Commit Graph

526 Commits (370554cad7b1013f0ac2bbc9901ca9f5b7d8f677)

Author SHA1 Message Date
lusyoe 4105238c23 添加Amazon Linux支持 2019-05-12 20:38:42 +08:00
gjmzj 369ab3e991 update traefik v1.7.11 2019-05-04 22:42:46 +08:00
gjmzj 3a97bd3b8d 更新docker国内镜像站点设置 2019-05-02 18:29:38 +08:00
gjmzj f931516d10 update coredns 1.5.0 2019-05-02 12:10:05 +08:00
gjmzj 881a43ab26 优化只读kubectl配置的创建流程 #537 2019-05-01 17:20:20 +08:00
gjmzj a1939079b4 fix: centos7 rsyslog服务启动错误 #538 2019-04-30 16:15:19 +08:00
suxiaolin 3835d32915 remove docker cn registry 2019-04-18 23:04:26 +08:00
waiting 4fe5305aea feat(chrony): 增加授时源
增加一个阿里云,两个腾讯云,一个中国区

BREAKING CHANGE: 修改变量名 ntp_server 为 ntp_servers
2019-04-18 22:56:45 +08:00
gjmzj 2bab10f502 增加每个node节点pod网络掩码长度设置项 2019-04-11 22:03:28 +08:00
gjmzj 0b7c85e72c 增加kubelet资源预留设置 2019-04-10 23:49:49 +08:00
gjmzj 80dff1d7b0 fix kernel>=4.19 加载nf_conntrack问题 2019-04-09 17:39:13 +08:00
gjmzj 9b4ec4b656 easzctl集成basic-auth配置 2019-04-07 20:38:23 +08:00
gjmzj 3c1c348544 更新dashboard关于basic-auth认证的相关 2019-04-04 09:08:27 +08:00
gjmzj 884154bb03 删除cAdvisor 4194端口限制 2019-04-03 23:02:33 +08:00
gjmzj 608c262d6e minor fix:提升系统安装包速度 2019-04-03 15:02:05 +08:00
gjmzj 92ea99e677 调整ca证书有效期等配置 2019-03-30 11:57:52 +08:00
gjmzj eca81279b7 修复docker安装时版本判断条件 2019-03-29 12:50:39 +08:00
gjmzj 047a0488e5 修复centos日志优化配置等 2019-03-28 18:44:10 +08:00
gjmzj ece94ff0b4 优化journald日志服务配置 2019-03-28 12:45:03 +08:00
gjmzj b684e96b6f work around with CVE-2019-3874 2019-03-28 09:44:56 +08:00
gjmzj b88d352ad7 增加kubectl使用可选参数配置kubeconfig 2019-03-28 09:18:00 +08:00
gjmzj 8319b3217b 修复当第一个etcd成员故障时apiserver也故障的bug,详见 kubernetes issue #72102 2019-03-27 21:59:34 +08:00
gjmzj b652d0ad62 update coredns 1.4.0 2019-03-27 20:55:34 +08:00
gjmzj 66f1ba2550 修复apiserver启用basic_auth认证 2019-03-26 15:20:54 +08:00
gjmzj 306fcbe6d1 update calico 3.4.3 2019-03-22 17:13:13 +08:00
gjmzj a076a384ad 修改安装dashboard同时安装heapster 2019-03-22 16:11:41 +08:00
gjmzj ef0ed89c34 修复easzctl setup流程 2019-03-17 19:19:57 +08:00
gjmzj 812d71ca10 minor fix 2019-03-16 17:32:43 +08:00
gjmzj cdddf6e6bb 调整apiserver可选开启基本认证(默认关闭) 2019-03-15 14:17:24 +08:00
gjmzj 78b947f86f 更新dashboard文档 2019-03-15 09:58:45 +08:00
gjmzj 0559c97a11 在role:kube-master中增加basic_auth相关配置 2019-03-14 23:51:04 +08:00
gjmzj 75defebbf5 废弃ansible hosts中basic_auth相关配置 2019-03-14 14:00:28 +08:00
weilinqwe 17dc3c3423 add support for harbor v1.7.x 2019-03-13 20:50:11 +08:00
gjmzj 27094d0a7e 修复cilium安装时判断内核版本逻辑 2019-03-06 22:58:10 +08:00
gjmzj cbb29234ec 修复docker版本判断逻辑 2019-03-06 22:57:22 +08:00
gjmzj ca2e9a2270 修复roles/docker/tasks/main.yml自动merge产生的错误 2019-03-06 19:54:33 +08:00
gjmzj 239041032f 修复项目bin目录下二进制不能执行的错误 2019-03-06 19:51:23 +08:00
gjmzj b464fee837 merge dev branch: kubeasz release 1.0.0rc1 2019-03-05 22:47:06 +08:00
gjmzj 399de72fe4 update cilium v1.4.1 2019-03-03 10:01:22 +08:00
gjmzj bf2c9353b5 废弃ansible hosts变量K8S_VER,改为自动识别 2019-03-01 09:49:24 +08:00
gjmzj 64350c4b5c 优化脚本以兼容docker运行kubeasz 2019-02-28 18:27:57 +08:00
gjmzj 224125c4a0 安装流程修改以适应容器化运行kubeasz 2019-02-28 16:06:26 +08:00
gjmzj 8b8fb54fc0 增加docker安装时创建软链接 2019-02-27 20:41:47 +08:00
gjmzj 8839c671a9 修复docker安装获取版本任务的tags信息 2019-02-26 16:02:21 +08:00
gjmzj 98b39efb3b 修复docker安装获取版本任务的tags信息 2019-02-26 15:06:56 +08:00
gjmzj 5a9af26bf9 更新easzctl 帮助信息和部分文档 2019-02-26 15:04:16 +08:00
gjmzj 4c6ec53cda 增加随机basic auth密码等脚本优化 2019-02-25 23:11:08 +08:00
gjmzj caabb89531 优化添加etcd脚本,并集成到easzctl 2019-02-24 12:56:47 +08:00
gjmzj ae5bd3f985 清除 new-node/new-master 相关配置 2019-02-24 10:22:12 +08:00
gjmzj 3a59e82cec 修复兼容docker 18.09.x 版本安装 2019-02-21 15:13:18 +08:00
gjmzj 7b82688b1f update helm v2.12.3 2019-02-16 09:57:30 +08:00
gjmzj 6d544ccd52 更新支持 calico v3.4.x 2019-02-15 17:10:07 +08:00
gjmzj 2cb94ff8d0 update flannel v0.11.0-amd64 2019-02-15 14:47:43 +08:00
gjmzj d80404b7d9 增加添加etcd节点脚本 2019-02-14 14:13:13 +08:00
PowerDos 4898ae072d fixed: 修复清除iptables规则时,遇到关闭所有进入端口,无法连接节点 2019-02-12 19:59:05 +08:00
gjmzj c54f2293e6 minor changes in lb installing 2019-02-07 15:23:59 +08:00
gjmzj 0e04736f2b 增加可选附加负载均衡节点 2019-02-07 15:10:49 +08:00
gjmzj f28fc48d5e 支持harbor 1.6.3,调整部分安装步骤 2019-02-05 09:46:26 +08:00
gjmzj f19339d7f1 调整prepare tasks,避免把证书和kubeconfig分发到不需要的节点 2019-02-01 13:45:46 +08:00
gjmzj 6ac413e9de Merge branch 'dev' of https://github.com/gjmzj/kubeasz into dev 2019-01-25 21:31:25 +08:00
lusyoe 957fc1f6a5 调整docker远程API默认为关闭 2019-01-25 21:32:34 +08:00
lusyoe 917e9734fc 添加开启docker远程API 2019-01-25 21:32:34 +08:00
sunshanpeng 9fd4c2f330 calico_3.3.2 rbac 新增nodes/status 2019-01-25 21:28:16 +08:00
sunshanpeng 5a1140fc8e calico add metrics ENV 2019-01-25 21:28:16 +08:00
sunshanpeng 0dc014b3ea coredns add metrics port 2019-01-25 21:28:16 +08:00
gjmzj 7ab8fff16c 增加开机启动k8s相关内核模块配置 2019-01-24 11:06:48 +08:00
gjmzj e6b73369d2 为兼容k8s版本 <= 1.11,revert PR #440 2019-01-18 15:15:09 +08:00
Hello-Linux 839a34785e 更新kube-schedule监听参数 2019-01-15 21:22:43 +08:00
gjmzj edd68c7f47 增加 pod-infra-container 可选择配置 2019-01-10 23:51:50 +08:00
Hello-Linux a1be5462ed 更新docker根目录存储命令 2019-01-10 19:24:29 +08:00
rufus123456 f289615c77 添加支持RedHat(only) 2019-01-07 10:21:58 +08:00
gjmzj dcbfafcbd9 更新calico 3.3.2,并保留3.2.4可选 2019-01-02 22:29:02 +08:00
rufus123456 54e9eeb910 fix: 等待ETCD同步完成,再返回成功 2018-12-21 22:39:34 +08:00
gjmzj d6f04a96d2 更新cluster-addon部分可选自动安装nginx-ingress 2018-12-21 22:35:15 +08:00
gjmzj 21e6a48622 fix traefik ingress 安装路径 2018-12-21 18:35:57 +08:00
gjmzj e818b9287a fix 特定环境下lb节点变量LB_IF自动设置错误 2018-12-13 16:43:30 +08:00
gjmzj 30e123cb88 update coredns 1.2.6 2018-12-11 17:27:34 +08:00
lixianyang 0a57c136a7 移除 kube-node csr 请求批准部分 2018-12-07 08:52:14 +08:00
lusyoe c3033dc4de 添加helm tls环境变量 2018-12-06 15:37:39 +08:00
gjmzj 41370a3f2f update traefik 1.7.4 2018-12-06 15:27:42 +08:00
gjmzj 61d8f032c1 更新升级集群相关脚本和文档 2018-12-06 10:04:27 +08:00
gjmzj 68e7cdc959 增加配置ingress nodeport 负载转发的脚本与文档 2018-11-30 23:42:53 +08:00
gjmzj 43de866aa5 更新生成kubeconfig脚本与文档 2018-11-30 15:18:17 +08:00
gjmzj b542542163 增加修改APISERVER证书的脚本与文档 2018-11-28 20:39:51 +08:00
gjmzj d803579000 增加只读权限kubeconfig脚本与文档 2018-11-27 14:21:42 +08:00
gjmzj f716e8a608 取消手动设置LB_IF参数 2018-11-26 21:56:22 +08:00
gjmzj 47a8049457 取消helms别名 2018-11-25 22:16:37 +08:00
gjmzj a71ddd22fb update helm v2.11.0 2018-11-25 17:18:58 +08:00
gjmzj 14ad6f28bf increasing the conntrack table size in sysctl setting 2018-11-21 23:11:55 +08:00
gjmzj 5d068d55af fix NodePorts settings in Calico/node 2018-11-21 23:04:59 +08:00
lusyoe 2efb33a4e0 添加istio sidecar自动注入webhook 2018-11-21 17:23:15 +08:00
gjmzj 839a38f1c2 update calico v3.2.4 2018-11-21 17:20:54 +08:00
gjmzj 313d11111e fix 内核4.19加载nf_conntrack #366 2018-11-10 09:52:57 +08:00
gjmzj b5cd458fde 支持master证书添加公网ip和域名 2018-11-07 10:23:18 +08:00
gjmzj 69001e86ca fix 阿里云nas动态pv脚本 2018-11-06 17:44:17 +08:00
gjmzj 913a71346a use metallb as LoadBalancer Provider 2018-10-28 21:20:26 +08:00
gjmzj 69bad96b17 fix: install kube-proxy in ipvs mode on CentOS 2018-10-16 09:18:32 +08:00
lusyoe bbf4dc8c99 安装chrony之前确保已卸载ntp 2018-10-14 15:44:20 +08:00
gjmzj 2e700c7ee1 update traefik 1.7.2 2018-10-14 12:05:06 +08:00
gjmzj c0b4c8d977 update kube-dns 1.14.13, heapster v1.5.4 2018-10-14 12:02:33 +08:00
gjmzj 68029132d6 fix: 在本地目录检查离线镜像下载情况 2018-10-14 10:17:20 +08:00
gjmzj e6edece5dd update setup docs 2018-10-12 13:30:19 +08:00
klgd 333b56cea1 fix: Ansible 2.7 环境下 提示 “[DEPRECATION WARNING]: Invoking "yum" only once while using a loop via squash_actions is deprecated.” 问题
see https://docs.ansible.com/ansible/devel/porting_guides/porting_guide_2.7.html#using-a-loop-on-a-package-module-via-squash-actions
2018-10-10 09:48:00 +08:00
gjmzj aa869e17ff set kubelet authentication/authorization webhook 2018-10-06 10:21:04 +08:00
gjmzj 64e38717dd update metrics-server v0.3.1 2018-10-05 09:47:03 +08:00
gjmzj 9eeb3dd9d9 update coredns 1.2.2 2018-10-01 17:39:44 +08:00
gjmzj eab1d628e9 translate playbooks comments into english -1 2018-09-29 09:06:19 +08:00
gjmzj c366125a9a fix网络组件偶尔连不上svc kubernetes的错误 2018-09-22 07:22:55 +08:00
gjmzj 51b10038a1 调整网络插件安装中kubectl在deploy节点执行 2018-09-21 17:23:42 +08:00
gjmzj 914b3c6beb 调整安装步骤中kubectl的执行以适合公有云部署2 2018-09-21 15:57:20 +08:00
gjmzj 6249aa2c50 fix 推送ansible执行节点的ssh密钥对至deploy节点,调整设置内核参数 2018-09-20 20:36:45 +08:00
gjmzj df059f91f2 推送ansible执行节点的ssh密钥对至deploy节点 2018-09-18 21:58:56 +08:00
gjmzj 57ace894e1 update ansible-os-hardening 5.0.0 2018-09-17 23:23:56 +08:00
gjmzj 6b21f30ab9 调整安装步骤中kubectl的执行以适合公有云部署 2018-09-15 11:27:33 +08:00
gjmzj 867cc21b63 更新集群升级操作说明及脚本 2018-09-11 23:12:25 +08:00
gjmzj cdf778b6ab 取消 Node节点 Bootstrap机制 2018-09-11 20:46:46 +08:00
gjmzj a580a55d9b update kube-router v0.2.0 2018-09-09 11:04:49 +08:00
gjmzj 713dd815ae fix 多lb备节点时route_id重复问题 2018-09-05 09:24:32 +08:00
gjmzj d0e6131e8b 增加可选配置lb 节点负载转发ingress NodePort的功能 2018-09-04 00:05:38 +08:00
gjmzj 3f85b6d470 fix ulimit settings 2018-09-02 15:07:58 +08:00
gjmzj 9e41498a3a 设置ulimits和拆分prepare任务 2018-09-02 14:08:51 +08:00
lusyoe 2b4d92a07a 添加kubelet根目录 2018-08-31 23:02:31 +08:00
lusyoe 36d1034600 添加docker存储目录 2018-08-31 23:02:31 +08:00
gjmzj 37bcbbf3be fix 99.clean.yml不应该删除harbor相关 2018-08-31 22:58:44 +08:00
gjmzj 520a33dd56 修改默认支持多网卡node节点的flannel和calico插件安装 2018-08-30 22:02:12 +08:00
gjmzj 6c8b3d64f4 fix:当node多网卡时可以设置参数使flannel/calico正常运行 2018-08-30 21:08:56 +08:00
gjmzj a86bd89181 fix 网络插件离线镜像不存在时安装的错误信息 2018-08-30 20:17:05 +08:00
gjmzj 168023572f fix jq安装错误,补充ipset和ipvsadm安装 2018-08-26 18:51:26 +08:00
pennpeng f90cc8a3cb 增加ipvs依赖包和管理包 2018-08-26 11:02:13 +08:00
gjmzj 8892cfc0ca 更新harbor v1.5.2,优化安装流程允许连接已有harbor仓库 2018-08-26 10:58:27 +08:00
gjmzj 0036c62db8 删除ansible hosts中自动生成的etcd 相关变量 2018-08-22 23:07:07 +08:00
gjmzj f0bff405af update cilium docs 2018-08-19 10:19:27 +08:00
gjmzj 67ca82d723 add chrony 2018-08-17 09:18:55 +08:00
gjmzj 91812bba9f fix3 多lb节点配置文件格式错误 Issue #286 2018-08-15 09:36:01 +08:00
gjmzj ced4f34aae fix2 多lb节点配置文件格式错误 Issue #286 2018-08-14 20:01:33 +08:00
gjmzj 0fb1f7ddf3 fix 多lb节点配置文件格式错误 Issue #286 2018-08-14 19:11:04 +08:00
gjmzj e1e4524a97 修复calicoctl配置;修复calico/node 跑在LB 主节点时使用IP地址错误 2018-08-14 17:03:18 +08:00
lusyoe 50862bcaaf 调整storage变量,更新相关文档 (#285)
* 优化storage结构,修复deploy节点分离nas部署失败
2018-08-12 20:02:47 +08:00
gjmzj d1cdcafdd3 优化cluster-addon 安装脚本 2018-08-12 19:27:16 +08:00
gjmzj f2a75c6d39 增加docker 配置文件 2018-08-12 16:47:39 +08:00
gjmzj 4cd887f458 update offline images 0.3 2018-08-12 12:20:02 +08:00
gjmzj e10b9e6020 update kube-router v0.2.0-beta.9 2018-08-12 09:24:22 +08:00
gjmzj 7261653f03 update calico v3.1.3 2018-08-11 15:26:44 +08:00
gjmzj 30b6ebb59f fix 兼容ansible执行节点与deploy节点分离 2018-08-11 09:14:03 +08:00
lusyoe b3a0e1b936 优化storage,抽取tasks 2018-08-07 17:11:33 +08:00
lusyoe 7119c70005 优化storage结构,修复deploy节点分离nas部署失败 2018-08-07 17:11:33 +08:00
lusyoe be08287672 支持deploy与ansible执行节点分离 2018-08-07 17:11:33 +08:00
gjmzj 6686b6cec5 add network plugin: cilium 2018-08-05 16:12:32 +08:00
gjmzj a045dd1d42 Merge branch 'dev' of https://github.com/gjmzj/kubeasz into dev 2018-08-03 14:15:33 +08:00
jmgao 70bcf6ea88
Merge pull request #277 from yuyicai/dev
fix: 解决Ubuntu 18.04无法安装haproxy、keepalived问题
2018-08-03 07:29:57 +08:00
yuyicai befc656f31 fix: 解决Ubuntu 18.04无法安装haproxy、keepalived问题 2018-08-02 17:25:25 +08:00
klgd 54859713ec
fix 解压后的harbor安装文件没有执行权限问题 2018-08-02 14:24:04 +08:00
jmgao 0b77078901
Merge pull request #272 from Hello-Linux/dev
kube-apiserver增加batch/v2alpha1支持
2018-07-29 18:14:39 +08:00
gjmzj 4cf167869c 更新cluster-storage 相关 2018-07-28 11:50:39 +08:00
gjmzj 5976f61497 调整nfs 动态存储相关脚本 2018-07-28 10:21:34 +08:00
Hello-Linux 6a12ba7fcd Merge branch 'dev' of https://github.com/Hello-Linux/kubeasz into dev 2018-07-27 17:31:53 +08:00
Hello-Linux 72c31d8cca kube-apiserver增加batch/v2alpha支持 2018-07-27 17:27:42 +08:00
jmgao d4a130a59a
Merge pull request #267 from lusyoe/dev
重构存储模块,添加阿里云NAS支持
2018-07-26 18:00:45 +08:00
gjmzj c1719b784c 禁止节点使用系统swap 2018-07-26 14:27:26 +08:00
Sun~shell 93e041c825 增加centos7关闭Selinux,Firewalld,swap交换内存 (#270) 2018-07-26 14:10:40 +08:00
lusyoe 3876c904a6 修改storage yml语法问题 2018-07-25 18:41:43 +08:00
lusyoe f239533d1b Merge branch 'storage' into dev 2018-07-25 18:34:51 +08:00
lusyoe 4318da159f Merge branch 'dev' of https://github.com/gjmzj/kubeasz into dev 2018-07-25 18:34:02 +08:00
lusyoe 4750465c81 添加cluster-storage roles 2018-07-25 18:25:38 +08:00
gjmzj 59ff795554 修改.gitignore,方便自定义参数配置 2018-07-23 22:00:06 +08:00
lusyoe 9d303ecfe7 Merge branch 'dev' of https://github.com/gjmzj/kubeasz into dev 2018-07-23 20:50:29 +08:00
gjmzj 4c6c714275 增加集群恢复功能脚本 2018-07-23 16:59:44 +08:00
gjmzj df8faebd86 增加集群备份功能 2018-07-23 16:58:12 +08:00
lusyoe 5a7d610a29 添加阿里云NAS存储支持 2018-07-20 10:55:03 +08:00
lusyoe 2fa3805244 nfs存储重构,调整目录结构 2018-07-20 10:26:27 +08:00
lusyoe 002d57699c 调整附加组件dns目录结构 2018-07-19 23:39:29 +08:00
gjmzj 870d51ec7e 更新haproxy负载均衡算法配置 2018-07-13 14:36:55 +08:00
gjmzj 6afcd95814 fix keepalived使用单播发送vrrp报文,以兼容公有云上自建LB 2018-07-13 11:24:34 +08:00
gjmzj 5f07276ea2 废弃ansible hosts变量SERVICE_PROXY 2018-07-09 18:18:32 +08:00
gjmzj 2a916c0ad1 更新kube-proxy使用ipvs模式 2018-07-09 17:43:12 +08:00
TimeBye 7ff1d71ef3 [IMP]update kube-apiserver-v1.8 apiserver-count (#254) 2018-07-06 08:43:56 +08:00
gjmzj e695c7cbb1 fix: metrics-server允许的client cert问题 2018-07-05 15:46:42 +08:00
changealice 48f473b745 harbor点击tag界面出现\"发生未知错误,请稍后再试" (#250) 2018-07-04 16:15:21 +08:00
yuyicai 3cf84e9d0e fix #242: 添加CA有效期参数,设定CA有效期为15年(131400h) (#245) 2018-07-03 13:20:50 +08:00
gjmzj 4f82c79fa2 fix x509: subject with cn=system:node: is not in the allowed list: [aggregator] 2018-07-02 12:27:19 +08:00
gjmzj 369cc188b0 Merge branch 'dev' 2018-06-29 18:16:08 +08:00
gjmzj ae0f5b242f fix集成离线镜像安装脚本 2018-06-29 15:26:01 +08:00
lusyoe 4c0bd5c50a fix #239 harbor调整安装解压工具, 适配多系统 (#240) 2018-06-28 22:17:16 +08:00
gjmzj 62162c3802 update coredns 1.1.3 2018-06-28 17:38:43 +08:00
gjmzj 7699870ba4 更新集成其他k8s组件的离线安装 2018-06-28 10:52:20 +08:00
gjmzj 837b579c66 集成使用离线docker镜像安装网络插件 2018-06-26 21:06:52 +08:00
gjmzj 266238454a minor 文档更新 2018-06-23 12:42:02 +08:00
gjmzj 211ffb79a5 fix从0.1.0版本升级apiserver服务启动失败问题 2018-06-22 22:48:14 +08:00
gjmzj 465b79ca50 修改部分镜像拉取策略 2018-06-22 18:01:43 +08:00
gjmzj 7d66f66400 新增metrics-server、cluster-addon文档及相关文档更新 2018-06-19 21:45:17 +08:00
gjmzj 6f201476bd 增加等待网络插件正常运行 2018-06-18 00:04:00 +08:00
gjmzj 1b1e3a11fa 更新自动安装cluster-addon 2018-06-17 23:19:04 +08:00
gjmzj d66a5ef5ba fix aggregator proxy client cert issue 2018-06-17 13:07:57 +08:00
gjmzj 1b4864b669 metric server集成配置 2018-06-17 10:46:25 +08:00
gjmzj 2f65a8bba6 minor 脚本和文档更新 2018-06-15 10:52:59 +08:00
gjmzj deb9edeab8 更新kube-router相关文档及清除脚本 2018-06-14 23:34:03 +08:00
gjmzj 1d737f6477 更新kube-router with service-proxy 2018-06-14 21:38:39 +08:00
gjmzj 8d19b7f9d8 更新kube-router without service-proxy 2018-06-14 09:39:47 +08:00
jmgao 3911f1038e 修改manifests兼容k8s v1.8 2018-06-11 10:15:07 +08:00
jmgao e072b5359a 修改apiserver参数兼容安装 v1.8.x 2018-06-10 12:11:33 +08:00
gjmzj af872c8e7b 简化新增节点步骤 2018-06-10 08:32:34 +08:00
jmgao 9f172965ac bugfix:取消lb组变量设置 2018-06-10 00:16:20 +08:00
jmgao 82badc4f2e 取消lb组变量设置 2018-06-09 23:30:24 +08:00
jmgao 931b2cf1b9 用inventory_hostname替换变量NODE_IP 2018-06-09 22:19:20 +08:00
jmgao 2340b9f214 转移calico/flannel的配置到对应的roles目录 2018-06-09 17:57:17 +08:00
gjmzj e45a023985 update kube-dns 1.14.10 2018-06-08 23:29:58 +08:00
lu f45c0b333d harbor添加解压工具 2018-06-08 23:08:35 +08:00
lu 24639cc41c 升级harbor版本到1.5.1,调整安装路径为/data/harbor,修复安装解压问题 2018-06-08 23:08:35 +08:00
jmgao 2fd22815d2 minor:helm脚本更新 2018-05-31 23:12:14 +08:00
lusyoe 7da2a40bd8 helm添加国内repo url 2018-05-31 23:03:37 +08:00
jmgao f3b788a3e9 更新harbor脚本和文档 2018-05-31 23:01:54 +08:00
gjmzj 3295a2218c 更新升级集群文档 2018-05-29 16:11:18 +08:00
gjmzj af31805e07 更改os-harden为手动选择执行 2018-05-29 11:32:53 +08:00
gjmzj 54652adfa2 修改默认gather_facts: smart 2018-05-28 23:25:45 +08:00
gjmzj 29f0c4cd31 修复calico-controller多网卡问题 2018-05-27 11:08:55 +08:00
gjmzj 68ecb6a23d 更新helm默认rbac设置 2018-05-27 11:00:12 +08:00
gjmzj 2c6419a523 fix helm脚本与文档 2018-05-26 17:55:28 +08:00
lusyoe a000f40ea2 添加 helm 命令自动补全 2018-05-25 15:22:09 +08:00
gjmzj a7dd303fd2 增加修改AIO部署的系统IP的脚本和说明 2018-05-24 16:35:21 +08:00
lusyoe e659038ab7 添加CentOS epel仓库 (#200)
谢谢
2018-05-24 00:08:09 +08:00
gjmzj 58f91ed208 增加安全安装helm的ansible role 2018-05-23 13:54:41 +08:00
gjmzj fe1e5a65a5 设置node roles 2018-05-22 15:57:44 +08:00
gjmzj 15bbc26d3f minor fix:等待node节点Ready 2018-05-20 23:18:53 +08:00
gjmzj 1fd8515711 增加master和node服务重启tags 2018-05-20 00:17:59 +08:00
gjmzj 58ccd3bc88 增加[可选]OS安全加固脚本 2018-05-19 22:40:41 +08:00
gjmzj a0d3ac6ec9 增加升级k8s时服务文件的更新 2018-05-17 23:07:01 +08:00
gjmzj 83bdcfd41a 修复kubelet匿名访问漏洞 2018-05-17 22:51:15 +08:00
spirit 6b6de7881e 修复kubelet安全策略 (#192)
https://kubernetes.io/docs/admin/kubelet-authentication-authorization/
By default, requests to the kubelet’s HTTPS endpoint that are not rejected by other configured authentication methods are treated as anonymous requests, and given a username of system:anonymous and a group of system:unauthenticated.

To disable anonymous access and send 401 Unauthorized responses to unauthenticated requests:

start the kubelet with the --anonymous-auth=false flag
2018-05-17 22:31:54 +08:00
AEGQ a03fe10ee2 Update main.yml (#194)
永久关闭 selinux 失败。
2018-05-17 22:29:43 +08:00
gjmzj 45b7fab60e 新增upgrade脚本 2018-05-11 11:07:14 +08:00
jmgao 9a8a729e08 prepare release v1102-r1 2018-05-06 23:10:14 +08:00
gjmzj 2f3f9d023d minor fix 2018-05-06 09:08:09 +08:00
jmgao b7a7eef235 lineinfile替换shell sed 2018-05-04 22:11:08 +08:00
Antergone 193a376635 使用lineinfile替换sed 2018-05-04 15:27:46 +08:00
antergone 88ae1783ba
修复原有PATH被覆盖问题 2018-05-03 01:35:48 +08:00
gjmzj f955c23b2e 测试增加OS安全基线,FROM dev-sec/ansible-os-hardening 2018-05-01 10:16:11 +08:00
gjmzj afd667e2a3 更新pause镜像3.1,kube-dns 1.14.9 2018-04-24 23:06:57 +08:00
gjmzj 19cdcd7625 tiny fix in kube-flannel.yaml.j2 2018-04-19 08:48:44 +08:00
gjmzj f7c32c59f9 删除变量MASTER_PORT定义 2018-04-17 21:14:03 +08:00
gjmzj 44a3bb4072 fix:多网卡安装flannel问题 2018-04-17 21:02:44 +08:00
gjmzj 5fa1f880b0 更新basic-env-setup.sh使用说明 2018-04-16 21:03:52 +08:00
gjmzj 11974a4b14 minor fix 2018-04-10 18:58:10 +08:00
gjmzj 6eb58b175a 修复shell执行systemctl enable xx可能报错退出问题 2018-04-10 18:33:24 +08:00
gjmzj b176a8761d minor fix 2018-04-10 18:06:12 +08:00
gjmzj cfa377db76 预装socat,修改apiserver reconciler使用lease模式 2018-04-08 09:39:59 +08:00
gjmzj 08d2d53925 修改calico日志warning级别,增加ubuntu安装conntrack,dashboard文档修订 2018-04-02 13:52:05 +08:00
gjmzj 1174d40cb8 efk日志持久化之静态PV 2018-04-01 12:50:01 +08:00
gjmzj 1e3a88d494 更新安装coredns的yaml配置和说明 2018-03-29 16:27:26 +08:00
gjmzj 566a374c99 minor changes 2018-03-29 09:24:04 +08:00
gjmzj 99ea4b1144 update k8s 1.9.6 && minor fix 2018-03-28 17:59:26 +08:00