summaryrefslogtreecommitdiffstats
path: root/roles/openshift_node
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #4126 from VincentS/SDN_Check_FixJan Chaloupka2017-05-121-1/+1
|\ | | | | Fix for OpenShift SDN Check
| * Fix for OpenShift SDN CheckVincent Schwarzer2017-05-091-1/+1
| |
* | Add service file templates for master and nodeSteve Milner2017-05-093-1/+50
| | | | | | | | | | | | | | Adds service file templates for both maste and node. These will lay down in /etc/system/systemd to override what may already be present from a package. These instances take into account the name of the container daemon (docker or container-engine).
* | Update systemd units to use proper container service nameSteve Milner2017-05-093-10/+10
|/ | | | | | | - If using a system container: container-engine - If using a package install: docker Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1448800
* Don't double quote when conditionsScott Dodson2017-05-011-1/+1
|
* Add bool for proper conditional handlingRussell Teague2017-04-261-1/+1
|
* Update swap disable tasksRussell Teague2017-04-211-9/+14
| | | | | | * Lines are commented out vice being removed * Comment is added indicating why the change happened * Variable openshift_disable_swap added to allow user control
* Disable swap space on nodes at install and upgradeRussell Teague2017-04-121-0/+27
|
* Port 10255 unnecessary. Removing all instancesChris Callegari2017-04-042-8/+0
|
* Use meta/main.yml for role dependenciesRussell Teague2017-03-273-8/+1
|
* Make /rootfs mount rslaveScott Dodson2017-03-211-1/+1
| | | | Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1427807
* Fix containerized openvswitch raceScott Dodson2017-03-151-0/+2
|
* Merge pull request #3599 from martineg/min_tls_versionOpenShift Bot2017-03-141-0/+9
|\ | | | | Merged by openshift-bot
| * Allow overriding minTLSVersion and cipherSuitesMartin Eggen2017-03-091-0/+9
| | | | | | | | | | Add parameters to allow overriding minTLSVersion and cipherSuites in master and node servingInfo config stanzas.
* | Force to use TLSv1.2 (related to ↵Olivier Buisson2017-03-131-1/+1
|/ | | | https://github.com/openshift/openshift-ansible/pull/2707)
* node/sdn: make /var/lib/cni persistent to ensure IPAM allocations stick ↵Dan Williams2017-03-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | around across node restart With the move to a CNI plugin, docker no longer handles IPAM, but CNI does through openshift-sdn's usage of the 'host-local' CNI IPAM plugin. That plugin stores IPAM allocations under /var/lib/cni/. If the node container gets restarted, without presreving /var/lib/cni, the IPs currently allocated to running pods get lost and on restart, openshift-sdn may allocate those IPs to new pods causing duplicate allocations. This never happened with docker because it has its own persistent IPAM store that does not get removed when docker restarts. Also because (historically) when docker restarted, all the containers died and the IP allocations were released by the daemon. Fix this by ensuring that IPAM allocations (which are tied to the life of the pod, *not* the life of the openshift-node process) persist even if the openshift-node process restarts. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1427789
* Merge pull request #3393 from srampal/contivScott Dodson2017-03-011-1/+1
|\ | | | | Pull request for Contiv Ansible code integration into Openshift Ansible
| * Combined (squashed) commit for all changes related to adding Contiv support ↵Sanjeev Rampal2017-02-271-1/+1
| | | | | | | | into Openshift Ansible. This is the first (beta) release of Contiv with Openshift and is only supported for Openshift Origin + Bare metal deployments at the time of this commit. Please refer to the Openshift and Contiv official documentation for details of the level of support for different features and modes of operation.
* | node: use the new oc_atomic_container moduleGiuseppe Scrivano2017-02-283-60/+18
|/ | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #3332 from giuseppe/system-containers-haGiuseppe Scrivano2017-02-153-8/+12
|\ | | | | system containers: add support for HA deployments
| * node, vars/main.yml: define l_is_ha and l_is_same_versionGiuseppe Scrivano2017-02-143-10/+10
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * node: simplify when conditionalsGiuseppe Scrivano2017-02-101-2/+5
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * openvswitch: simplify when conditionalsGiuseppe Scrivano2017-02-101-4/+5
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #3305 from giuseppe/conntrack-toolsScott Dodson2017-02-101-0/+6
|\ \ | |/ |/| node: ensure conntrack-tools is installed
| * node: ensure conntrack-tools is installedGiuseppe Scrivano2017-02-091-0/+6
| | | | | | | | | | | | Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1420182 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | node: refactor Docker container tasks in a blockGiuseppe Scrivano2017-02-101-25/+25
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | system-containers: implement idempotent updateGiuseppe Scrivano2017-02-102-5/+37
| | | | | | | | | | | | | | | | Upstream version has "atomic containers update ..." but the RHEL version is still using "atomic update --container" so stick with this for now. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | atomic-openshift: install as a system containerGiuseppe Scrivano2017-02-104-5/+61
|/ | | | | | | | | | | | | | | Use use_system_containers=true in the inventory file alternatively you can select each component as: use_openvswitch_system_container=true use_node_system_container=true use_master_system_container=true system_images_registry holds the registry from where to fetch system containers. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Comma separate no_proxy host list in openshift_facts so that it appears as a ↵Andrew Butcher2017-01-251-1/+1
| | | | string everywhere it is used.
* Reorder node dnsmasq dependency s.t. networkmanager is restarted after ↵Andrew Butcher2017-01-201-2/+2
| | | | firewall changes have been applied.
* kubelet must have rw to cgroups for pod/qos cgroups to functionDerek Carr2017-01-181-1/+1
|
* Merge pull request #3096 from abutcher/node_portsScott Dodson2017-01-161-1/+10
|\ | | | | Support openshift_node_port_range for configuring service NodePorts
| * Support openshift_node_port_range for configuring service NodePortsClayton Coleman2017-01-101-1/+10
| | | | | | | | | | | | | | | | | | Sets the appropriate config field if openshift_node_port_range is set and also configures filewalls on each node. firewalld already supports port ranges like "30000-32000", while iptables needs that value converted to the correct "30000:32000" form for use with `--dport`. If not set, no node ports are opened.
* | Add a fact to select --evacuate or --drain based on your OCP versionTim Bielawa2017-01-111-0/+2
|/ | | | Closes #3070
* Move role dependencies out of playbooks for openshift_master, openshift_node ↵Andrew Butcher2017-01-091-1/+23
| | | | and openshift_hosted.
* Deprecate node 'evacuation' with 'drain'Tim Bielawa2016-12-161-1/+1
| | | | * https://trello.com/c/TeaEB9fX/307-3-deprecate-node-evacuation
* YAML LintingRussell Teague2016-12-121-12/+13
| | | | | * Added checks to make ci for yaml linting * Modified y(a)ml files to pass lint checks
* Merge pull request #2937 from dgoodwin/upgrade-prepullScott Dodson2016-12-082-14/+14
|\ | | | | Pre-pull master/node/ovs images during upgrade.
| * Pre-pull master/node/ovs images during upgrade.Devan Goodwin2016-12-072-14/+14
| | | | | | | | | | | | | | | | We did this for install but not upgrade, leading to situations where the service restarts after upgrade could take much longer than expected as docker pulls down the new image. Now the images are present when we restart services and should allow them to come back online much more quickly, equivalent to rpm service restarts.
* | Silence warnings when using rpm directlyDag Wieers2016-12-081-0/+2
|/
* Cleanup ovs file and restart docker on every upgrade.Devan Goodwin2016-11-301-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | In 3.3 one of our services lays down a systemd drop-in for configuring Docker networking to use lbr0. In 3.4, this has been changed but the file must be cleaned up manually by us. However, after removing the file docker requires a restart. This had big implications particularly in containerized environments where upgrade is a very fragile series of upgrading and service restarts. To avoid double docker restarts, and thus double service restarts in containerized environments, this change does the following: - Skip restart during docker upgrade, if it is required. We will restart on our own later. - Skip containerized service restarts when we upgrade the services themselves. - Clean shutdown of all containerized services. - Restart Docker. (always, previously this only happened if it needed an upgrade) - Ensure all containerized services are restarted. - Restart rpm node services. (always) - Mark node schedulable again. At the end of this process, docker0 should be back on the system.
* Refactored to use Ansible systemd moduleRussell Teague2016-11-283-35/+46
| | | | | | * Ansible systemd module used in place of service module * Refactored command tasks which are no longer necessary * Applying rules from openshift-ansible Best Practices Guide
* Merge pull request #2818 from mtnbikenc/package-refactorScott Dodson2016-11-215-7/+11
|\ | | | | Refactor to use Ansible package module
| * Refactor to use Ansible package moduleRussell Teague2016-11-175-7/+11
| | | | | | | | | | The Ansible package module will call the correct package manager for the underlying OS.
* | Only run tuned-adm if tuned exists.Dusty Mabe2016-11-211-1/+7
|/ | | | | | Fedora Atomic Host does not have tuned installed. Fixes #2809
* Merge pull request #2636 from enlinxu/masterAndrew Butcher2016-11-161-0/+5
|\ | | | | Support 3rd party scheduler
| * support 3rd party schedulerenlinxu2016-10-201-0/+5
| |
* | Merge pull request #2763 from yfauser/byo_cni_plugin_fixesAndrew Butcher2016-11-161-1/+1
|\ \ | | | | | | [#2698] Change to allow cni deployments without openshift SDN
| * | Change to allow cni deployments without openshift SDNyfauser2016-11-081-1/+1
| | | | | | | | | | | | | | | | | | | | | The roles/openshift_facts main task did not pass the cni plugin variable to the later role playbooks. The master.yaml and node.yaml templates did not allow for a cni configuration without either installing openshift sdn or nuage. This change will allow to use os_sdn_network_plugin_name=cni and set openshift_use_openshift_sdn=false for deployments that use a cni plugin that doesn't need and want openshift sdn to be installed
* | | Revert "Revert openshift.node.nodename changes"Scott Dodson2016-11-081-1/+1
|/ /
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-29 11:57:13 +0000