| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This commit adds a new mode to the rancher1_api module, which enables
the rancher local authentication (username/password).
There is an already predefined rancher admin user called 'admin' and
that is the account, which this mode modifies. Due to the complex
API and the fact that rancher 1.6 is soon to be obsoleted, this module
is going the simpler route and it is just editing this default admin
account instead of creating a completely arbitrary username/password
credentials. For that reason is using the 'account_id', which is unique
for all accounts and the default admin account of rancher has '1a1'.
As of now this module cannot handle changed password once the auth. is
enabled.
Change-Id: Iea8923c71bdb82267c966a00d62f0f43eb5adb76
Issue-ID: OOM-1734
Signed-off-by: Petr Ospalý <p.ospaly@partner.samsung.com>
|
|
This rewrite enables to add easier more features supported by the rancher
API. The initial idea of a simple get and set through the JSON REST API
is not feasible. To achieve something with the API one may have to setup
more options on different URLs and in a particular order. For this reason
the module comes with the mechanism of "modes", which is a wrapper around
some feature in the rancher and which can require multiple steps to do.
Rancher1_api module could also support "raw" mode where the user will not
be limited by a few implemented modes in the module, but he can craft all
requests by hand - but due to the fact that such thing can be done easily
with just curl command and ansible shell module, there is no benefit in
doing so. Especially when rancher 1.6 is already obsoleted within the ONAP.
The useful value of this module is to give the user a simple means to set
something in the rancher and hide all the boilerplate from him via a mode.
- Original logic was rewritten to utilize the "mode" mechanism.
- New module structure is also easier to test outside of ansible.
Issue-ID: OOM-1681
Change-Id: I0e7932199df9ec1acd80af545060199867ad17fa
Signed-off-by: Petr Ospalý <p.ospaly@partner.samsung.com>
|
|
- New ansible module to handle rancher API
- Setting up of the cattle db and log related options
to achieve lower space usage.
As of this moment it does what was intended:
- it setups new values for db and log related options
- it can be used for any other setting options
Change-Id: I25048469df0cb035cc6eac39740210cdfa175ada
Issue-ID: OOM-1681
Signed-off-by: Petr Ospalý <p.ospaly@partner.samsung.com>
|
|
|
|
This commit improves the nfs role by
using cluster_ip variable instead of ansible_host for getting
nfs client/server address, and
using /etc/exports.d instead of /etc/exports for
exporting nfs filesystem.
Also, this commit fixes other
issues in molecule found along the way.
Change-Id: Ibd4ea5d4fd937116e2dc9e1b6f85c3e019f62e17
Issue-ID: OOM-1770
Signed-off-by: Michal Zegan <m.zegan@samsung.com>
|
|
Issue-ID: OOM-1775
Change-Id: I6ea11db932cd77e03909e4c72acc4b92a544eb4b
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
Change-Id: I2cfee4ef44b1aa0ddff0b5d93712390988846c90
Issue-ID: OOM-1710
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
|
|
On Centos7.6 /dev/loop* device nodes are
created dynamically upon alocation (by default
there is no /dev/loop<N> device nodes) - this
has effect of failing to allocate those in
Docker container, even when run in privileged
mode.
Change-Id: If2c852de3a74ea7fe1df9f5c863f184b9bc13acb
Issue-ID: OOM-1774
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
|
|
Issue-ID: OOM-1762
Change-Id: Ic13d7ec775a52ad95fc0388e8b84ea8ab7367666
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
Issue-ID: OOM-1759
Change-Id: I9e1ee7f248147b3f7229625c7a20fa84e8e67aac
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
|
|
|
|
|
|
Issue-ID: OOM-1742
Change-Id: I3087952f3d4e5de20af83e714c0d5444999a5ee2
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
Issue-ID: OOM-1757
Change-Id: I48639bd0fb67383a58f736aa1c12c38e3ddc9ab0
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
Issue-ID: OOM-1755
Change-Id: Iac20072200f24a3102c9ed2edf5c5aa8054dd9c2
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
Initial molecule tests. Tests now ssh transfer but
test files fully supports also testing nfs transfer.
Creating nfs transfer as separate scenario later when
find out better ways to share common code.
Issue-ID: OOM-1754
Change-Id: Ia728ecfed4378c01f7e305d5a4446b0172fe42d9
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
Sanitizing image name for Molecule testing with
new updated naming pattern.
Change-Id: I1565242f0ddd88b0df758ebb3519f2e059f22c02
Issue-ID: OOM-1774
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
|
|
Changing the way of version control for rancher in accordance with
patchset #83634
Issue-ID: OOM-1767
Change-Id: I67f08dcf47f469c35da9a62ff435e187fae07724
Signed-off-by: Tomáš Levora <t.levora@partner.samsung.com>
|
|
1. latest tag replaced by version number for vnc server
2. added specific version for own_nginx image
3. version control improved in ansible roles accordingly
Solves OOM-1766
Issue-ID: OOM-1767
Change-Id: I147c56b46a419188099d8ed3e78fed68810893e2
Signed-off-by: Tomáš Levora <t.levora@partner.samsung.com>
|
|
* changes:
Molecule test for nfs role
Fix nfs role issues based on molecule testing
|
|
|
|
A patch for failing fast if configured offline
application repository is not working properly.
Just adding repo to repolist doesn't guarantee
it's really operational.
Change-Id: I65372b9b1ea5f5dcb797548b14e3ae1295668592
Issue-ID: OOM-1689
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
|
|
|
|
|
|
|
|
This change introduces functionality to synchronize
infra/kube nodes' clock with external NTP authority.
Configuring external time source is optional, however
default behaviour will be to setup NTP time source on
infra-node and sync kube-nodes clock with it.
It's also possible to setup custom time zone.
Change-Id: I725ce9a306da1977628b6c03d5ff10fca77fb3b0
Issue-ID: OOM-1710
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
|
|
|
|
Issue-ID: OOM-1756
Change-Id: I2e1aef3296689c284a4b530e6a2022302c7b86f7
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
Based on Molecule testing fix following issues on
nfs role.
- enable nfs services (previously only started)
- create handler for exportfs to deal idempotency
- add all kubernetes nodes to exports as it was dependent on ansible inventory order wheather correct hosts was on the list
- add inventory_hostname as default host incase ansible_host variable not defined.
Issue-ID: OOM-1756
Change-Id: Ib93e9d2a9cf49003d04dd5f890294eda1eb966ff
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
|
|
This change allows passing any values that will then
be stored to override.yaml.
These values are passed from the "overrides" key, that
may be set either as an extra variable or in inventory/group_vars.
The root certificate is merged with the overrides dictionary before
saving the file.
Change-Id: I772c342b3c9eafe1849d1678b810319afaaf75bf
Issue-ID: OOM-1752
Signed-off-by: Michal Zegan <m.zegan@samsung.com>
|
|
Remove different phases for application role as
those are supposed to run after each other anyway
from playbook and pre/post steps can be disabled
by other means.
Enable Helm override file generation customization by
delegating it to separate role.
Separate Helm file transfer to own module.
NOTE: install.yml with all Helm commands (shell/command)
is not idempotent and should be fixed with separate
commit.
Issue-ID: OOM-1655
Change-Id: Ib29773c4d64a0529c71c3f93c2af7265ae94059f
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
|
|
Issue-ID: OOM-1737
Change-Id: I240415793ea2a078ab6c6d9c0727852dc2d9ada3
Signed-off-by: Milan Verespej <m.verespej@partner.samsung.com>
|
|
This issue addresses the following
error when starting nginx container:
nginx: [emerg] could not build the \
server_names_hash, you should increase \
server_names_hash_bucket_size: 64
Change-Id: I369075edd16801aca6b09c6727370060225c428c
Issue-ID: OOM-1765
Signed-off-by: eronkeo <ronan.keogh@est.tech>
|
|
There is a bug in docker which leads to not properly
shutdown service preventing subsequent startup.
https://github.com/moby/moby/issues/30348
This commit is preventing this problem to appear.
Change-Id: I29505610bd9954af01d73264e5414fdb2b9ac99d
Issue-ID: OOM-1735
Signed-off-by: Michal Ptacek <m.ptacek@partner.samsung.com>
|
|
User typo on resource package filename or dir does not cause install to fail
but just skips that resource package.
Change resource paths handling to skip resource only if
variable is not defined or empty, but if a value is given
resource must exist or transfer fails otherwise.
Issue-ID: OOM-1736
Change-Id: I765c5dc8eb5e58875f032e056f9a8360aee702c0
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
Our custom ansible module requires python-jsonpointer module
to deal with jsons.
Change-Id: Idd7bfcf8fcf75e4397fba51d8219b73c57df5f0e
Issue-ID: OOM-1758
Signed-off-by: Petr Ospalý <p.ospaly@partner.samsung.com>
|
|
Scope of this commit is to fix warnings reported by
offline-installer-master-yaml-lint jenkins job
Change-Id: Id858a37ce35d53ad1ffd5e5797607faae484ed15
Issue-ID: OOM-1753
Signed-off-by: Michal Ptacek <m.ptacek@partner.samsung.com>
|
|
Based on Molecule testing, fix idempotence.
Issue-ID: OOM-1757
Change-Id: Ie2c4cdcf65aeac664d4b76daa7e979f4f23b6bdf
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
Move kubectl related functionality from rancher role to kubectl role
and change order of execution in playbook to satisfy kubectl role
dependency to rancher role regarding server value inserted into
kubeconfig file.
Introduced defaults and moved technical variables from group_vars
into role defaults.
Issue-ID: OOM-1730
Change-Id: I6339664ba52928566487edcdca8a3b42db86eeed
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
Move functionality from playbook to rancher role.
Introduce defaults for holding default values in rancher role.
Other small changes noticed while testing rancher role with molecule.
Issue-ID: OOM-1729
Change-Id: I83befa9f0964c67e209d3def76bafd2a61c1ef33
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
|
|
- Default configuration of logging for docker daemon.
- New ansible module for generic handling of JSON files.
- New setting in ansible.cfg: jinja2_native = True
To preserve double-quotes in json values (OOM-1698).
Issue-ID: OOM-1681
Change-Id: I8f8e19ebc290fd48a63146e96f418b98344e4433
Signed-off-by: Petr Ospalý <p.ospaly@partner.samsung.com>
|
|
With newer Ansible we are now able to sign nexus certificate
with own CA using openssl_certificate module.
Issue-ID: OOM-1700
Change-Id: Idc54955160caef4a57bd50fc86678923511b5bce
Signed-off-by: Milan Verespej <m.verespej@partner.samsung.com>
|
|
Move certs source path to defaults and make other small re-factoring.
Issue-ID: OOM-1694
Change-Id: Ie0a4b543b40314dc5a7772dd4667b1ad218d3543
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
To speed up resource packages existency check, ignore
checsum.
This change was accidentally left out from previous commit
as merging was not communicated.
Issue-ID: OOM-1654
Change-Id: I567eaba49e6a5244d51187d42af719bf360b41f0
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
Issue-ID: OOM-1596
Change-Id: I091cd558f7574f49dddf4380df24e11141a4b78d
Signed-off-by: Milan Verespej <m.verespej@partner.samsung.com>
|
|
Whole functionality of resource files upload is
implemented in resource-data role instead of
playbook level tasks.
This will make roles easier to test
and make it easier to implement other OS support later.
Issue-ID: OOM-1654
Change-Id: I3d3da9381b0e804f511ee854c41554b924d18883
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
Petr Ospalý
Samuli Silvius
Michal Zegan
Bartek Grzybowski
Michal Ptacek
Tomáš Levora
Milan Verespej
eronkeo