easzlab
/
kubeasz
mirror of https://github.com/easzlab/kubeasz.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,215 Commits
10 Branches
65 Tags
7.9 MiB
Commit Graph

139 Commits (2777e9404375c710a8f304c4e28057d6c914fb15)

Author SHA1 Message Date
gjmzj 77578bb215 跟进 #688 把PROXY_MODE变量定义转移到ansible hosts 2019-09-08 17:55:32 +08:00
gjmzj bc16122de6 fix:增加kube-proxy参数--cluster-cidr #663 2019-08-25 23:19:30 +08:00
TimeBye 3986cba11e [IMP]add ipaddr('net') filter 2019-08-08 00:03:50 +08:00
TimeBye f9ab7c6e51 [IMP]使用netaddr模块进行ip地址计算 2019-08-08 00:03:50 +08:00
gjmzj 4f958b119c 设置kube-proxy默认使用ipvs模式 2019-07-21 23:22:31 +08:00
gjmzj b4c2cae2d6 fix issue #631 2019-07-19 13:47:10 +08:00
gjmzj d4948172c5 支持离线安装debian10 2019-07-18 15:15:57 +08:00
gjmzj f87eac6177 fix:ubuntu1804安装集群kubedns/coredns转发到node节点/etc/resolv.conf问题 2019-07-18 10:33:19 +08:00
gjmzj 84c2146c72 fix:/sys/fs/cgroup只读挂载时部分os启用kube-reserved出错 2019-07-16 23:58:50 +08:00
gjmzj 5ec23d69c0 支持debian9离线安装基础软件 2019-07-16 23:26:29 +08:00
gjmzj 7317a080d7 kubelet分离配置文件至/var/lib/kubelet/config.yaml 2019-07-13 11:01:08 +08:00
gjmzj 0ca5f7fdd9 调整apiserver部分参数 2019-07-06 22:06:11 +08:00
gjmzj 2d182a4f32 fix 升级集群时服务配置文件可能需要修改 2019-07-04 14:25:32 +08:00
gjmzj 46973fb421 调整默认使用yum/apt源安装系统软件等 2019-07-03 22:39:23 +08:00
gjmzj b4874448be 增加支持离线安装ubuntu1804基础软件 2019-07-02 21:01:32 +08:00
gjmzj 86acf0b1c4 easzup: 增加自动下载系统软件包 2019-07-02 09:58:07 +08:00
gjmzj ccb5686e82 fix: kubelet 1.15 删除参数--allow-privileged 2019-06-30 21:23:38 +08:00
gjmzj 06c811203d fix 离线安装基础软件包 2019-06-29 18:10:51 +08:00
gjmzj 657d2c12d8 增加支持离线安装ex-lb 2019-06-28 21:16:13 +08:00
gjmzj b4df5ff604 增加支持离线安装haproxy 2019-06-28 19:36:53 +08:00
gjmzj b925682d25 调整kubelet默认禁用system-reserved 2019-06-25 22:55:29 +08:00
gjmzj d4d98ee8ba Add system-reserved in kubelet 2019-06-12 21:31:06 +08:00
gjmzj 80217dc1cd docs: update setup guide 2019-06-09 10:58:01 +08:00
gjmzj 2ef0e9f86c fix 删除master/node流程 2019-06-04 13:06:11 +08:00
gjmzj 6e6792bbd4 调整addetcd/addnode/addmaster脚本 2019-06-01 09:24:43 +08:00
gjmzj 70c1f8b172 调整ex-lb的流程 2019-05-30 21:37:01 +08:00
gjmzj 8cf349b271 精简example hosts配置文件及配置项 2019-05-29 22:49:04 +08:00
gjmzj d17d938dfc 调整network/cluster-addon安装流程 2019-05-29 20:45:25 +08:00
gjmzj 78cc26db8c 重构kube-master/kube-node流程 2019-05-28 23:46:22 +08:00
gjmzj b4e373b01e 增加kubelet可选是否开启kube-reserved资源预留,默认开启 2019-05-22 00:06:21 +08:00
gjmzj 5712d6626b integrate kubelet with containerd 2019-05-18 16:48:58 +08:00
gjmzj 0b7c85e72c 增加kubelet资源预留设置 2019-04-10 23:49:49 +08:00
gjmzj 884154bb03 删除cAdvisor 4194端口限制 2019-04-03 23:02:33 +08:00
gjmzj 92ea99e677 调整ca证书有效期等配置 2019-03-30 11:57:52 +08:00
gjmzj ef0ed89c34 修复easzctl setup流程 2019-03-17 19:19:57 +08:00
gjmzj 812d71ca10 minor fix 2019-03-16 17:32:43 +08:00
gjmzj f19339d7f1 调整prepare tasks,避免把证书和kubeconfig分发到不需要的节点 2019-02-01 13:45:46 +08:00
gjmzj edd68c7f47 增加 pod-infra-container 可选择配置 2019-01-10 23:51:50 +08:00
lixianyang 0a57c136a7 移除 kube-node csr 请求批准部分 2018-12-07 08:52:14 +08:00
gjmzj aa869e17ff set kubelet authentication/authorization webhook 2018-10-06 10:21:04 +08:00
gjmzj 6b21f30ab9 调整安装步骤中kubectl的执行以适合公有云部署 2018-09-15 11:27:33 +08:00
gjmzj cdf778b6ab 取消 Node节点 Bootstrap机制 2018-09-11 20:46:46 +08:00
lusyoe 2b4d92a07a 添加kubelet根目录 2018-08-31 23:02:31 +08:00
gjmzj 30b6ebb59f fix 兼容ansible执行节点与deploy节点分离 2018-08-11 09:14:03 +08:00
lusyoe be08287672 支持deploy与ansible执行节点分离 2018-08-07 17:11:33 +08:00
gjmzj 5f07276ea2 废弃ansible hosts变量SERVICE_PROXY 2018-07-09 18:18:32 +08:00
gjmzj 2a916c0ad1 更新kube-proxy使用ipvs模式 2018-07-09 17:43:12 +08:00
gjmzj 6f201476bd 增加等待网络插件正常运行 2018-06-18 00:04:00 +08:00
gjmzj 2f65a8bba6 minor 脚本和文档更新 2018-06-15 10:52:59 +08:00
jmgao 931b2cf1b9 用inventory_hostname替换变量NODE_IP 2018-06-09 22:19:20 +08:00
gjmzj fe1e5a65a5 设置node roles 2018-05-22 15:57:44 +08:00
gjmzj 15bbc26d3f minor fix:等待node节点Ready 2018-05-20 23:18:53 +08:00
gjmzj 1fd8515711 增加master和node服务重启tags 2018-05-20 00:17:59 +08:00
gjmzj 58ccd3bc88 增加[可选]OS安全加固脚本 2018-05-19 22:40:41 +08:00
gjmzj a0d3ac6ec9 增加升级k8s时服务文件的更新 2018-05-17 23:07:01 +08:00
gjmzj 83bdcfd41a 修复kubelet匿名访问漏洞 2018-05-17 22:51:15 +08:00
spirit 6b6de7881e 修复kubelet安全策略 (#192) 
https://kubernetes.io/docs/admin/kubelet-authentication-authorization/
By default, requests to the kubelet’s HTTPS endpoint that are not rejected by other configured authentication methods are treated as anonymous requests, and given a username of system:anonymous and a group of system:unauthenticated.

To disable anonymous access and send 401 Unauthorized responses to unauthenticated requests:

start the kubelet with the --anonymous-auth=false flag
 2018-05-17 22:31:54 +08:00
gjmzj 45b7fab60e 新增upgrade脚本 2018-05-11 11:07:14 +08:00
gjmzj afd667e2a3 更新pause镜像3.1,kube-dns 1.14.9 2018-04-24 23:06:57 +08:00
gjmzj 11974a4b14 minor fix 2018-04-10 18:58:10 +08:00
gjmzj 6eb58b175a 修复shell执行systemctl enable xx可能报错退出问题 2018-04-10 18:33:24 +08:00
gjmzj b176a8761d minor fix 2018-04-10 18:06:12 +08:00
gjmzj 99ea4b1144 update k8s 1.9.6 && minor fix 2018-03-28 17:59:26 +08:00
gjmzj 84b46057a7 更新等待node状态Ready脚本 2018-03-25 18:28:49 +08:00
gjmzj 825a241ed3 修改判断证书是否存在的方式 2018-03-24 09:25:20 +08:00
gjmzj b33ab0eea2 优化等待kubelet启动bootstrap机制 2018-03-22 22:41:43 +08:00
gjmzj b51f722202 优化安装流程,修复多主模式dashboard访问bug 2018-03-16 18:23:34 +08:00
panhongyin 182b082518 1: 删除NODE_ID主机变量,改成使用ansible的run_once运行单节点任务 
2:在keepalived模板中添加24位子网掩码
3:添加等待master节点服务启动完成检测任务
4:添加kubectl create之前的检测任务,避免重复操作时报错
 2018-03-14 16:53:21 +08:00
jmgao dfbfaadaa2 minor changes 2018-02-25 12:30:15 +08:00
gjmzj cf7917aa1c
Revert "在k8s中,配置GPU节点" 2018-01-25 19:16:33 +08:00
unknown e7c530db59 add gpu node config 2018-01-22 10:02:13 +08:00
jmgao d7c6b8a89e 更新安装步骤文档 2018-01-05 23:05:22 +08:00
jmgao 31dff09bf5 DaemonSet Flannel 网络插件 2018-01-04 22:50:09 +08:00
jmgao 4c1f7bceed 增加flannel网络支持 2018-01-02 22:12:51 +08:00
gjmzj 331bf56cb6 更新清理网络脚本 2017-12-31 10:25:56 +08:00
gjmzj 3e5b7f4a63 init flannel 2017-12-30 20:19:50 +08:00
DiamondYuan d70a958616 pause镜像地址 可配置 2017-12-19 17:46:34 +08:00
jmgao 6134c1ae2d 更新K8S v1.9.0 2017-12-19 10:27:49 +08:00
jmgao c1b5ac40a8 fix: kubelet启动选取cloud-provider问题 2017-12-12 17:01:11 +08:00
jmgao ec4a07f8ba bugfix: NetworkPolicy 跨节点失效问题 2017-12-06 11:14:22 +08:00
jmgao 9048ef00ba 设置kube-proxy参数--masquerade-all=false 2017-12-05 21:31:28 +08:00
jmgao 429bed5ce9 修改calico与访问etcd的证书 2017-12-04 20:20:17 +08:00
jmgao e8291088ed 增加等待kube-apiserver/kubelet启动延迟 2017-11-26 12:36:58 +08:00
jmgao 5f65b4c7f5 approve csr之前增加15s等待kubelet启动完成 2017-11-21 20:39:11 +08:00
jmgao 22d95cd779 修正一些 kubelet/apiserver启动参数 2017-11-21 11:27:06 +08:00
jmgao 0685f87fc1 fix bug in 95.clean.yml: cannot remove‘/var/run/docker/netns/default’: Device or resource busy 2017-11-12 16:17:50 +08:00
jmgao 253f109e47 更新90.setup.yml 95.clean.yml 2017-11-12 14:54:20 +08:00
jmgao 1907318028 add calico-kube-controllers 2017-11-12 09:16:20 +08:00
jmgao 3367d512ad k8s-calico initial commit 2017-11-11 19:14:21 +08:00