gjmzj
fc39f77ab9
添加docker/containerd互斥判断
2019-06-09 15:20:09 +08:00
gjmzj
80217dc1cd
docs: update setup guide
2019-06-09 10:58:01 +08:00
gjmzj
1e81881436
废弃clean_one_node.yml
2019-06-08 16:07:46 +08:00
gjmzj
e0392acef0
fix 安全加固允许ip_forward
2019-06-05 20:41:09 +08:00
gjmzj
d0a481cd09
fix easzctl脚本适应新流程
2019-06-04 23:46:12 +08:00
gjmzj
2ef0e9f86c
fix 删除master/node流程
2019-06-04 13:06:11 +08:00
gjmzj
48697d9f34
新增role: clean,重写99.clean.yml
2019-06-02 00:04:33 +08:00
gjmzj
254f6528b9
调整addetcd/addnode/addmaster等脚本2
2019-06-01 22:16:14 +08:00
gjmzj
6e6792bbd4
调整addetcd/addnode/addmaster脚本
2019-06-01 09:24:43 +08:00
gjmzj
d2d164b2b8
fix 删除deploy角色
2019-05-31 23:07:00 +08:00
gjmzj
4999b2bd6a
调整去掉delegate_to deploy节点的任务
2019-05-31 00:00:01 +08:00
gjmzj
70c1f8b172
调整ex-lb的流程
2019-05-30 21:37:01 +08:00
gjmzj
8cf349b271
精简example hosts配置文件及配置项
2019-05-29 22:49:04 +08:00
gjmzj
d17d938dfc
调整network/cluster-addon安装流程
2019-05-29 20:45:25 +08:00
gjmzj
78cc26db8c
重构kube-master/kube-node流程
2019-05-28 23:46:22 +08:00
gjmzj
c2d2dab242
重构kube-master流程
2019-05-28 09:10:44 +08:00
gjmzj
05d5288d5c
安装流程重构之优化prepare/etcd/containerd/docker等阶段
2019-05-27 21:28:36 +08:00
gjmzj
8712819a9c
安装流程重构之优化prepare阶段
2019-05-27 20:02:02 +08:00
gjmzj
5859315c3e
update kube-route v0.3.1
2019-05-27 00:04:00 +08:00
gjmzj
148dce5e81
fix: 双网卡下 apiserver endpoint 可能错误 #479
2019-05-23 23:22:25 +08:00
gjmzj
828de9d3b5
增加网络插件kube-ovn支持
2019-05-22 11:17:42 +08:00
gjmzj
b4e373b01e
增加kubelet可选是否开启kube-reserved资源预留,默认开启
2019-05-22 00:06:21 +08:00
gjmzj
9b1ba6e5b5
更新containerd离线镜像导入脚本
2019-05-21 23:47:49 +08:00
gjmzj
72dd8bfa67
去除containerd相关测试工具
2019-05-21 07:32:02 +08:00
gjmzj
e749f32738
增加containerd与harbor集成
2019-05-19 22:01:40 +08:00
gjmzj
be3b7e090a
update containerd/docker registry mirror settings
2019-05-18 22:44:23 +08:00
gjmzj
a625c99b2f
更新离线镜像推送条件
2019-05-18 18:07:34 +08:00
gjmzj
5712d6626b
integrate kubelet with containerd
2019-05-18 16:48:58 +08:00
lusyoe
4105238c23
添加Amazon Linux支持
2019-05-12 20:38:42 +08:00
gjmzj
369ab3e991
update traefik v1.7.11
2019-05-04 22:42:46 +08:00
gjmzj
3a97bd3b8d
更新docker国内镜像站点设置
2019-05-02 18:29:38 +08:00
gjmzj
f931516d10
update coredns 1.5.0
2019-05-02 12:10:05 +08:00
gjmzj
881a43ab26
优化只读kubectl配置的创建流程 #537
2019-05-01 17:20:20 +08:00
gjmzj
a1939079b4
fix: centos7 rsyslog服务启动错误 #538
2019-04-30 16:15:19 +08:00
suxiaolin
3835d32915
remove docker cn registry
2019-04-18 23:04:26 +08:00
waiting
4fe5305aea
feat(chrony): 增加授时源
...
增加一个阿里云,两个腾讯云,一个中国区
BREAKING CHANGE: 修改变量名 ntp_server 为 ntp_servers
2019-04-18 22:56:45 +08:00
gjmzj
2bab10f502
增加每个node节点pod网络掩码长度设置项
2019-04-11 22:03:28 +08:00
gjmzj
0b7c85e72c
增加kubelet资源预留设置
2019-04-10 23:49:49 +08:00
gjmzj
80dff1d7b0
fix kernel>=4.19 加载nf_conntrack问题
2019-04-09 17:39:13 +08:00
gjmzj
9b4ec4b656
easzctl集成basic-auth配置
2019-04-07 20:38:23 +08:00
gjmzj
3c1c348544
更新dashboard关于basic-auth认证的相关
2019-04-04 09:08:27 +08:00
gjmzj
884154bb03
删除cAdvisor 4194端口限制
2019-04-03 23:02:33 +08:00
gjmzj
608c262d6e
minor fix:提升系统安装包速度
2019-04-03 15:02:05 +08:00
gjmzj
92ea99e677
调整ca证书有效期等配置
2019-03-30 11:57:52 +08:00
gjmzj
eca81279b7
修复docker安装时版本判断条件
2019-03-29 12:50:39 +08:00
gjmzj
047a0488e5
修复centos日志优化配置等
2019-03-28 18:44:10 +08:00
gjmzj
ece94ff0b4
优化journald日志服务配置
2019-03-28 12:45:03 +08:00
gjmzj
b684e96b6f
work around with CVE-2019-3874
2019-03-28 09:44:56 +08:00
gjmzj
b88d352ad7
增加kubectl使用可选参数配置kubeconfig
2019-03-28 09:18:00 +08:00
gjmzj
8319b3217b
修复当第一个etcd成员故障时apiserver也故障的bug,详见 kubernetes issue #72102
2019-03-27 21:59:34 +08:00
gjmzj
b652d0ad62
update coredns 1.4.0
2019-03-27 20:55:34 +08:00
gjmzj
66f1ba2550
修复apiserver启用basic_auth认证
2019-03-26 15:20:54 +08:00
gjmzj
306fcbe6d1
update calico 3.4.3
2019-03-22 17:13:13 +08:00
gjmzj
a076a384ad
修改安装dashboard同时安装heapster
2019-03-22 16:11:41 +08:00
gjmzj
ef0ed89c34
修复easzctl setup流程
2019-03-17 19:19:57 +08:00
gjmzj
812d71ca10
minor fix
2019-03-16 17:32:43 +08:00
gjmzj
cdddf6e6bb
调整apiserver可选开启基本认证(默认关闭)
2019-03-15 14:17:24 +08:00
gjmzj
78b947f86f
更新dashboard文档
2019-03-15 09:58:45 +08:00
gjmzj
0559c97a11
在role:kube-master中增加basic_auth相关配置
2019-03-14 23:51:04 +08:00
gjmzj
75defebbf5
废弃ansible hosts中basic_auth相关配置
2019-03-14 14:00:28 +08:00
weilinqwe
17dc3c3423
add support for harbor v1.7.x
2019-03-13 20:50:11 +08:00
gjmzj
27094d0a7e
修复cilium安装时判断内核版本逻辑
2019-03-06 22:58:10 +08:00
gjmzj
cbb29234ec
修复docker版本判断逻辑
2019-03-06 22:57:22 +08:00
gjmzj
ca2e9a2270
修复roles/docker/tasks/main.yml自动merge产生的错误
2019-03-06 19:54:33 +08:00
gjmzj
239041032f
修复项目bin目录下二进制不能执行的错误
2019-03-06 19:51:23 +08:00
gjmzj
b464fee837
merge dev branch: kubeasz release 1.0.0rc1
2019-03-05 22:47:06 +08:00
gjmzj
399de72fe4
update cilium v1.4.1
2019-03-03 10:01:22 +08:00
gjmzj
bf2c9353b5
废弃ansible hosts变量K8S_VER,改为自动识别
2019-03-01 09:49:24 +08:00
gjmzj
64350c4b5c
优化脚本以兼容docker运行kubeasz
2019-02-28 18:27:57 +08:00
gjmzj
224125c4a0
安装流程修改以适应容器化运行kubeasz
2019-02-28 16:06:26 +08:00
gjmzj
8b8fb54fc0
增加docker安装时创建软链接
2019-02-27 20:41:47 +08:00
gjmzj
8839c671a9
修复docker安装获取版本任务的tags信息
2019-02-26 16:02:21 +08:00
gjmzj
98b39efb3b
修复docker安装获取版本任务的tags信息
2019-02-26 15:06:56 +08:00
gjmzj
5a9af26bf9
更新easzctl 帮助信息和部分文档
2019-02-26 15:04:16 +08:00
gjmzj
4c6ec53cda
增加随机basic auth密码等脚本优化
2019-02-25 23:11:08 +08:00
gjmzj
caabb89531
优化添加etcd脚本,并集成到easzctl
2019-02-24 12:56:47 +08:00
gjmzj
ae5bd3f985
清除 new-node/new-master 相关配置
2019-02-24 10:22:12 +08:00
gjmzj
3a59e82cec
修复兼容docker 18.09.x 版本安装
2019-02-21 15:13:18 +08:00
gjmzj
7b82688b1f
update helm v2.12.3
2019-02-16 09:57:30 +08:00
gjmzj
6d544ccd52
更新支持 calico v3.4.x
2019-02-15 17:10:07 +08:00
gjmzj
2cb94ff8d0
update flannel v0.11.0-amd64
2019-02-15 14:47:43 +08:00
gjmzj
d80404b7d9
增加添加etcd节点脚本
2019-02-14 14:13:13 +08:00
PowerDos
4898ae072d
fixed: 修复清除iptables规则时,遇到关闭所有进入端口,无法连接节点
2019-02-12 19:59:05 +08:00
gjmzj
c54f2293e6
minor changes in lb installing
2019-02-07 15:23:59 +08:00
gjmzj
0e04736f2b
增加可选附加负载均衡节点
2019-02-07 15:10:49 +08:00
gjmzj
f28fc48d5e
支持harbor 1.6.3,调整部分安装步骤
2019-02-05 09:46:26 +08:00
gjmzj
f19339d7f1
调整prepare tasks,避免把证书和kubeconfig分发到不需要的节点
2019-02-01 13:45:46 +08:00
gjmzj
6ac413e9de
Merge branch 'dev' of https://github.com/gjmzj/kubeasz into dev
2019-01-25 21:31:25 +08:00
lusyoe
957fc1f6a5
调整docker远程API默认为关闭
2019-01-25 21:32:34 +08:00
lusyoe
917e9734fc
添加开启docker远程API
2019-01-25 21:32:34 +08:00
sunshanpeng
9fd4c2f330
calico_3.3.2 rbac 新增nodes/status
2019-01-25 21:28:16 +08:00
sunshanpeng
5a1140fc8e
calico add metrics ENV
2019-01-25 21:28:16 +08:00
sunshanpeng
0dc014b3ea
coredns add metrics port
2019-01-25 21:28:16 +08:00
gjmzj
7ab8fff16c
增加开机启动k8s相关内核模块配置
2019-01-24 11:06:48 +08:00
gjmzj
e6b73369d2
为兼容k8s版本 <= 1.11,revert PR #440
2019-01-18 15:15:09 +08:00
Hello-Linux
839a34785e
更新kube-schedule监听参数
2019-01-15 21:22:43 +08:00
gjmzj
edd68c7f47
增加 pod-infra-container 可选择配置
2019-01-10 23:51:50 +08:00
Hello-Linux
a1be5462ed
更新docker根目录存储命令
2019-01-10 19:24:29 +08:00
rufus123456
f289615c77
添加支持RedHat(only)
2019-01-07 10:21:58 +08:00
gjmzj
dcbfafcbd9
更新calico 3.3.2,并保留3.2.4可选
2019-01-02 22:29:02 +08:00
rufus123456
54e9eeb910
fix: 等待ETCD同步完成,再返回成功
2018-12-21 22:39:34 +08:00
gjmzj
d6f04a96d2
更新cluster-addon部分可选自动安装nginx-ingress
2018-12-21 22:35:15 +08:00
gjmzj
21e6a48622
fix traefik ingress 安装路径
2018-12-21 18:35:57 +08:00
gjmzj
e818b9287a
fix 特定环境下lb节点变量LB_IF自动设置错误
2018-12-13 16:43:30 +08:00
gjmzj
30e123cb88
update coredns 1.2.6
2018-12-11 17:27:34 +08:00
lixianyang
0a57c136a7
移除 kube-node csr 请求批准部分
2018-12-07 08:52:14 +08:00
lusyoe
c3033dc4de
添加helm tls环境变量
2018-12-06 15:37:39 +08:00
gjmzj
41370a3f2f
update traefik 1.7.4
2018-12-06 15:27:42 +08:00
gjmzj
61d8f032c1
更新升级集群相关脚本和文档
2018-12-06 10:04:27 +08:00
gjmzj
68e7cdc959
增加配置ingress nodeport 负载转发的脚本与文档
2018-11-30 23:42:53 +08:00
gjmzj
43de866aa5
更新生成kubeconfig脚本与文档
2018-11-30 15:18:17 +08:00
gjmzj
b542542163
增加修改APISERVER证书的脚本与文档
2018-11-28 20:39:51 +08:00
gjmzj
d803579000
增加只读权限kubeconfig脚本与文档
2018-11-27 14:21:42 +08:00
gjmzj
f716e8a608
取消手动设置LB_IF参数
2018-11-26 21:56:22 +08:00
gjmzj
47a8049457
取消helms别名
2018-11-25 22:16:37 +08:00
gjmzj
a71ddd22fb
update helm v2.11.0
2018-11-25 17:18:58 +08:00
gjmzj
14ad6f28bf
increasing the conntrack table size in sysctl setting
2018-11-21 23:11:55 +08:00
gjmzj
5d068d55af
fix NodePorts settings in Calico/node
2018-11-21 23:04:59 +08:00
lusyoe
2efb33a4e0
添加istio sidecar自动注入webhook
2018-11-21 17:23:15 +08:00
gjmzj
839a38f1c2
update calico v3.2.4
2018-11-21 17:20:54 +08:00
gjmzj
313d11111e
fix 内核4.19加载nf_conntrack #366
2018-11-10 09:52:57 +08:00
gjmzj
b5cd458fde
支持master证书添加公网ip和域名
2018-11-07 10:23:18 +08:00
gjmzj
69001e86ca
fix 阿里云nas动态pv脚本
2018-11-06 17:44:17 +08:00
gjmzj
913a71346a
use metallb as LoadBalancer Provider
2018-10-28 21:20:26 +08:00
gjmzj
69bad96b17
fix: install kube-proxy in ipvs mode on CentOS
2018-10-16 09:18:32 +08:00
lusyoe
bbf4dc8c99
安装chrony之前确保已卸载ntp
2018-10-14 15:44:20 +08:00
gjmzj
2e700c7ee1
update traefik 1.7.2
2018-10-14 12:05:06 +08:00
gjmzj
c0b4c8d977
update kube-dns 1.14.13, heapster v1.5.4
2018-10-14 12:02:33 +08:00
gjmzj
68029132d6
fix: 在本地目录检查离线镜像下载情况
2018-10-14 10:17:20 +08:00
gjmzj
e6edece5dd
update setup docs
2018-10-12 13:30:19 +08:00
klgd
333b56cea1
fix: Ansible 2.7 环境下 提示 “[DEPRECATION WARNING]: Invoking "yum" only once while using a loop via squash_actions is deprecated.” 问题
...
see https://docs.ansible.com/ansible/devel/porting_guides/porting_guide_2.7.html#using-a-loop-on-a-package-module-via-squash-actions
2018-10-10 09:48:00 +08:00
gjmzj
aa869e17ff
set kubelet authentication/authorization webhook
2018-10-06 10:21:04 +08:00
gjmzj
64e38717dd
update metrics-server v0.3.1
2018-10-05 09:47:03 +08:00
gjmzj
9eeb3dd9d9
update coredns 1.2.2
2018-10-01 17:39:44 +08:00
gjmzj
eab1d628e9
translate playbooks comments into english -1
2018-09-29 09:06:19 +08:00
gjmzj
c366125a9a
fix网络组件偶尔连不上svc kubernetes的错误
2018-09-22 07:22:55 +08:00
gjmzj
51b10038a1
调整网络插件安装中kubectl在deploy节点执行
2018-09-21 17:23:42 +08:00
gjmzj
914b3c6beb
调整安装步骤中kubectl的执行以适合公有云部署2
2018-09-21 15:57:20 +08:00
gjmzj
6249aa2c50
fix 推送ansible执行节点的ssh密钥对至deploy节点,调整设置内核参数
2018-09-20 20:36:45 +08:00
gjmzj
df059f91f2
推送ansible执行节点的ssh密钥对至deploy节点
2018-09-18 21:58:56 +08:00
gjmzj
57ace894e1
update ansible-os-hardening 5.0.0
2018-09-17 23:23:56 +08:00
gjmzj
6b21f30ab9
调整安装步骤中kubectl的执行以适合公有云部署
2018-09-15 11:27:33 +08:00
gjmzj
867cc21b63
更新集群升级操作说明及脚本
2018-09-11 23:12:25 +08:00
gjmzj
cdf778b6ab
取消 Node节点 Bootstrap机制
2018-09-11 20:46:46 +08:00
gjmzj
a580a55d9b
update kube-router v0.2.0
2018-09-09 11:04:49 +08:00
gjmzj
713dd815ae
fix 多lb备节点时route_id重复问题
2018-09-05 09:24:32 +08:00
gjmzj
d0e6131e8b
增加可选配置lb 节点负载转发ingress NodePort的功能
2018-09-04 00:05:38 +08:00
gjmzj
3f85b6d470
fix ulimit settings
2018-09-02 15:07:58 +08:00
gjmzj
9e41498a3a
设置ulimits和拆分prepare任务
2018-09-02 14:08:51 +08:00
lusyoe
2b4d92a07a
添加kubelet根目录
2018-08-31 23:02:31 +08:00
lusyoe
36d1034600
添加docker存储目录
2018-08-31 23:02:31 +08:00
gjmzj
37bcbbf3be
fix 99.clean.yml不应该删除harbor相关
2018-08-31 22:58:44 +08:00
gjmzj
520a33dd56
修改默认支持多网卡node节点的flannel和calico插件安装
2018-08-30 22:02:12 +08:00
gjmzj
6c8b3d64f4
fix:当node多网卡时可以设置参数使flannel/calico正常运行
2018-08-30 21:08:56 +08:00
gjmzj
a86bd89181
fix 网络插件离线镜像不存在时安装的错误信息
2018-08-30 20:17:05 +08:00
gjmzj
168023572f
fix jq安装错误,补充ipset和ipvsadm安装
2018-08-26 18:51:26 +08:00
pennpeng
f90cc8a3cb
增加ipvs依赖包和管理包
2018-08-26 11:02:13 +08:00
gjmzj
8892cfc0ca
更新harbor v1.5.2,优化安装流程允许连接已有harbor仓库
2018-08-26 10:58:27 +08:00
gjmzj
0036c62db8
删除ansible hosts中自动生成的etcd 相关变量
2018-08-22 23:07:07 +08:00
gjmzj
f0bff405af
update cilium docs
2018-08-19 10:19:27 +08:00
gjmzj
67ca82d723
add chrony
2018-08-17 09:18:55 +08:00
gjmzj
91812bba9f
fix3 多lb节点配置文件格式错误 Issue #286
2018-08-15 09:36:01 +08:00
gjmzj
ced4f34aae
fix2 多lb节点配置文件格式错误 Issue #286
2018-08-14 20:01:33 +08:00
gjmzj
0fb1f7ddf3
fix 多lb节点配置文件格式错误 Issue #286
2018-08-14 19:11:04 +08:00
gjmzj
e1e4524a97
修复calicoctl配置;修复calico/node 跑在LB 主节点时使用IP地址错误
2018-08-14 17:03:18 +08:00
lusyoe
50862bcaaf
调整storage变量,更新相关文档 ( #285 )
...
* 优化storage结构,修复deploy节点分离nas部署失败
2018-08-12 20:02:47 +08:00
gjmzj
d1cdcafdd3
优化cluster-addon 安装脚本
2018-08-12 19:27:16 +08:00
gjmzj
f2a75c6d39
增加docker 配置文件
2018-08-12 16:47:39 +08:00
gjmzj
4cd887f458
update offline images 0.3
2018-08-12 12:20:02 +08:00
gjmzj
e10b9e6020
update kube-router v0.2.0-beta.9
2018-08-12 09:24:22 +08:00
gjmzj
7261653f03
update calico v3.1.3
2018-08-11 15:26:44 +08:00
gjmzj
30b6ebb59f
fix 兼容ansible执行节点与deploy节点分离
2018-08-11 09:14:03 +08:00
lusyoe
b3a0e1b936
优化storage,抽取tasks
2018-08-07 17:11:33 +08:00
lusyoe
7119c70005
优化storage结构,修复deploy节点分离nas部署失败
2018-08-07 17:11:33 +08:00
lusyoe
be08287672
支持deploy与ansible执行节点分离
2018-08-07 17:11:33 +08:00
gjmzj
6686b6cec5
add network plugin: cilium
2018-08-05 16:12:32 +08:00
gjmzj
a045dd1d42
Merge branch 'dev' of https://github.com/gjmzj/kubeasz into dev
2018-08-03 14:15:33 +08:00
jmgao
70bcf6ea88
Merge pull request #277 from yuyicai/dev
...
fix: 解决Ubuntu 18.04无法安装haproxy、keepalived问题
2018-08-03 07:29:57 +08:00
yuyicai
befc656f31
fix: 解决Ubuntu 18.04无法安装haproxy、keepalived问题
2018-08-02 17:25:25 +08:00
klgd
54859713ec
fix 解压后的harbor安装文件没有执行权限问题
2018-08-02 14:24:04 +08:00
jmgao
0b77078901
Merge pull request #272 from Hello-Linux/dev
...
kube-apiserver增加batch/v2alpha1支持
2018-07-29 18:14:39 +08:00
gjmzj
4cf167869c
更新cluster-storage 相关
2018-07-28 11:50:39 +08:00
gjmzj
5976f61497
调整nfs 动态存储相关脚本
2018-07-28 10:21:34 +08:00
Hello-Linux
6a12ba7fcd
Merge branch 'dev' of https://github.com/Hello-Linux/kubeasz into dev
2018-07-27 17:31:53 +08:00
Hello-Linux
72c31d8cca
kube-apiserver增加batch/v2alpha支持
2018-07-27 17:27:42 +08:00
jmgao
d4a130a59a
Merge pull request #267 from lusyoe/dev
...
重构存储模块,添加阿里云NAS支持
2018-07-26 18:00:45 +08:00
gjmzj
c1719b784c
禁止节点使用系统swap
2018-07-26 14:27:26 +08:00
Sun~shell
93e041c825
增加centos7关闭Selinux,Firewalld,swap交换内存 ( #270 )
2018-07-26 14:10:40 +08:00
lusyoe
3876c904a6
修改storage yml语法问题
2018-07-25 18:41:43 +08:00
lusyoe
f239533d1b
Merge branch 'storage' into dev
2018-07-25 18:34:51 +08:00
lusyoe
4318da159f
Merge branch 'dev' of https://github.com/gjmzj/kubeasz into dev
2018-07-25 18:34:02 +08:00
lusyoe
4750465c81
添加cluster-storage roles
2018-07-25 18:25:38 +08:00
gjmzj
59ff795554
修改.gitignore,方便自定义参数配置
2018-07-23 22:00:06 +08:00
lusyoe
9d303ecfe7
Merge branch 'dev' of https://github.com/gjmzj/kubeasz into dev
2018-07-23 20:50:29 +08:00
gjmzj
4c6c714275
增加集群恢复功能脚本
2018-07-23 16:59:44 +08:00
gjmzj
df8faebd86
增加集群备份功能
2018-07-23 16:58:12 +08:00
lusyoe
5a7d610a29
添加阿里云NAS存储支持
2018-07-20 10:55:03 +08:00
lusyoe
2fa3805244
nfs存储重构,调整目录结构
2018-07-20 10:26:27 +08:00
lusyoe
002d57699c
调整附加组件dns目录结构
2018-07-19 23:39:29 +08:00
gjmzj
870d51ec7e
更新haproxy负载均衡算法配置
2018-07-13 14:36:55 +08:00
gjmzj
6afcd95814
fix keepalived使用单播发送vrrp报文,以兼容公有云上自建LB
2018-07-13 11:24:34 +08:00
gjmzj
5f07276ea2
废弃ansible hosts变量SERVICE_PROXY
2018-07-09 18:18:32 +08:00
gjmzj
2a916c0ad1
更新kube-proxy使用ipvs模式
2018-07-09 17:43:12 +08:00
TimeBye
7ff1d71ef3
[IMP]update kube-apiserver-v1.8 apiserver-count ( #254 )
2018-07-06 08:43:56 +08:00
gjmzj
e695c7cbb1
fix: metrics-server允许的client cert问题
2018-07-05 15:46:42 +08:00
changealice
48f473b745
harbor点击tag界面出现\"发生未知错误,请稍后再试" ( #250 )
2018-07-04 16:15:21 +08:00
yuyicai
3cf84e9d0e
fix #242 : 添加CA有效期参数,设定CA有效期为15年(131400h) ( #245 )
2018-07-03 13:20:50 +08:00
gjmzj
4f82c79fa2
fix x509: subject with cn=system:node: is not in the allowed list: [aggregator]
2018-07-02 12:27:19 +08:00
gjmzj
369cc188b0
Merge branch 'dev'
2018-06-29 18:16:08 +08:00
gjmzj
ae0f5b242f
fix集成离线镜像安装脚本
2018-06-29 15:26:01 +08:00
lusyoe
4c0bd5c50a
fix #239 harbor调整安装解压工具, 适配多系统 ( #240 )
2018-06-28 22:17:16 +08:00
gjmzj
62162c3802
update coredns 1.1.3
2018-06-28 17:38:43 +08:00
gjmzj
7699870ba4
更新集成其他k8s组件的离线安装
2018-06-28 10:52:20 +08:00
gjmzj
837b579c66
集成使用离线docker镜像安装网络插件
2018-06-26 21:06:52 +08:00
gjmzj
266238454a
minor 文档更新
2018-06-23 12:42:02 +08:00
gjmzj
211ffb79a5
fix从0.1.0版本升级apiserver服务启动失败问题
2018-06-22 22:48:14 +08:00
gjmzj
465b79ca50
修改部分镜像拉取策略
2018-06-22 18:01:43 +08:00
gjmzj
7d66f66400
新增metrics-server、cluster-addon文档及相关文档更新
2018-06-19 21:45:17 +08:00
gjmzj
6f201476bd
增加等待网络插件正常运行
2018-06-18 00:04:00 +08:00
gjmzj
1b1e3a11fa
更新自动安装cluster-addon
2018-06-17 23:19:04 +08:00
gjmzj
d66a5ef5ba
fix aggregator proxy client cert issue
2018-06-17 13:07:57 +08:00
gjmzj
1b4864b669
metric server集成配置
2018-06-17 10:46:25 +08:00
gjmzj
2f65a8bba6
minor 脚本和文档更新
2018-06-15 10:52:59 +08:00
gjmzj
deb9edeab8
更新kube-router相关文档及清除脚本
2018-06-14 23:34:03 +08:00
gjmzj
1d737f6477
更新kube-router with service-proxy
2018-06-14 21:38:39 +08:00
gjmzj
8d19b7f9d8
更新kube-router without service-proxy
2018-06-14 09:39:47 +08:00
jmgao
3911f1038e
修改manifests兼容k8s v1.8
2018-06-11 10:15:07 +08:00
jmgao
e072b5359a
修改apiserver参数兼容安装 v1.8.x
2018-06-10 12:11:33 +08:00
gjmzj
af872c8e7b
简化新增节点步骤
2018-06-10 08:32:34 +08:00
jmgao
9f172965ac
bugfix:取消lb组变量设置
2018-06-10 00:16:20 +08:00
jmgao
82badc4f2e
取消lb组变量设置
2018-06-09 23:30:24 +08:00
jmgao
931b2cf1b9
用inventory_hostname替换变量NODE_IP
2018-06-09 22:19:20 +08:00
jmgao
2340b9f214
转移calico/flannel的配置到对应的roles目录
2018-06-09 17:57:17 +08:00
gjmzj
e45a023985
update kube-dns 1.14.10
2018-06-08 23:29:58 +08:00
lu
f45c0b333d
harbor添加解压工具
2018-06-08 23:08:35 +08:00
lu
24639cc41c
升级harbor版本到1.5.1,调整安装路径为/data/harbor,修复安装解压问题
2018-06-08 23:08:35 +08:00
jmgao
2fd22815d2
minor:helm脚本更新
2018-05-31 23:12:14 +08:00
lusyoe
7da2a40bd8
helm添加国内repo url
2018-05-31 23:03:37 +08:00
jmgao
f3b788a3e9
更新harbor脚本和文档
2018-05-31 23:01:54 +08:00
gjmzj
3295a2218c
更新升级集群文档
2018-05-29 16:11:18 +08:00
gjmzj
af31805e07
更改os-harden为手动选择执行
2018-05-29 11:32:53 +08:00
gjmzj
54652adfa2
修改默认gather_facts: smart
2018-05-28 23:25:45 +08:00
gjmzj
29f0c4cd31
修复calico-controller多网卡问题
2018-05-27 11:08:55 +08:00
gjmzj
68ecb6a23d
更新helm默认rbac设置
2018-05-27 11:00:12 +08:00
gjmzj
2c6419a523
fix helm脚本与文档
2018-05-26 17:55:28 +08:00
lusyoe
a000f40ea2
添加 helm 命令自动补全
2018-05-25 15:22:09 +08:00
gjmzj
a7dd303fd2
增加修改AIO部署的系统IP的脚本和说明
2018-05-24 16:35:21 +08:00
lusyoe
e659038ab7
添加CentOS epel仓库 ( #200 )
...
谢谢
2018-05-24 00:08:09 +08:00
gjmzj
58f91ed208
增加安全安装helm的ansible role
2018-05-23 13:54:41 +08:00
gjmzj
fe1e5a65a5
设置node roles
2018-05-22 15:57:44 +08:00
gjmzj
15bbc26d3f
minor fix:等待node节点Ready
2018-05-20 23:18:53 +08:00
gjmzj
1fd8515711
增加master和node服务重启tags
2018-05-20 00:17:59 +08:00
gjmzj
58ccd3bc88
增加[可选]OS安全加固脚本
2018-05-19 22:40:41 +08:00
gjmzj
a0d3ac6ec9
增加升级k8s时服务文件的更新
2018-05-17 23:07:01 +08:00
gjmzj
83bdcfd41a
修复kubelet匿名访问漏洞
2018-05-17 22:51:15 +08:00
spirit
6b6de7881e
修复kubelet安全策略 ( #192 )
...
https://kubernetes.io/docs/admin/kubelet-authentication-authorization/
By default, requests to the kubelet’s HTTPS endpoint that are not rejected by other configured authentication methods are treated as anonymous requests, and given a username of system:anonymous and a group of system:unauthenticated.
To disable anonymous access and send 401 Unauthorized responses to unauthenticated requests:
start the kubelet with the --anonymous-auth=false flag
2018-05-17 22:31:54 +08:00
AEGQ
a03fe10ee2
Update main.yml ( #194 )
...
永久关闭 selinux 失败。
2018-05-17 22:29:43 +08:00
gjmzj
45b7fab60e
新增upgrade脚本
2018-05-11 11:07:14 +08:00
jmgao
9a8a729e08
prepare release v1102-r1
2018-05-06 23:10:14 +08:00
gjmzj
2f3f9d023d
minor fix
2018-05-06 09:08:09 +08:00
jmgao
b7a7eef235
lineinfile替换shell sed
2018-05-04 22:11:08 +08:00
Antergone
193a376635
使用lineinfile替换sed
2018-05-04 15:27:46 +08:00
antergone
88ae1783ba
修复原有PATH被覆盖问题
2018-05-03 01:35:48 +08:00
gjmzj
f955c23b2e
测试增加OS安全基线,FROM dev-sec/ansible-os-hardening
2018-05-01 10:16:11 +08:00
gjmzj
afd667e2a3
更新pause镜像3.1,kube-dns 1.14.9
2018-04-24 23:06:57 +08:00
gjmzj
19cdcd7625
tiny fix in kube-flannel.yaml.j2
2018-04-19 08:48:44 +08:00
gjmzj
f7c32c59f9
删除变量MASTER_PORT定义
2018-04-17 21:14:03 +08:00
gjmzj
44a3bb4072
fix:多网卡安装flannel问题
2018-04-17 21:02:44 +08:00
gjmzj
5fa1f880b0
更新basic-env-setup.sh使用说明
2018-04-16 21:03:52 +08:00
gjmzj
11974a4b14
minor fix
2018-04-10 18:58:10 +08:00
gjmzj
6eb58b175a
修复shell执行systemctl enable xx可能报错退出问题
2018-04-10 18:33:24 +08:00
gjmzj
b176a8761d
minor fix
2018-04-10 18:06:12 +08:00
gjmzj
cfa377db76
预装socat,修改apiserver reconciler使用lease模式
2018-04-08 09:39:59 +08:00
gjmzj
08d2d53925
修改calico日志warning级别,增加ubuntu安装conntrack,dashboard文档修订
2018-04-02 13:52:05 +08:00
gjmzj
1174d40cb8
efk日志持久化之静态PV
2018-04-01 12:50:01 +08:00
gjmzj
1e3a88d494
更新安装coredns的yaml配置和说明
2018-03-29 16:27:26 +08:00
gjmzj
566a374c99
minor changes
2018-03-29 09:24:04 +08:00
gjmzj
99ea4b1144
update k8s 1.9.6 && minor fix
2018-03-28 17:59:26 +08:00
gjmzj
84b46057a7
更新等待node状态Ready脚本
2018-03-25 18:28:49 +08:00
gjmzj
825a241ed3
修改判断证书是否存在的方式
2018-03-24 09:25:20 +08:00
gjmzj
b33ab0eea2
优化等待kubelet启动bootstrap机制
2018-03-22 22:41:43 +08:00
gjmzj
65f0d5e30b
update k8s1.9.4 & minor fix
2018-03-19 14:37:43 +08:00
gjmzj
160f9b2a2d
更新添加master节点步骤和文档
2018-03-18 22:51:05 +08:00
gjmzj
7563af41a9
安装步骤文档更新
2018-03-18 18:25:38 +08:00
gjmzj
78512c6590
Merge pull request #135 from panhongyin/master
...
修复selinux配置BUG,添加kubectl自动补全,添加SSHKEY复制脚本
2018-03-16 18:30:04 +08:00
gjmzj
b51f722202
优化安装流程,修复多主模式dashboard访问bug
2018-03-16 18:23:34 +08:00
panhongyin
053d2a0935
1: 添加实用工具集目录tools
...
2: 添加sshkey自动复制脚本,方便ansible的使用
3:添加kubectl自动补全配置
4:修复CentOS系统下selinux配置BUG
2018-03-16 17:52:02 +08:00
panhongyin
182b082518
1: 删除NODE_ID主机变量,改成使用ansible的run_once运行单节点任务
...
2:在keepalived模板中添加24位子网掩码
3:添加等待master节点服务启动完成检测任务
4:添加kubectl create之前的检测任务,避免重复操作时报错
2018-03-14 16:53:21 +08:00
jmgao
92afc3ba34
增加配置keepalived参数:virtual_router_id
2018-03-09 22:29:39 +08:00
jmgao
e4685e5fa4
更新增加master节点的步骤和文档
2018-03-09 22:02:55 +08:00
jmgao
b19600963d
允许忽略 br_netfilter 模块加载错误
2018-03-06 11:05:19 +08:00
jmgao
ddb762f6c5
更新lb部分设置和文档
2018-03-02 15:16:40 +08:00
jmgao
c3af702c7b
update calico 3.0.3
2018-02-28 17:53:26 +08:00
jmgao
dfbfaadaa2
minor changes
2018-02-25 12:30:15 +08:00
jmgao
cd9d70060f
update calico to 2.6.7
2018-02-25 10:34:32 +08:00
jmgao
6d3e2025ad
调整更新etcd不需要重新生成证书
2018-02-19 09:04:50 +08:00
jmgao
75097d5188
update k8s 1.9.3
2018-02-19 08:35:59 +08:00
lifeng
c7957a9e50
haproxy代理设置超时时间为10分钟,避免进入容器过早退出
2018-02-07 10:25:21 +08:00
jmgao
61096e90ec
更新docker容器日志限制配置
2018-01-29 18:25:27 +08:00
jmgao
15a4ae943b
update kubedns to 1.14.8
2018-01-27 13:54:12 +08:00