled for these
providers.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1444367
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Automatic merge from submit-queue.
Temporarily set master servingInfo.clientCA as client-ca-bundle.crt during rolling CA redeployment.
This PR temporarily configures master `servingInfo.clientCA` as `client-ca-bundle.crt` during CA redeploy so that clients referencing the old OpenShift CA can continue to function until all cluster certificates have been replaced and `servingInfo.clientCA` is reset to `ca.crt`.
`client-ca-bundle.crt` is a new bundle created by the `openshift_ca` role which contains old and new OpenShift CA certificates.
https://bugzilla.redhat.com/show_bug.cgi?id=1509124
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1493276
|
| |
| |
| |
| | |
rolling CA redeployment.
|
|\ \
| | |
| | | |
Bug 1507617- Move etcd into its own service/dc with SSL
|
| | | |
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
mgugino-upstream-stage/retry-restart-master-controllers
Automatic merge from submit-queue.
Retry restarting master controllers
Currently, master controller services may fail to restart
if master api services are not fully initialized.
This commit enables retry of master controllers.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1509837
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently, master controller services may fail to restart
if master api services are not fully initialized.
This commit enables retry of master controllers.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1509837
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Automatic merge from submit-queue.
container-engine: ensure /var/lib/containers/ is properly labelled
we were doing it only when CRI-O is installed.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1509880
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
we were doing it only when CRI-O is installed.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1509880
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
Automatic merge from submit-queue.
Moving docker location to share path with system containers.
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Bug 1509680- Fix ansible-service-broker registry settings/validations
|
| | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- Remove outdated dockerhub registry validations
- Add the local openshift registry by default
- Add whitelist parameter for local registry
- Set default dockerhub org to ansibleplaybookbundle
|
|\ \ \ \ \
| |_|_|/ /
|/| | | | |
Bug 1509052 - Remove logfile from broker config
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Fix github auth validation
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This commit ensures github auth validation filter works
as intended.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1444367
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
Remove provisioner restrictions on oc_storageclass
|
| | | | | |
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Bug 1507787- add full path to default asb etcd image
|
| | | | | | |
|
| | | | | | |
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Automatic merge from submit-queue.
management: users must acknowledge use of beta software
Adds a new role variable, openshift_management_install_beta. This
variable defaults to false. The value of this variable is checked
during the validation phase.
* If true, the install will not continue.
* If false, The user is presented with an informative message letting
them know this is beta software and there is low/no support at this
time. The installation will abort and instruct the user how to
continue.
|
| | |_|/ / /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Adds a new role variable, openshift_management_install_beta. This
variable defaults to false. The value of this variable is checked
during the validation phase for enterprise deployment types.
* If true, the install will not continue.
* If false, The user is presented with an informative message letting
them know this is beta software and there is low/no support at this
time. The installation will abort and instruct the user how to
continue.
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Automatic merge from submit-queue.
Bootstrap enhancements.
This includes the elb work.
|
| | | | | | | |
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Automatic merge from submit-queue.
Fix master upgrade version detect and systemd enable
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1508755
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1509158
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1508755
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1509158
|
|\ \ \ \ \ \ \ \
| |_|_|_|/ / / /
|/| | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Automatic merge from submit-queue.
Use the currently attached pvc for an ES dc if available
Otherwise fall back to current logic of labelled PVCs or creating if necessary.
This is to address https://bugzilla.redhat.com/show_bug.cgi?id=1508150
The order of the PVC priority is as follows:
1. The PVC currently claimed on the DC
1. A PVC from the list of PVCs as collected by logging_facts
1. Create a new PVC
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
falling back to current logic
|
|\ \ \ \ \ \ \ \
| |_|_|/ / / / /
|/| | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Automatic merge from submit-queue.
Enable SC, ASB, TSB by default
It was decided that SC, ASB, and TSB should be installed by default.
This will not install the components on an upgrade from 3.6 to 3.7, that will require that you run the sc playbook on your own.
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1508085
|
| | | | | | | | |
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
openshift_sanitize_inventory
|
| | |_|/ / / /
| |/| | | | |
| | | | | | |
| | | | | | | |
This will not install the components on an upgrade.
|
|\ \ \ \ \ \ \
| |_|_|/ / / /
|/| | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Automatic merge from submit-queue.
Remove old /etc/yum.repos.d/openshift_additional.repo file.
Repos defined in `openshift_additional_repos` will be configured individually in their own files so we can remove the old multi-repo file.
|
| |/ / / / / |
|
|\ \ \ \ \ \
| |_|_|_|/ /
|/| | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Automatic merge from submit-queue.
openshift_hosted: Add docker-gc
Two new inventory variables have been created:
- ``openshift_crio_enable_docker_gc``: Enable docker_gc daemon set
- ``openshift_crio_docker_gc_node_selector``: Optional dictionary to use node
selector
When ``openshift_crio_enable_docker_gc`` and ``openshift_use_crio`` are both true
then ``docker_gc`` daemonset will be created along with adding a ``docker-gc``
sa.
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Two new inventory variables have been created:
- openshift_crio_enable_docker_gc: Enable docker_gc daemon set
- openshift_crio_docker_gc_node_selector: Optional dictionary to use node
selector
When openshift_crio_enable_docker_gc and openshift_use_crio are both true
then dockergc daemonset will be created along with adding a dockergc
sa.
Signed-off-by: Steve Milner <smilner@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Automatic merge from submit-queue.
Fixing elb creation for infra and adding to scale group.
Elb creation was missing for the infra nodes. This was either an issue with a refactor or it was missed.
The other issue was that after instances were removed and re-added via a scale group the ELB no longer referenced those hosts. This PR names the ELBs so they are automatically tied to a scale group instead of an instance. This allows for instances to come and go but the ELBs will continue to work with all new instances in the ASG.
|
| | | | | | |
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Automatic merge from submit-queue.
CFME: Use cluster_hostname if cluster_public_hostname isn't available
The CFME 'automatically add provider' playbook would fail if
openshift_master_cluster_public_hostname was not defined in the
inventory. Now we use that value if it is available, and fallback to
using the masters 'cluster_hostname' otherwise.
* Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1506951
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
The CFME 'automatically add provider' playbook would fail if
openshift_master_cluster_public_hostname was not defined in the
inventory. Now we use that value if it is available, and fallback to
using the masters 'cluster_hostname' otherwise.
* Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1506951
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
staebler/1507598-patch_permissions_for_service_catalog
Automatic merge from submit-queue.
Give admin and edit roles permission to patch ServiceInstances and ServiceBindings
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1507598.
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
ServiceBindings
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Automatic merge from submit-queue.
Configurable node config location.
Allow the node config location to be configurable.
This currently defaults to /var/lib/origin. It should be /etc/origin/node/node-config.yaml.
|
| | | | | | | | | |
|
| | |/ / / / / /
| |/| | | | | | |
|
|\ \ \ \ \ \ \ \
| |_|_|_|/ / / /
|/| | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Automatic merge from submit-queue.
Add enterprise prometheus image defaults, simplify image_prefix
Only require that openshift_prometheus_image_prefix be set to affect all
other prefixes. Unfortunately the image_version for origin varies by
image so a common image_version cannot be used.
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Only require that openshift_prometheus_image_prefix be set to affect all
other prefixes. Unfortunately the image_version for origin varies by
image so a common image_version cannot be used.
|