Commit Graph

458 Commits (4a3637c4d2fd6cd0278744ee8f85b124ab6324c0)
 

Author SHA1 Message Date
lusyoe e659038ab7 添加CentOS epel仓库 (#200)
谢谢
2018-05-24 00:08:09 +08:00
gjmzj f97593b9db 增加helm文档 2018-05-23 23:58:11 +08:00
gjmzj 58f91ed208 增加安全安装helm的ansible role 2018-05-23 13:54:41 +08:00
gjmzj 14052386df minor fix 2018-05-23 09:45:06 +08:00
gjmzj fe1e5a65a5 设置node roles 2018-05-22 15:57:44 +08:00
gjmzj 15bbc26d3f minor fix:等待node节点Ready 2018-05-20 23:18:53 +08:00
gjmzj 1fd8515711 增加master和node服务重启tags 2018-05-20 00:17:59 +08:00
gjmzj dfff890926 更新kubelet匿名访问漏洞文档说明 2018-05-19 23:56:54 +08:00
gjmzj 58ccd3bc88 增加[可选]OS安全加固脚本 2018-05-19 22:40:41 +08:00
gjmzj a0d3ac6ec9 增加升级k8s时服务文件的更新 2018-05-17 23:07:01 +08:00
gjmzj 83bdcfd41a 修复kubelet匿名访问漏洞 2018-05-17 22:51:15 +08:00
spirit 6b6de7881e 修复kubelet安全策略 (#192)
https://kubernetes.io/docs/admin/kubelet-authentication-authorization/
By default, requests to the kubelet’s HTTPS endpoint that are not rejected by other configured authentication methods are treated as anonymous requests, and given a username of system:anonymous and a group of system:unauthenticated.

To disable anonymous access and send 401 Unauthorized responses to unauthenticated requests:

start the kubelet with the --anonymous-auth=false flag
2018-05-17 22:31:54 +08:00
AEGQ a03fe10ee2 Update main.yml (#194)
永久关闭 selinux 失败。
2018-05-17 22:29:43 +08:00
gjmzj 20ebd73bc4 增加项目TodoList,release v1102-r1 2018-05-11 18:45:19 +08:00
gjmzj 401330c380 更新集群upgrade文档和脚本 2018-05-11 12:02:41 +08:00
gjmzj 45b7fab60e 新增upgrade脚本 2018-05-11 11:07:14 +08:00
gjmzj 2fb8347340 更新文档链接 2018-05-11 10:18:48 +08:00
gjmzj 1e813ec642 minor文档更新 2018-05-11 10:03:07 +08:00
lusyoe 2c52c24346 丰富dashboard文档,授予admin跳过登录 (#182) 2018-05-07 23:34:35 +08:00
gjmzj 94b412b8b1 minor fix 2018-05-07 23:23:28 +08:00
gjmzj 18133ee301 add tool: trans_yml.sh 2018-05-07 09:50:11 +08:00
jmgao e2fdd779ec typo fix 2018-05-06 23:19:41 +08:00
jmgao 9a8a729e08 prepare release v1102-r1 2018-05-06 23:10:14 +08:00
gjmzj 2f3f9d023d minor fix 2018-05-06 09:08:09 +08:00
jmgao b7a7eef235 lineinfile替换shell sed 2018-05-04 22:11:08 +08:00
gjmzj 550c8f22f2
Merge pull request #179 from Antergone/master
使用lineinfile替换sed
2018-05-04 21:30:07 +08:00
Antergone 193a376635 使用lineinfile替换sed 2018-05-04 15:27:46 +08:00
gjmzj e450fe30ca
Merge pull request #177 from Antergone/master
修复原有PATH被覆盖问题
2018-05-04 08:21:34 +08:00
antergone c17a378efa
去除自动生成的PATH 2018-05-03 01:49:42 +08:00
antergone 88ae1783ba
修复原有PATH被覆盖问题 2018-05-03 01:35:48 +08:00
gjmzj f955c23b2e 测试增加OS安全基线,FROM dev-sec/ansible-os-hardening 2018-05-01 10:16:11 +08:00
jmgao 0b3c1b6dce 更新kubedns文档 2018-04-26 14:18:38 +08:00
gjmzj afd667e2a3 更新pause镜像3.1,kube-dns 1.14.9 2018-04-24 23:06:57 +08:00
gjmzj 19cdcd7625 tiny fix in kube-flannel.yaml.j2 2018-04-19 08:48:44 +08:00
gjmzj f7c32c59f9 删除变量MASTER_PORT定义 2018-04-17 21:14:03 +08:00
gjmzj 44a3bb4072 fix:多网卡安装flannel问题 2018-04-17 21:02:44 +08:00
gjmzj 3bf3908d3a 更新flannel多网卡情况说明,准备release v1100-r1 2018-04-16 21:30:29 +08:00
gjmzj 5fa1f880b0 更新basic-env-setup.sh使用说明 2018-04-16 21:03:52 +08:00
gjmzj bf6b8953b0
Merge pull request #164 from Code2Life/master
新增不同版本linux初始化ansible及kubernetes相关组件的脚本
2018-04-16 18:38:09 +08:00
code2life cbb3642319 修改为linux下的LF格式, 更新注释 2018-04-16 11:31:13 +08:00
code2life 03dba54f34 修改注释 2018-04-16 11:13:17 +08:00
code2life 070437c96f 添加各linux发行版的基础环境初始化脚本(python+pip+ansible+ k8s bins) 2018-04-16 10:21:27 +08:00
gjmzj 03b14460bb 更改Master VIP的BUG提示 2018-04-14 22:55:26 +08:00
gjmzj a8f3325afe harbor CA证书路径修复,minor文档更新 2018-04-14 11:58:59 +08:00
gjmzj dac7532933 文档更新:变更集群Master VIP 2018-04-14 11:46:04 +08:00
gjmzj bd82d97394 Merge branch 'master' of https://github.com/gjmzj/kubeasz
滚动更新文档
2018-04-12 07:24:18 +08:00
gjmzj b21ad29744 更新分支说明 2018-04-12 07:23:22 +08:00
gjmzj 609980ab39
Merge pull request #157 from justmine66/master
零停机滚动发布
2018-04-11 23:25:43 +08:00
无痴迷,不成功 f53e775084
Update rollingupdateWithZeroDowntime.md 2018-04-11 07:44:07 -07:00
无痴迷,不成功 d95497d401
Update rollingupdateWithZeroDowntime.md 2018-04-11 07:43:05 -07:00