Merge branch 'master' into loadbalanced-2

inventory/byo/hosts.example

@@ -166,7 +166,7 @@ ose3-lb-ansible.test.example.com
 
 # NOTE: Currently we require that masters be part of the SDN which requires that they also be nodes
 # However, in order to ensure that your masters are not burdened with running pods you should
-# make them unschedulable by adding openshift_scheduleable=False any node that's also a master.
+# make them unschedulable by adding openshift_schedulable=False any node that's also a master.
 [nodes]
 ose3-master[1:3]-ansible.test.example.com
 ose3-node[1:2]-ansible.test.example.com openshift_node_labels="{'region': 'primary', 'zone': 'default'}"

playbooks/adhoc/uninstall.yml

@@ -181,5 +181,8 @@
     - name: Reload systemd manager configuration
       command: systemctl daemon-reload
 
+- hosts: nodes
+  sudo: yes
+  tasks:
     - name: restart docker
       service: name=docker state=restarted

playbooks/common/openshift-cluster/upgrades/files/versions.sh

@@ -2,9 +2,9 @@
 
 yum_installed=$(yum list installed "$@" 2>&1 | tail -n +2 | grep -v 'Installed Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'Error:' | awk '{ print $2 }' | tr '\n' ' ')
 
-yum_available=$(yum list available "$@" 2>&1 | tail -n +2 | grep -v 'Available Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'el7ose' | grep -v 'Error:' | awk '{ print $2 }' | tr '\n' ' ')
+yum_available=$(yum list available -q "$@" 2>&1 | tail -n +2 | grep -v 'Available Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'el7ose' | grep -v 'Error:' | awk '{ print $2 }' | tr '\n' ' ')
 
 
 echo "---"
-echo "curr_version: ${yum_installed}" 
+echo "curr_version: ${yum_installed}"
 echo "avail_version: ${yum_available}"

playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml

@@ -517,24 +517,28 @@
     - _default_router.rc == 0
     - "'false' in _scc.stdout"
     command: >
-      {{ oc_cmd }} patch scc/privileged -p '{"allowHostPorts":true,"allowHostNetwork":true}' --loglevel=9
+      {{ oc_cmd }} patch scc/privileged -p
+      '{"allowHostPorts":true,"allowHostNetwork":true}' --api-version=v1
 
   - name: Update deployment config to 1.0.4/3.0.1 spec
     when: _default_router.rc == 0
     command: >
       {{ oc_cmd }} patch dc/router -p
       '{"spec":{"strategy":{"rollingParams":{"updatePercent":-10},"spec":{"serviceAccount":"router","serviceAccountName":"router"}}}}'
+      --api-version=v1
 
   - name: Switch to hostNetwork=true
     when: _default_router.rc == 0
     command: >
       {{ oc_cmd }} patch dc/router -p '{"spec":{"template":{"spec":{"hostNetwork":true}}}}'
+      --api-version=v1
 
   - name: Update router image to current version
     when: _default_router.rc == 0
     command: >
       {{ oc_cmd }} patch dc/router -p
       '{"spec":{"template":{"spec":{"containers":[{"name":"router","image":"{{ router_image }}"}]}}}}'
+      --api-version=v1
 
   - name: Check for default registry
     command: >
@@ -548,3 +552,4 @@
     command: >
       {{ oc_cmd }} patch dc/docker-registry -p
       '{"spec":{"template":{"spec":{"containers":[{"name":"registry","image":"{{ registry_image }}"}]}}}}'
+      --api-version=v1

playbooks/common/openshift-master/config.yml

@@ -244,6 +244,8 @@
   - fail:
       msg: "openshift_master_session_auth_secrets and openshift_master_encryption_secrets must be equal length"
     when: (openshift_master_session_auth_secrets is defined and openshift_master_session_encryption_secrets is defined) and (openshift_master_session_auth_secrets | length != openshift_master_session_encryption_secrets | length)
+  - name: Install OpenSSL package
+    action: "{{ansible_pkg_mgr}} pkg=openssl state=present"
   - name: Generate session authentication key
     command: /usr/bin/openssl rand -base64 24
     register: session_auth_output
@@ -351,11 +353,16 @@
   - role: openshift_cluster_metrics
     when: openshift.common.use_cluster_metrics | bool
 
+  # TODO: Setting the cluster dns ip should be pushed into openshift-facts
 - name: Determine cluster dns ip
   hosts: oo_first_master
   tasks:
   - name: Get master service ip
-    command: "{{ openshift.common.client_binary }} get -o template svc kubernetes --template=\\{\\{.spec.clusterIP\\}\\}"
+    command: >
+      {{ openshift.common.client_binary }} -n default
+      --config={{ openshift.common.config_base }}/master/admin.kubeconfig
+      get -o template svc kubernetes --template=\\{\\{.spec.clusterIP\\}\\}
+      --output-version=v1
     register: master_service_ip_output
     when: openshift.common.version_greater_than_3_1_or_1_1 | bool
   - set_fact:

roles/openshift_cluster_metrics/tasks/main.yml

@@ -7,7 +7,7 @@
 
 - name: Create InfluxDB Services
   command: >
-    {{ openshift.common.client_binary }} create -f 
+    {{ openshift.common.client_binary }} create -f
     /etc/openshift/cluster-metrics/influxdb.yaml
   register: oex_influxdb_services
   failed_when: "'already exists' not in oex_influxdb_services.stderr and oex_influxdb_services.rc != 0"
@@ -15,14 +15,14 @@
 
 - name: Create Heapster Service Account
   command: >
-    {{ openshift.common.client_binary }} create -f 
+    {{ openshift.common.client_binary }} create -f
     /etc/openshift/cluster-metrics/heapster-serviceaccount.yaml
   register: oex_heapster_serviceaccount
   failed_when: "'already exists' not in oex_heapster_serviceaccount.stderr and oex_heapster_serviceaccount.rc != 0"
   changed_when: false
 
 - name: Add cluster-reader role to Heapster
-  command: > 
+  command: >
     {{ openshift.common.admin_binary }} policy
     add-cluster-role-to-user
     cluster-reader

roles/openshift_examples/files/examples/v1.0/infrastructure-templates/enterprise/metrics-deployer.yaml

@@ -81,11 +81,11 @@ parameters:
 -
   description: 'Specify prefix for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set prefix "openshift/origin-"'
   name: IMAGE_PREFIX
-  value: "hawkular/"
+  value: "registry.access.redhat.com/openshift3/"
 -
   description: 'Specify version for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set version "v1.1"'
   name: IMAGE_VERSION
-  value: "0.7.0-SNAPSHOT"
+  value: "3.1.0"
 -
   description: "Internal URL for the master, for authentication retrieval"
   name: MASTER_URL

roles/openshift_examples/files/examples/v1.0/infrastructure-templates/origin/metrics-deployer.yaml

@@ -81,11 +81,11 @@ parameters:
 -
   description: 'Specify prefix for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set prefix "openshift/origin-"'
   name: IMAGE_PREFIX
-  value: "hawkular/"
+  value: "docker.io/openshift/origin-"
 -
   description: 'Specify version for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set version "v1.1"'
   name: IMAGE_VERSION
-  value: "0.7.0-SNAPSHOT"
+  value: "latest"
 -
   description: "Internal URL for the master, for authentication retrieval"
   name: MASTER_URL

roles/openshift_examples/files/examples/v1.1/infrastructure-templates/enterprise/metrics-deployer.yaml

@@ -81,11 +81,11 @@ parameters:
 -
   description: 'Specify prefix for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set prefix "openshift/origin-"'
   name: IMAGE_PREFIX
-  value: "hawkular/"
+  value: "registry.access.redhat.com/openshift3/"
 -
   description: 'Specify version for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set version "v1.1"'
   name: IMAGE_VERSION
-  value: "0.7.0-SNAPSHOT"
+  value: "3.1.0"
 -
   description: "Internal URL for the master, for authentication retrieval"
   name: MASTER_URL

roles/openshift_examples/files/examples/v1.1/infrastructure-templates/origin/metrics-deployer.yaml

@@ -81,11 +81,11 @@ parameters:
 -
   description: 'Specify prefix for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set prefix "openshift/origin-"'
   name: IMAGE_PREFIX
-  value: "hawkular/"
+  value: "docker.io/openshift/origin-"
 -
   description: 'Specify version for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set version "v1.1"'
   name: IMAGE_VERSION
-  value: "0.7.0-SNAPSHOT"
+  value: "latest"
 -
   description: "Internal URL for the master, for authentication retrieval"
   name: MASTER_URL

roles/openshift_node/tasks/storage_plugins/glusterfs.yml

@@ -14,4 +14,4 @@
   - virt_use_fusefs
   - virt_sandbox_use_fusefs
   register: sebool_result
-  failed_when: "'state' not in sebool_result and 'msg' in sebool_result and 'SELinux boolean item does not exist' not in sebool_result.msg"
+  failed_when: "'state' not in sebool_result and 'msg' in sebool_result and 'SELinux boolean {{ item }} does not exist' not in sebool_result.msg"

roles/openshift_repos/handlers/main.yml

@@ -0,0 +1,3 @@
+---
+- name: refresh package cache
+  command: yum clean all

roles/openshift_repos/tasks/main.yaml

@@ -20,12 +20,14 @@
     src: yum_repo.j2
     dest: /etc/yum.repos.d/openshift_additional.repo
   when: openshift_additional_repos | length > 0
+  notify: refresh package cache
 
 - name: Remove the additional repos if no longer defined
   file:
     dest: /etc/yum.repos.d/openshift_additional.repo
     state: absent
   when: openshift_additional_repos | length == 0
+  notify: refresh package cache
 
 - name: Remove any yum repo files for other deployment types
   file:
@@ -34,13 +36,16 @@
   with_fileglob:
   - '*/repos/*'
   when: not (item | search("/files/" ~ openshift_deployment_type ~ "/repos"))
+  notify: refresh package cache
 
 - name: Configure gpg keys if needed
   copy: src={{ item }} dest=/etc/pki/rpm-gpg/
   with_fileglob:
   - "{{ openshift_deployment_type }}/gpg_keys/*"
+  notify: refresh package cache
 
 - name: Configure yum repositories
   copy: src={{ item }} dest=/etc/yum.repos.d/
   with_fileglob:
   - "{{ openshift_deployment_type }}/repos/*"
+  notify: refresh package cache

roles/openshift_serviceaccounts/tasks/main.yml

@@ -13,7 +13,9 @@
   changed_when: "'serviceaccounts \"{{ item }}\" already exists' not in _sa_result.stderr and _sa_result.rc == 0"
 
 - name: Get current security context constraints
-  shell: "{{ openshift.common.client_binary }} get scc privileged -o yaml > /tmp/scc.yaml"
+  shell: >
+    {{ openshift.common.client_binary }} get scc privileged -o yaml
+    --output-version=v1 > /tmp/scc.yaml
 
 - name: Add security context constraint for {{ item }}
   lineinfile:
@@ -23,4 +25,4 @@
   with_items: accounts
 
 - name: Apply new scc rules for service accounts
-  command: "{{ openshift.common.client_binary }} update -f /tmp/scc.yaml"
+  command: "{{ openshift.common.client_binary }} update -f /tmp/scc.yaml --api-version=v1"

utils/src/ooinstall/cli_installer.py

@@ -101,7 +101,7 @@ separate etcd cluster will be configured with each Master serving as a member.
 
 Any Masters configured as part of this installation process will also be
 configured as Nodes.  This is so that the Master will be able to proxy to Pods
-from the API.  By default this Node will be unscheduleable but this can be changed
+from the API.  By default this Node will be unschedulable but this can be changed
 after installation with 'oadm manage-node'.
 
 OpenShift Nodes provide the runtime environments for containers.  They will
@@ -347,7 +347,7 @@ https://docs.openshift.org/latest/install_config/install/advanced_install.html#m
     if len(dedicated_nodes) == 0:
         message = """
 WARNING: No dedicated Nodes specified. By default, colocated Masters have
-their Nodes set to unscheduleable.  If you proceed all nodes will be labelled
+their Nodes set to unschedulable.  If you proceed all nodes will be labelled
 as schedulable.
 """
         if unattended:

utils/src/ooinstall/openshift_ansible.py

@@ -67,10 +67,10 @@ def generate_inventory(hosts):
         for node in nodes:
             # TODO: Until the Master can run the SDN itself we have to configure the Masters
             # as Nodes too.
-            scheduleable = None
+            schedulable = None
             if node in masters:
-                scheduleable = False
-            write_host(node, base_inventory, scheduleable)
+                schedulable = False
+            write_host(node, base_inventory, schedulable)
 
     if not getattr(proxy, 'preconfigured', True):
         base_inventory.write('\n[lb]\n')
@@ -112,7 +112,7 @@ def write_inventory_vars(base_inventory, multiple_masters, proxy):
         base_inventory.write("openshift_master_cluster_public_hostname={}\n".format(proxy.public_hostname))
 
 
-def write_host(host, inventory, scheduleable=None):
+def write_host(host, inventory, schedulable=None):
     global CFG
 
     facts = ''
@@ -129,11 +129,11 @@ def write_host(host, inventory, scheduleable=None):
 
     # Distinguish between three states, no schedulability specified (use default),
     # explicitly set to True, or explicitly set to False:
-    if scheduleable is None:
+    if schedulable is None:
         pass
-    elif scheduleable:
+    elif schedulable:
         facts += ' openshift_schedulable=True'
-    elif not scheduleable:
+    elif not schedulable:
         facts += ' openshift_schedulable=False'
 
     installer_host = socket.gethostname()

utils/test/cli_installer_tests.py

@@ -721,7 +721,7 @@ class AttendedCliTests(OOCliFixture):
                                       add_nodes=[('10.0.0.2', False)],
                                       ssh_user='root',
                                       variant_num=1,
-                                      scheduleable_masters_ok=True,
+                                      schedulable_masters_ok=True,
                                       confirm_facts='y')
 
         self._verify_get_hosts_to_run_on(mock_facts, load_facts_mock,