From 7b316631a2b988318b47d3a50a7b66e3ff3fdbd2 Mon Sep 17 00:00:00 2001
From: Scott Dodson <sdodson@redhat.com>
Date: Wed, 10 Jun 2015 10:31:39 -0400
Subject: Update for RC2 changes

Remove openshift-deployer.kubeconfig from master template
Sync config template
Update enterprise image names
Switch to node auto registration
Add deployer to list of serviceAccountConfig.managedNames
Move package installation before registering facts
change default kubeconfig location
Change system:openshift-client to system:openshift-master
Rename node cert/key/kubeconfig per openshift/origin#3160
Update references to /var/lib/openshift/openshift.local.certificates
---
 roles/openshift_master/tasks/main.yml | 25 +++++++++++++------------
 1 file changed, 13 insertions(+), 12 deletions(-)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 23f8b4649..da0a663ec 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -8,6 +8,15 @@
     - openshift_master_oauth_grant_method in openshift_master_valid_grant_methods
   when: openshift_master_oauth_grant_method is defined
 
+- name: Install OpenShift Master package
+  yum: pkg=openshift-master state=present
+  register: install_result
+
+# TODO: Is this necessary or was this a workaround for an old bug in packaging?
+- name: Reload systemd units
+  command: systemctl daemon-reload
+  when: install_result | changed
+
 - name: Set master OpenShift facts
   openshift_facts:
     role: master
@@ -51,14 +60,6 @@
       domain: cluster.local
   when: openshift.master.embedded_dns
 
-- name: Install OpenShift Master package
-  yum: pkg=openshift-master state=present
-  register: install_result
-
-- name: Reload systemd units
-  command: systemctl daemon-reload
-  when: install_result | changed
-
 - name: Create config parent directory if it doesn't exist
   file:
     path: "{{ openshift_master_config_dir }}"
@@ -130,7 +131,7 @@
 
 - name: Create the OpenShift client config dir(s)
   file:
-    path: "~{{ item }}/.config/openshift"
+    path: "~{{ item }}/.kube"
     state: directory
     mode: 0700
     owner: "{{ item }}"
@@ -142,16 +143,16 @@
 # TODO: Update this file if the contents of the source file are not present in
 # the dest file, will need to make sure to ignore things that could be added
 - name: Copy the OpenShift admin client config(s)
-  command: cp {{ openshift_master_config_dir }}/admin.kubeconfig ~{{ item }}/.config/openshift/.config
+  command: cp {{ openshift_master_config_dir }}/admin.kubeconfig ~{{ item }}/.kube/config
   args:
-    creates: ~{{ item }}/.config/openshift/.config
+    creates: ~{{ item }}/.kube/config
   with_items:
   - root
   - "{{ ansible_ssh_user }}"
 
 - name: Update the permissions on the OpenShift admin client config(s)
   file:
-    path: "~{{ item }}/.config/openshift/.config"
+    path: "~{{ item }}/.kube/config"
     state: file
     mode: 0700
     owner: "{{ item }}"
-- 
cgit v1.2.3


From e7082b9870bdf4cc0769645f4fae3bccc3efdee4 Mon Sep 17 00:00:00 2001
From: Scott Dodson <sdodson@redhat.com>
Date: Fri, 12 Jun 2015 14:52:03 -0400
Subject: Add etcd role that builds out basic etcd cluster

- Add initial etcd role
- Add etcd playbook to create etcd client certs
- Hookup master to etcd
---
 roles/openshift_master/tasks/main.yml | 1 +
 1 file changed, 1 insertion(+)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index da0a663ec..f6bd2bf2e 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -31,6 +31,7 @@
       console_url: "{{ openshift_master_console_url | default(None) }}"
       console_use_ssl: "{{ openshift_master_console_use_ssl | default(None) }}"
       public_console_url: "{{ openshift_master_public_console_url | default(None) }}"
+      etcd_hosts: "{{ groups['etcd'] | default(None)}}"
       etcd_port: "{{ openshift_master_etcd_port | default(None) }}"
       etcd_use_ssl: "{{ openshift_master_etcd_use_ssl | default(None) }}"
       etcd_urls: "{{ openshift_master_etcd_urls | default(None) }}"
-- 
cgit v1.2.3


From add3fbcce31e9db4ea8c76acb9c8579f20581912 Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Fri, 10 Jul 2015 14:46:43 -0400
Subject: Etcd role updates and playbook updates

- fix firewall conflict issues with co-located etcd and openshift hosts
- added os_firewall dependency to etcd role
- updated etcd template to better handle clustered and non-clustered installs
- added etcd_ca role
  - generates a self-signed cert to manage etcd certificates, since etcd peer
    certificates are required to be client and server certs and the openshift
    ca will only generate client or server certs (not one authorized for
    both).
- renamed openshift_etcd_certs role to etcd_certificates and updated it to
  manage certificates generated from the CA managed by the etcd_ca role
- remove hard coded etcd_port in openshift_facts
- updates for the openshift-etcd common playbook
- removed etcd and openshift-etcd playbooks from the byo playbooks directory
- added a common playbook for setting etcd launch facts
- added an openshift-etcd common service playbook
- removed unused variables
- fixed tests for embedded_{etcd,dns,kube} in openshift_master
- removed old workaround for reloading systemd units
---
 roles/openshift_master/tasks/main.yml | 5 -----
 1 file changed, 5 deletions(-)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index f6bd2bf2e..95da2d6f4 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -12,11 +12,6 @@
   yum: pkg=openshift-master state=present
   register: install_result
 
-# TODO: Is this necessary or was this a workaround for an old bug in packaging?
-- name: Reload systemd units
-  command: systemctl daemon-reload
-  when: install_result | changed
-
 - name: Set master OpenShift facts
   openshift_facts:
     role: master
-- 
cgit v1.2.3


From f752eaccbb1a5f0e2c1d36502f755d022a21d073 Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Fri, 10 Jul 2015 15:04:26 -0400
Subject: Playbook updates for clustered etcd

- Add support to bin/cluster for specifying etcd hosts
  - defaults to 0, if no etcd hosts are selected, then configures embedded
    etcd
- Updates for the byo inventory file for etcd and master as node by default
- Consolidation of cluster logic more centrally into common playbook
- Added etcd config support to playbooks
- Restructured byo playbooks to leverage the common openshift-cluster playbook
- Added support to common master playbook to generate and apply external etcd
  client certs from the etcd ca
- start of refactor for better handling of master certs in a multi-master
  environment.
  - added the openshift_master_ca and openshift_master_certificates roles to
    manage master certs instead of generating them in the openshift_master
    role
- added etcd host groups to the cluster update playbooks
- aded better handling of host groups when they are either not present or are
  empty.
- Update AWS readme
---
 roles/openshift_master/tasks/main.yml | 12 +-----------
 1 file changed, 1 insertion(+), 11 deletions(-)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 95da2d6f4..b4d0ec0ad 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -26,7 +26,7 @@
       console_url: "{{ openshift_master_console_url | default(None) }}"
       console_use_ssl: "{{ openshift_master_console_use_ssl | default(None) }}"
       public_console_url: "{{ openshift_master_public_console_url | default(None) }}"
-      etcd_hosts: "{{ groups['etcd'] | default(None)}}"
+      etcd_hosts: "{{ openshift_master_etcd_hosts | default(None)}}"
       etcd_port: "{{ openshift_master_etcd_port | default(None) }}"
       etcd_use_ssl: "{{ openshift_master_etcd_use_ssl | default(None) }}"
       etcd_urls: "{{ openshift_master_etcd_urls | default(None) }}"
@@ -61,16 +61,6 @@
     path: "{{ openshift_master_config_dir }}"
     state: directory
 
-- name: Create the master certificates if they do not already exist
-  command: >
-    {{ openshift.common.admin_binary }} create-master-certs
-      --hostnames={{ openshift.common.hostname }},{{ openshift.common.public_hostname }}
-      --master={{ openshift.master.api_url }}
-      --public-master={{ openshift.master.public_api_url }}
-      --cert-dir={{ openshift_master_config_dir }} --overwrite=false
-  args:
-    creates: "{{ openshift_master_config_dir }}/master.server.key"
-
 - name: Create the policy file if it does not already exist
   command: >
     {{ openshift.common.admin_binary }} create-bootstrap-policy-file
-- 
cgit v1.2.3


From f831779404b0147d6a92935cd8b77de3e25f2bec Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Wed, 15 Jul 2015 17:04:11 -0400
Subject: add pauses to avoid service restarts from interfering with initial
 startup bootstrapping

---
 roles/openshift_master/tasks/main.yml | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index b4d0ec0ad..02905f32d 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -114,6 +114,11 @@
 
 - name: Start and enable openshift-master
   service: name=openshift-master enabled=yes state=started
+  register: start_result
+
+- name: pause to prevent service restart from interfering with bootstrapping
+  pause: seconds=30
+  when: start_result | changed
 
 - name: Create the OpenShift client config dir(s)
   file:
-- 
cgit v1.2.3


From 6b4282004a4331d9db0e0ab857c96d83a738d82c Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Tue, 14 Jul 2015 14:48:38 -0400
Subject: Initial HA master

- Ability to specify multiple masters
  - configures the CA only a single time on the first master
  - creates and distributes additional certs for additional master hosts

- Depending on the status of openshift_master_cluster_defer_ha (defaults to
  False) one of two actions are taken when multiple masters are defined
  1. If openshift_master_cluster_defer_ha is true
     a. Certs/configs for all masters are deployed
     b. openshift-master service is only started and enabled on the master
     c. HA configuration is expected to be handled by the user manually after
        the completion of the playbook run.
  2. If oepnshift_master_cluster_defer_ha is false or undefined
     a. Certs/configs for all masters are deployed
     b. a Pacemaker/RHEL HA cluster is configured
        i. VIPs are configured based on the values of
           openshift_master_cluster_vip and
           openshift_master_cluster_plublic_vip
        ii. The openshift-master service is configured as an active/passive
            cluster service
---
 roles/openshift_master/tasks/main.yml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 02905f32d..2311568dd 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -8,6 +8,10 @@
     - openshift_master_oauth_grant_method in openshift_master_valid_grant_methods
   when: openshift_master_oauth_grant_method is defined
 
+- fail:
+    msg: "openshift_master_cluster_password must be set for multi-master installations"
+  when: openshift_master_ha and not openshift.master.cluster_defer_ha | bool and openshift_master_cluster_password is not defined
+
 - name: Install OpenShift Master package
   yum: pkg=openshift-master state=present
   register: install_result
@@ -16,6 +20,9 @@
   openshift_facts:
     role: master
     local_facts:
+      cluster_hostname: "{{ openshift_master_cluster_hostname | default(None) }}"
+      cluster_public_hostname: "{{ openshift_master_cluster_public_hostname | default(None) }}"
+      cluster_defer_ha: "{{ openshift_master_cluster_defer_ha | default(None) }}"
       debug_level: "{{ openshift_master_debug_level | default(openshift.common.debug_level) }}"
       api_port: "{{ openshift_master_api_port | default(None) }}"
       api_url: "{{ openshift_master_api_url | default(None) }}"
@@ -114,12 +121,26 @@
 
 - name: Start and enable openshift-master
   service: name=openshift-master enabled=yes state=started
+  when: not openshift_master_ha
   register: start_result
 
 - name: pause to prevent service restart from interfering with bootstrapping
   pause: seconds=30
   when: start_result | changed
 
+- name: Install cluster packagese
+  yum: pkg=pcs state=present
+  when: openshift_master_ha and not openshift.master.cluster_defer_ha | bool
+  register: install_result
+
+- name: Start and enable cluster service
+  service: name=pcsd enabled=yes state=started
+  when: openshift_master_ha and not openshift.master.cluster_defer_ha | bool
+
+- name: Set the cluster user password
+  shell: echo {{ openshift_master_cluster_password | quote }} | passwd --stdin hacluster
+  when: install_result | changed
+
 - name: Create the OpenShift client config dir(s)
   file:
     path: "~{{ item }}/.kube"
-- 
cgit v1.2.3


From 0a021c047bfb3fe5710be1e7de8cd577455f53c2 Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Fri, 17 Jul 2015 15:02:03 -0400
Subject: fix typo

---
 roles/openshift_master/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 2311568dd..bb1689e5f 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -128,7 +128,7 @@
   pause: seconds=30
   when: start_result | changed
 
-- name: Install cluster packagese
+- name: Install cluster packages
   yum: pkg=pcs state=present
   when: openshift_master_ha and not openshift.master.cluster_defer_ha | bool
   register: install_result
-- 
cgit v1.2.3


From e60a11b97c83c29b8333d70cf4dcc86518cd150b Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Mon, 20 Jul 2015 11:01:37 -0400
Subject: properly test openshift_master_ha var

---
 roles/openshift_master/tasks/main.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index bb1689e5f..057daabf9 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -10,7 +10,7 @@
 
 - fail:
     msg: "openshift_master_cluster_password must be set for multi-master installations"
-  when: openshift_master_ha and not openshift.master.cluster_defer_ha | bool and openshift_master_cluster_password is not defined
+  when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool and openshift_master_cluster_password is not defined
 
 - name: Install OpenShift Master package
   yum: pkg=openshift-master state=present
@@ -121,7 +121,7 @@
 
 - name: Start and enable openshift-master
   service: name=openshift-master enabled=yes state=started
-  when: not openshift_master_ha
+  when: not openshift_master_ha | bool
   register: start_result
 
 - name: pause to prevent service restart from interfering with bootstrapping
@@ -130,12 +130,12 @@
 
 - name: Install cluster packages
   yum: pkg=pcs state=present
-  when: openshift_master_ha and not openshift.master.cluster_defer_ha | bool
+  when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool
   register: install_result
 
 - name: Start and enable cluster service
   service: name=pcsd enabled=yes state=started
-  when: openshift_master_ha and not openshift.master.cluster_defer_ha | bool
+  when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool
 
 - name: Set the cluster user password
   shell: echo {{ openshift_master_cluster_password | quote }} | passwd --stdin hacluster
-- 
cgit v1.2.3


From 3795fd4e38297ca00c7d67b8649ddbeec819d87d Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Mon, 27 Jul 2015 12:24:06 -0400
Subject: Bug 1246458 - dnsIP does not point to cluster IP

https://bugzilla.redhat.com/show_bug.cgi?id=1246458

- Previously when configuring an HA cluster for multi-master the dns ip in the
  node config was pointing only to the first master instead of the cluster ip.
---
 roles/openshift_master/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 057daabf9..ec7cee33b 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -59,7 +59,7 @@
   openshift_facts:
     role: dns
     local_facts:
-      ip: "{{ openshift.common.ip }}"
+      ip: "{{ openshift_master_cluster_vip | default(openshift.common.ip, true) | default(None) }}"
       domain: cluster.local
   when: openshift.master.embedded_dns
 
-- 
cgit v1.2.3


From e944b14f3dd9ec0f97e74109a6dcbd019192c958 Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Tue, 28 Jul 2015 23:06:07 -0400
Subject: Add support for setting routingConfig:subdomain

---
 roles/openshift_master/tasks/main.yml | 1 +
 1 file changed, 1 insertion(+)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 057daabf9..8d6c02e7f 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -53,6 +53,7 @@
       oauth_grant_method: "{{ openshift_master_oauth_grant_method | default(None) }}"
       sdn_cluster_network_cidr: "{{ osm_cluster_network_cidr | default(None) }}"
       sdn_host_subnet_length: "{{ osm_host_subnet_length | default(None) }}"
+      default_subdomain: "{{ osm_default_subdomain | default(None) }}"
 
 # TODO: These values need to be configurable
 - name: Set dns OpenShift facts
-- 
cgit v1.2.3


From 6a00818b03773feb76f5ec997431f975a517b69d Mon Sep 17 00:00:00 2001
From: Diego Castro <spinolacastro@gmail.com>
Date: Wed, 12 Aug 2015 11:16:12 -0300
Subject: Fix Custom Cors

---
 roles/openshift_master/tasks/main.yml | 1 +
 1 file changed, 1 insertion(+)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 8d6c02e7f..151d0662f 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -54,6 +54,7 @@
       sdn_cluster_network_cidr: "{{ osm_cluster_network_cidr | default(None) }}"
       sdn_host_subnet_length: "{{ osm_host_subnet_length | default(None) }}"
       default_subdomain: "{{ osm_default_subdomain | default(None) }}"
+      custom_cors_origins: "{{ osm_custom_cors_origins | default(None) }}"
 
 # TODO: These values need to be configurable
 - name: Set dns OpenShift facts
-- 
cgit v1.2.3


From ec293f371046a99b0f737a59b4a9f3f001af3279 Mon Sep 17 00:00:00 2001
From: Diego Castro <spinolacastro@gmail.com>
Date: Wed, 12 Aug 2015 20:02:05 -0300
Subject: Custom Project Config

---
 roles/openshift_master/tasks/main.yml | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 151d0662f..5975ae224 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -55,6 +55,8 @@
       sdn_host_subnet_length: "{{ osm_host_subnet_length | default(None) }}"
       default_subdomain: "{{ osm_default_subdomain | default(None) }}"
       custom_cors_origins: "{{ osm_custom_cors_origins | default(None) }}"
+      project_config: "{{ openshift_master_project_config | default(None) }}"
+
 
 # TODO: These values need to be configurable
 - name: Set dns OpenShift facts
-- 
cgit v1.2.3


From dcdb74b61cd49bee70da5997b9990da86cc3b1c8 Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Wed, 12 Aug 2015 09:33:02 -0400
Subject: Add support for setting default node selector

---
 roles/openshift_master/tasks/main.yml | 1 +
 1 file changed, 1 insertion(+)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 151d0662f..f90f526c9 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -55,6 +55,7 @@
       sdn_host_subnet_length: "{{ osm_host_subnet_length | default(None) }}"
       default_subdomain: "{{ osm_default_subdomain | default(None) }}"
       custom_cors_origins: "{{ osm_custom_cors_origins | default(None) }}"
+      default_node_selector: "{{ osm_default_node_selector | default(None) }}"
 
 # TODO: These values need to be configurable
 - name: Set dns OpenShift facts
-- 
cgit v1.2.3


From 0bc39b7f4ad53344d19d0d783fd6eec4d3b424ef Mon Sep 17 00:00:00 2001
From: Diego Castro <spinolacastro@gmail.com>
Date: Wed, 12 Aug 2015 22:53:10 -0300
Subject: Update PR #458 from comments

---
 roles/openshift_master/tasks/main.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 5975ae224..019856f19 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -55,7 +55,12 @@
       sdn_host_subnet_length: "{{ osm_host_subnet_length | default(None) }}"
       default_subdomain: "{{ osm_default_subdomain | default(None) }}"
       custom_cors_origins: "{{ osm_custom_cors_origins | default(None) }}"
-      project_config: "{{ openshift_master_project_config | default(None) }}"
+      default_node_selector: "{{ osm_default_node_selector | default(None) }}"
+      project_request_message: "{{ osm_project_request_message | default(None) }}"
+      project_request_template: "{{ osm_project_request_template | default(None) }}"
+      mcs_allocator_range: "{{ osm_mcs_allocator_range | default(None) }}"
+      mcs_labels_per_project: "{{ osm_mcs_labels_per_project | default(None) }}"
+      uid_allocator_range: "{{ osm_uid_allocator_range | default(None) }}"
 
 
 # TODO: These values need to be configurable
-- 
cgit v1.2.3


From 800256e451b112d3cd7c2356615572c0de3c3840 Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Wed, 12 Aug 2015 22:01:06 -0400
Subject: Add support for setting kubeletArguments, controllerArguments, and
 apiServerArguments

---
 roles/openshift_master/tasks/main.yml | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index f90f526c9..3ee21b902 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -56,6 +56,8 @@
       default_subdomain: "{{ osm_default_subdomain | default(None) }}"
       custom_cors_origins: "{{ osm_custom_cors_origins | default(None) }}"
       default_node_selector: "{{ osm_default_node_selector | default(None) }}"
+      api_server_args: "{{ osm_api_server_args | default(None) }}"
+      controller_args: "{{ osm_controller_args | default(None) }}"
 
 # TODO: These values need to be configurable
 - name: Set dns OpenShift facts
-- 
cgit v1.2.3


From 1b3fff6248fbd6788a26ee2b6c60f7731891c0f4 Mon Sep 17 00:00:00 2001
From: Avesh Agarwal <avagarwa@redhat.com>
Date: Fri, 19 Jun 2015 14:41:10 -0400
Subject: Atomic Enterprise related changes.

---
 roles/openshift_master/tasks/main.yml | 55 ++++++++++++++++++++++++-----------
 1 file changed, 38 insertions(+), 17 deletions(-)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 9204d25ce..4dad9b62f 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -12,11 +12,7 @@
     msg: "openshift_master_cluster_password must be set for multi-master installations"
   when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool and openshift_master_cluster_password is not defined
 
-- name: Install OpenShift Master package
-  yum: pkg=openshift-master state=present
-  register: install_result
-
-- name: Set master OpenShift facts
+- name: Set master facts
   openshift_facts:
     role: master
     local_facts:
@@ -59,8 +55,26 @@
       api_server_args: "{{ osm_api_server_args | default(None) }}"
       controller_args: "{{ osm_controller_args | default(None) }}"
 
+- name: Install Master package
+  yum: pkg={{ openshift.common.service_type }}-master state=present
+  register: install_result
+
+- name: Check for RPM generated config marker file /etc/origin/.config_managed
+  stat: path=/etc/origin/.rpmgenerated
+  register: rpmgenerated_config
+
+- name: Remove RPM generated config files
+  file:
+    path: "{{ item }}"
+    state: absent
+  when: openshift.common.service_type in ['atomic-enterprise','openshift-enterprise'] and rpmgenerated_config.stat.exists == true
+  with_items:
+    - "{{ openshift.common.config_base }}/master"
+    - "{{ openshift.common.config_base }}/node"
+    - "{{ openshift.common.config_base }}/.rpmgenerated"
+
 # TODO: These values need to be configurable
-- name: Set dns OpenShift facts
+- name: Set dns facts
   openshift_facts:
     role: dns
     local_facts:
@@ -80,20 +94,27 @@
   args:
     creates: "{{ openshift_master_policy }}"
   notify:
-  - restart openshift-master
+  - restart master
 
 - name: Create the scheduler config
   template:
     dest: "{{ openshift_master_scheduler_conf }}"
     src: scheduler.json.j2
   notify:
-  - restart openshift-master
+  - restart master
 
 - name: Install httpd-tools if needed
   yum: pkg=httpd-tools state=present
   when: item.kind == 'HTPasswdPasswordIdentityProvider'
   with_items: openshift.master.identity_providers
 
+- name: Ensure htpasswd directory exists
+  file:
+    path: "{{ item.filename | dirname }}"
+    state: directory
+  when: item.kind == 'HTPasswdPasswordIdentityProvider'
+  with_items: openshift.master.identity_providers
+
 - name: Create the htpasswd file if needed
   copy:
     dest: "{{ item.filename }}"
@@ -109,11 +130,11 @@
     dest: "{{ openshift_master_config_file }}"
     src: master.yaml.v1.j2
   notify:
-  - restart openshift-master
+  - restart master
 
-- name: Configure OpenShift settings
+- name: Configure master settings
   lineinfile:
-    dest: /etc/sysconfig/openshift-master
+    dest: /etc/sysconfig/{{ openshift.common.service_type }}-master
     regexp: "{{ item.regex }}"
     line: "{{ item.line }}"
   with_items:
@@ -122,10 +143,10 @@
     - regex: '^CONFIG_FILE='
       line: "CONFIG_FILE={{ openshift_master_config_file }}"
   notify:
-  - restart openshift-master
+  - restart master
 
-- name: Start and enable openshift-master
-  service: name=openshift-master enabled=yes state=started
+- name: Start and enable master
+  service: name={{ openshift.common.service_type }}-master enabled=yes state=started
   when: not openshift_master_ha | bool
   register: start_result
 
@@ -146,7 +167,7 @@
   shell: echo {{ openshift_master_cluster_password | quote }} | passwd --stdin hacluster
   when: install_result | changed
 
-- name: Create the OpenShift client config dir(s)
+- name: Create the client config dir(s)
   file:
     path: "~{{ item }}/.kube"
     state: directory
@@ -159,7 +180,7 @@
 
 # TODO: Update this file if the contents of the source file are not present in
 # the dest file, will need to make sure to ignore things that could be added
-- name: Copy the OpenShift admin client config(s)
+- name: Copy the admin client config(s)
   command: cp {{ openshift_master_config_dir }}/admin.kubeconfig ~{{ item }}/.kube/config
   args:
     creates: ~{{ item }}/.kube/config
@@ -167,7 +188,7 @@
   - root
   - "{{ ansible_ssh_user }}"
 
-- name: Update the permissions on the OpenShift admin client config(s)
+- name: Update the permissions on the admin client config(s)
   file:
     path: "~{{ item }}/.kube/config"
     state: file
-- 
cgit v1.2.3


From 633c651285b53ee154cd497513ded4a26c88d991 Mon Sep 17 00:00:00 2001
From: Scott Dodson <sdodson@redhat.com>
Date: Thu, 3 Sep 2015 15:30:03 -0400
Subject: Add openshift_version to set RPM versions

Mostly necessary for debugging / testing upgrade paths
---
 roles/openshift_master/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 4dad9b62f..b57711b58 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -56,7 +56,7 @@
       controller_args: "{{ osm_controller_args | default(None) }}"
 
 - name: Install Master package
-  yum: pkg={{ openshift.common.service_type }}-master state=present
+  yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version  }} state=present
   register: install_result
 
 - name: Check for RPM generated config marker file /etc/origin/.config_managed
-- 
cgit v1.2.3


From 44f2904159c5a3e0045eb413287a9c1778f91adb Mon Sep 17 00:00:00 2001
From: Scott Dodson <sdodson@redhat.com>
Date: Thu, 10 Sep 2015 10:27:35 -0400
Subject: Upgrades

---
 roles/openshift_master/tasks/main.yml | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index b57711b58..fa12005ab 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -100,6 +100,7 @@
   template:
     dest: "{{ openshift_master_scheduler_conf }}"
     src: scheduler.json.j2
+    backup: true
   notify:
   - restart master
 
@@ -129,6 +130,7 @@
   template:
     dest: "{{ openshift_master_config_file }}"
     src: master.yaml.v1.j2
+    backup: true
   notify:
   - restart master
 
-- 
cgit v1.2.3


From ed4f46169befecbbcbd646b5333d77add80e133f Mon Sep 17 00:00:00 2001
From: Scott Dodson <sdodson@redhat.com>
Date: Thu, 17 Sep 2015 15:56:44 -0400
Subject: Lookup ansible_ssh_user group for kubeconfig perms

Fixes #585
---
 roles/openshift_master/tasks/main.yml | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index b57711b58..29b56656f 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -167,13 +167,17 @@
   shell: echo {{ openshift_master_cluster_password | quote }} | passwd --stdin hacluster
   when: install_result | changed
 
+- name: Lookup default group for ansible_ssh_user
+  command: "/usr/bin/id -g {{ ansible_ssh_user }}"
+  register: _ansible_ssh_user_gid
+
 - name: Create the client config dir(s)
   file:
     path: "~{{ item }}/.kube"
     state: directory
     mode: 0700
     owner: "{{ item }}"
-    group: "{{ item }}"
+    group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout  }}"
   with_items:
   - root
   - "{{ ansible_ssh_user }}"
@@ -194,7 +198,7 @@
     state: file
     mode: 0700
     owner: "{{ item }}"
-    group: "{{ item }}"
+    group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout  }}"
   with_items:
   - root
   - "{{ ansible_ssh_user }}"
-- 
cgit v1.2.3


From 8691cd2947146a24237fadc443eb02acf805a606 Mon Sep 17 00:00:00 2001
From: Stefanie Forrester <sedgar@redhat.com>
Date: Fri, 11 Sep 2015 13:13:17 -0700
Subject: Support HA or single router, and start work on registry

---
 roles/openshift_master/tasks/main.yml | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 73c04cb08..4dcab31d1 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -52,8 +52,11 @@
       default_subdomain: "{{ osm_default_subdomain | default(None) }}"
       custom_cors_origins: "{{ osm_custom_cors_origins | default(None) }}"
       default_node_selector: "{{ osm_default_node_selector | default(None) }}"
+      router_selector: "{{ openshift_router_selector | default(None) }}"
+      registry_selector: "{{ openshift_registry_selector | default(None) }}"
       api_server_args: "{{ osm_api_server_args | default(None) }}"
       controller_args: "{{ osm_controller_args | default(None) }}"
+      infra_nodes: "{{ num_infra | default(None) }}"
 
 - name: Install Master package
   yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version  }} state=present
-- 
cgit v1.2.3


From 28060809e10c54bf2edd2f9bf2dd22ce5acfff0a Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Wed, 21 Oct 2015 16:00:06 -0400
Subject: Avoid hardcoded 30s pauses

- refactor node and master restart handlers to avoid 30s pauses
---
 roles/openshift_master/tasks/main.yml | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 4dcab31d1..90e77e7c2 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -155,9 +155,8 @@
   when: not openshift_master_ha | bool
   register: start_result
 
-- name: pause to prevent service restart from interfering with bootstrapping
-  pause: seconds=30
-  when: start_result | changed
+- set_fact:
+    skip_master_restart = start_result | changed
 
 - name: Install cluster packages
   yum: pkg=pcs state=present
-- 
cgit v1.2.3


From 3e44d3aa6d35c62c57c102f5a8fec4bf86d2a1b5 Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Wed, 21 Oct 2015 13:41:56 -0400
Subject: Fix test and workaround for rpm generated configs

- fixed inconcistency in naming for rpm generated config test
- refactoring to fix logic after the ha master refactoring had broken the
  previous steps
---
 roles/openshift_master/tasks/main.yml | 14 --------------
 1 file changed, 14 deletions(-)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 4dcab31d1..a5c1a805c 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -62,20 +62,6 @@
   yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version  }} state=present
   register: install_result
 
-- name: Check for RPM generated config marker file /etc/origin/.config_managed
-  stat: path=/etc/origin/.rpmgenerated
-  register: rpmgenerated_config
-
-- name: Remove RPM generated config files
-  file:
-    path: "{{ item }}"
-    state: absent
-  when: openshift.common.service_type in ['atomic-enterprise','openshift-enterprise'] and rpmgenerated_config.stat.exists == true
-  with_items:
-    - "{{ openshift.common.config_base }}/master"
-    - "{{ openshift.common.config_base }}/node"
-    - "{{ openshift.common.config_base }}/.rpmgenerated"
-
 # TODO: These values need to be configurable
 - name: Set dns facts
   openshift_facts:
-- 
cgit v1.2.3


From 48889b8ed74abfd070fb5ecad082c4f540f7a3fe Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Fri, 23 Oct 2015 11:00:33 -0400
Subject: cleanup naming for skipping master and node restart handlers

---
 roles/openshift_master/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 90e77e7c2..0b20e054b 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -156,7 +156,7 @@
   register: start_result
 
 - set_fact:
-    skip_master_restart = start_result | changed
+    master_service_status_changed = start_result | changed
 
 - name: Install cluster packages
   yum: pkg=pcs state=present
-- 
cgit v1.2.3