easzlab
/
kubeasz
mirror of https://github.com/easzlab/kubeasz.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,198 Commits
10 Branches
65 Tags
7.9 MiB
Commit Graph

645 Commits (c3c43f227cd31402cbc487967ac47dc255cc63ef)

Author SHA1 Message Date
gjmzj 2e4e30eac3 update docs 2021-01-20 17:42:46 +08:00
gjmzj 5ae78116f6 update: os-hardening 7.0.0 2021-01-19 23:35:31 +08:00
gjmzj e51aa3603d fix nodelocaldns 镜像推送 2021-01-19 20:20:05 +08:00
gjmzj 63a7e6d7ee 修复ansible group命名不规范问题 2021-01-19 17:41:00 +08:00
gjmzj a3d754ccf8 feat: upgrade kube-ovn to 1.5.3 #958 2021-01-18 10:21:48 +08:00
gjmzj 88bf729126 修复 calico 网络 backend 设置为 vxlan none 时,calico 部署失败 #959 2021-01-18 10:07:05 +08:00
gjmzj e97c65ce5f feat: add client kubeconfig management in 'ezctl' 2021-01-17 23:59:40 +08:00
gjmzj 73bedd7c37 feat: add NodeLocal DNSCache 2021-01-13 21:27:18 +08:00
gjmzj e6132800fc 调整默认nodePort范围 2021-01-12 17:17:27 +08:00
gjmzj e00d39f1c5 fix create kubelet certs 2 2021-01-12 11:32:48 +08:00
gjmzj ce7f385853 fix create kubelet cert 2021-01-12 11:01:19 +08:00
gjmzj a5a99d542e 调整cluster-addon安装方式 2021-01-11 19:02:34 +08:00
gjmzj d5c0873daf update kube-prometheus-stack-12.10.6 2021-01-11 11:12:14 +08:00
gjmzj 4b296cf087 minor fix 2021-01-10 21:25:05 +08:00
gjmzj a85c649805 重写安装流程 2021-01-07 09:30:50 +08:00
gjmzj 524e2390fa dev-3.0 mainline fixes 2020-12-30 11:25:54 +08:00
gjmzj c69be3f0da init commit for dev-3.0 2020-12-25 11:53:00 +08:00
gjmzj b9b452a0ce update calico v3.15.3, dashboard v2.1.0 2020-12-18 19:00:09 +08:00
gjmzj 870cc2b04a 更新支持containerd 1.4.3 2020-12-18 10:23:55 +08:00
lushenle 79adb50f66 modified: etcd.service.j2; fix compaction about, when `auto-compaction-retention=1` auto-compaction-mode is `revision`, shuld be set to `periodic`. Ref: https://etcd.io/docs/v3.4.0/op-guide/maintenance/ 2020-12-16 19:23:47 +08:00
gjmzj 3a29c84138 修改docker默认开启live-restore功能 2020-12-07 15:47:57 +08:00
gjmzj e298d89d48 更新安装运行时 containerd 待续 2020-12-01 20:02:32 +08:00
gjmzj 7316c24939 update component for k8s v1.19 2020-11-06 20:17:38 +08:00
gjmzj d7613a2091 替换apiserver参数--basic-auth-file为--token-auth-file 2020-11-05 10:36:45 +08:00
gjmzj f639c54548 kubelet启动参数修改for debian 10 #912 2020-09-27 19:21:50 +08:00
lushenle fceee36514 **Debian 10** 默认 `iptables` 使用 `nf_tables`, 
会导致很多的网络问题,不管使用什么网络插件,需将 `iptables`
改为使用传统的方式
 2020-09-23 14:56:21 +08:00
fidiler a8f57dda86 roles/calico/defaults/main.yaml 增加 CALICO_NETWORKING_BACKEND 变量 2020-09-23 14:35:36 +08:00
Peng Yong d2ba5806d5 CentOS 8不用安装haproxy.service 2020-09-23 14:20:16 +08:00
gjmzj 9606ab147b minor fix to containerd setup 2020-08-21 19:55:17 +08:00
gjmzj 0bd4281c46 minor fix 2020-06-01 17:42:52 +08:00
gjmzj 9117d07e82 清除集群时暂保留/opt/kube目录 2020-05-28 14:05:03 +08:00
gjmzj a03c1cdc1a 更新calico v3.8.8 配置文件 2020-05-24 17:52:18 +08:00
gjmzj 0578acec76 调整easzup下载脚本和docker安装 2020-05-24 14:51:01 +08:00
gjmzj d1b6761f0a revert cgroup driver to 'cgroupfs' #848 2020-05-23 17:58:32 +08:00
gjmzj d3b92464ec 修改kubelet/docker使用Cgroup driver: systemd 2020-05-23 15:16:01 +08:00
gjmzj 8f90571234 更新部分组件版本 2020-05-21 10:41:59 +08:00
gjmzj dfea51fc6e fix 节点角色删除时/opt/kube/bin被误删 #837 2020-05-18 11:42:13 +08:00
gjmzj d69b9a15fc fix pause-amd64:3.2 repos 2020-05-03 19:59:31 +08:00
gjmzj 7a8860ff0c delete docker mirror registry by 'azure.cn' 2020-04-19 19:10:18 +08:00
gjmzj d1f40a1dae update pause 3.2 2020-04-10 19:10:30 +08:00
lushenle 0204a1014d merge `harbor-image-tag` -> `docker-tag`, del `harbor-image-tag`, modified task, remove copy `harbor-image-tag` section 2020-04-06 08:53:53 +08:00
lushenle 18d031e506 modified main.yml, add copy `harbor-image-tag` setction, del comment for docker-tag use `jq` description 2020-04-06 08:53:53 +08:00
lushenle 0e988944bc modified dockertag: wget -> curl, add harbor-image-tag for query private harbor registry project, tags 2020-04-06 08:53:53 +08:00
gjmzj 29ffd8d82d ajust etcd parameters 2020-03-30 11:12:16 +08:00
piano 48c146e12d
Update etcd.service.j2 (#823) 
etcd 新增参数配置
 2020-03-30 11:01:55 +08:00
gjmzj 7916344997 modify kubectl-kubeconfig creating for bogeit 2020-03-29 10:52:46 +08:00
gjmzj e4a8064648 预处理增加设置内核参数net.core.somaxconn = 32768 2020-03-05 16:17:32 +08:00
lushenle 6b62536fec docker-tag 非常实用和方便,但遗憾目前已无法获取到 image tag,对其进行修改,以便获取 image tag 2020-03-05 15:52:57 +08:00
gjmzj 5a1f5cda97 关闭kubelet只读端口 2020-02-01 10:06:07 +08:00
gjmzj cb35be0417 增加清理节点二进制文件和离线镜像 2020-02-01 02:05:43 +08:00
gjmzj 3b4f367b95 bump dashboard version v2.0.0-rc3 2020-01-31 17:27:54 +08:00
gjmzj 3ab6ff9350 minor fix: kube-apiserver.service 2020-01-31 17:22:32 +08:00
gjmzj 4e07ae2a82 fix: kubeconfig证书中server地址逻辑 2020-01-31 12:37:44 +08:00
gjmzj 4a56116b19 修改kube-controller-manager和kube-scheduler使用证书访问kube-apiserver 2020-01-29 18:05:58 +08:00
gjmzj b16520704a 创建kube-controller-manager.kubeconfig和kube-scheduler.kubeconfig 2020-01-29 10:40:27 +08:00
gjmzj 976c682660 bump traefik version v1.7.20 2020-01-25 11:20:06 +08:00
gjmzj 7ddc364d38 bump versions: docker 19.03.5, etcd v3.4.3, k8s v1.17.2 2020-01-25 10:23:14 +08:00
gjmzj 7fce68ec83 bump coredns version 1.6.6 2020-01-24 09:18:13 +08:00
王正良 c8b0e1852a 遗漏的 harbor 安装配置模板文件 2020-01-12 21:16:27 +08:00
王正良 086ee1ab9a 修复 HARBOR_DOMAIN 为空及使用正式证书情况下 hostname 设置不正确问题 2020-01-12 21:16:27 +08:00
sunxk 226e63fbe6 fix ValidationError(DaemonSet.spec): missing required field "selector" in io.k8s.api.apps.v1.DaemonSetSpec 2019-12-26 20:57:17 +08:00
王正良 2788cd083d 1)增加对 harbor v1.8-v1.10 支持, 2)支持使用正式证书安装, 3)默认密码改为随机生成 2019-12-26 20:55:48 +08:00
MengxinLiu a54f6f55c0 update kube-ovn to 0.9.1 2019-12-04 22:21:06 +08:00
gjmzj 7ee25c262d minor fix 2019-11-26 11:07:46 +00:00
gjmzj ecf1d28003 fix ubuntu1804安装ex-lb失败问题 2019-11-24 13:30:31 +00:00
gjmzj faf78af62a 分离生成read权限kubeconfig #727 2019-11-17 01:51:29 +00:00
gjmzj 10ccdda640 update dashboard v2.0.0-beta6 2019-11-16 15:00:32 +00:00
gjmzj 2ff5d55d6d update APIs in v1.16 2019-11-03 12:32:10 +00:00
gjmzj ca501796c4 v1.16: networkpolicies under networking.k8s.io/v1 2019-11-03 10:44:58 +00:00
gjmzj fb584bcca2 update dashboard v2.0.0-beta5 2019-11-03 09:56:05 +00:00
gjmzj afbba63337 fix tcp_tw_recycle settings issue #714 2019-10-27 15:42:02 +00:00
gjmzj 8ae76e6dcf update metrics-server v0.3.6 2019-10-27 22:38:54 +08:00
gjmzj 2582e119b7 update rbac role: read 2019-10-27 13:40:43 +00:00
oilbeater e8471ff68d feat: update kube-ovn to 0.8.0 2019-10-19 23:50:41 +08:00
gjmzj 347b554c8a add support for k8s v1.16 2019-10-19 14:25:42 +00:00
gjmzj 51c0f61a92 update coredns v1.6.2, metrics-server v0.3.4 2019-10-07 23:08:24 +08:00
gjmzj f6cfa297fa fix: heapster无法读取节点度量数据 2019-10-07 23:01:48 +08:00
gjmzj 77578bb215 跟进 #688 把PROXY_MODE变量定义转移到ansible hosts 2019-09-08 17:55:32 +08:00
jiang_gw 4e81cb12a9 fix: ipvs-connection-timeout-issue 2019-09-08 17:35:40 +08:00
gjmzj ae9060aa06 fix #658 仅非容器化运行ansible需要安装 2019-09-08 16:58:30 +08:00
jiang_gw d7b0212f4d role deploy use pip install package netaddr 2019-09-08 16:48:22 +08:00
gjmzj 468a96ccc3 fix 删除etcd服务不影响node服务 #690 2019-09-08 16:36:14 +08:00
gjmzj bc16122de6 fix:增加kube-proxy参数--cluster-cidr #663 2019-08-25 23:19:30 +08:00
TimeBye 3986cba11e [IMP]add ipaddr('net') filter 2019-08-08 00:03:50 +08:00
TimeBye 35eca89c09 [FIX]修复首字母大写问题 2019-08-08 00:03:50 +08:00
TimeBye c29337d641 [IMP]优化kube-ovn参数设置 2019-08-08 00:03:50 +08:00
TimeBye f9ab7c6e51 [IMP]使用netaddr模块进行ip地址计算 2019-08-08 00:03:50 +08:00
gjmzj e80b558bc6 禁用net.ipv4.tcp_tw_reuse 2019-07-31 10:44:36 +08:00
gjmzj 68dd18a03c 增加flannel vxlan可选开启DirectRouting特性 2019-07-29 14:09:17 +08:00
有关部门 8278b1e004 Docker安装增加信任内部仓库 (#651) 
Docker安装增加信任内部仓库
 2019-07-26 15:07:28 +08:00
MengxinLiu effebf094b feat: upgrade kube-ovn to 0.6.0 2019-07-24 15:15:26 +08:00
gjmzj 2830a3587b 调整修复删除master/node/etcd节点的脚本 2019-07-24 10:19:31 +08:00
gjmzj 961978869a fix: 设置内核参数95-k8s-sysctl.conf 2019-07-23 11:12:03 +08:00
gjmzj faa0106446 增加部分内核优化参数 2019-07-22 12:24:52 +08:00
gjmzj 4f958b119c 设置kube-proxy默认使用ipvs模式 2019-07-21 23:22:31 +08:00
gjmzj b4c2cae2d6 fix issue #631 2019-07-19 13:47:10 +08:00
gjmzj 6b979132f8 minor fix 2019-07-19 11:00:23 +08:00
gjmzj f0212fe1d6 fix:清理脚本,提示清理后重启节点 2019-07-19 10:47:38 +08:00
gjmzj d4948172c5 支持离线安装debian10 2019-07-18 15:15:57 +08:00
gjmzj f87eac6177 fix:ubuntu1804安装集群kubedns/coredns转发到node节点/etc/resolv.conf问题 2019-07-18 10:33:19 +08:00
gjmzj 2f82e931ec fix当偶然出现docker安装失败的错误 2019-07-17 22:53:24 +08:00
gjmzj 8996741419 minor fix in role:ex-lb 2019-07-17 22:48:57 +08:00
gjmzj d0d941589e 调整部分基础软件安装 2019-07-17 09:01:16 +08:00
gjmzj 84c2146c72 fix:/sys/fs/cgroup只读挂载时部分os启用kube-reserved出错 2019-07-16 23:58:50 +08:00
gjmzj 5ec23d69c0 支持debian9离线安装基础软件 2019-07-16 23:26:29 +08:00
gjmzj e12c1f1c2a 增加支持debian9安装chrony 2019-07-16 22:47:53 +08:00
gjmzj d662135334 containerd:增加配置项是否启用容器仓库镜像 2019-07-15 00:15:25 +08:00
gjmzj 6ec6e94dea 增加配置项是否启用docker仓库镜像 2019-07-15 00:08:22 +08:00
gjmzj 7317a080d7 kubelet分离配置文件至/var/lib/kubelet/config.yaml 2019-07-13 11:01:08 +08:00
gjmzj bf153923a2 fix 执行roles/cluster-storage/cluster-storage.yml 2019-07-11 23:30:42 +08:00
gjmzj a96acfce07 fix helm安装使用kube-system命名空间执行错误 2019-07-08 11:17:42 +08:00
gjmzj 0ca5f7fdd9 调整apiserver部分参数 2019-07-06 22:06:11 +08:00
gjmzj fc37c0c930 minor changes, prepare release 2019-07-04 20:49:34 +08:00
gjmzj 2d182a4f32 fix 升级集群时服务配置文件可能需要修改 2019-07-04 14:25:32 +08:00
gjmzj 46973fb421 调整默认使用yum/apt源安装系统软件等 2019-07-03 22:39:23 +08:00
gjmzj 2a35d3e7ac 调整集群备份/恢复脚本及文档 2019-07-03 17:50:25 +08:00
gjmzj 45587b76a1 calico v3.4.4 and docs update 2019-07-03 08:49:48 +08:00
gjmzj fd7c737ef7 update metrics-server v0.3.3 2019-07-02 21:58:27 +08:00
gjmzj b4874448be 增加支持离线安装ubuntu1804基础软件 2019-07-02 21:01:32 +08:00
gjmzj 86acf0b1c4 easzup: 增加自动下载系统软件包 2019-07-02 09:58:07 +08:00
gjmzj ccb5686e82 fix: kubelet 1.15 删除参数--allow-privileged 2019-06-30 21:23:38 +08:00
gjmzj 846f81668e role deploy: 增加是否容器化运行ansible脚本判断 2019-06-30 20:11:42 +08:00
gjmzj 06c811203d fix 离线安装基础软件包 2019-06-29 18:10:51 +08:00
gjmzj 657d2c12d8 增加支持离线安装ex-lb 2019-06-28 21:16:13 +08:00
gjmzj b4df5ff604 增加支持离线安装haproxy 2019-06-28 19:36:53 +08:00
gjmzj 40c6ade024 增加支持离线安装基础软件 2019-06-28 12:53:04 +08:00
gjmzj 55451ed797 增加支持离线安装chrony 2019-06-28 10:50:36 +08:00
gjmzj 1e4b3147bd fix系统ulimit设置 2019-06-26 12:02:27 +08:00
gjmzj b925682d25 调整kubelet默认禁用system-reserved 2019-06-25 22:55:29 +08:00
gjmzj 7736893e03 fix: 容器化运行deploy任务时删除kubeconfig报错 2019-06-24 22:12:27 +08:00
gjmzj 6882a795ef minor fix 2019-06-24 00:05:25 +08:00
gjmzj a4215438fe 替换playbook中hosts: all 2019-06-23 07:36:51 +08:00
gjmzj 89663aef21 docs: minor fix 2019-06-17 22:34:02 +08:00
gjmzj b8d7945bcd update traefik v1.7.12, 修改部分镜像地址 2019-06-17 10:22:53 +08:00
gjmzj 45b28a7430 废弃heapster自动安装脚本 2019-06-17 09:42:05 +08:00
gjmzj e9d114f0f9 fix 容器化运行kubeasz时清理脚本 2019-06-17 09:34:34 +08:00
gjmzj 6f9b6dc4a3 cluster-addon: 自动安装traefik,调整dashboard离线安装 2019-06-13 17:16:52 +08:00
gjmzj d4d98ee8ba Add system-reserved in kubelet 2019-06-12 21:31:06 +08:00
gjmzj bc5fdd0898 fix docker与containerd安全检查 2019-06-11 15:57:25 +08:00
gjmzj 0f9c12525b set ex-lb: haproxy maxconn 50000 2019-06-11 13:48:34 +08:00
gjmzj 1e25610ffa update helm v2.14.1 2019-06-10 23:55:33 +08:00
gjmzj fc39f77ab9 添加docker/containerd互斥判断 2019-06-09 15:20:09 +08:00
gjmzj 80217dc1cd docs: update setup guide 2019-06-09 10:58:01 +08:00
gjmzj 1e81881436 废弃clean_one_node.yml 2019-06-08 16:07:46 +08:00
gjmzj e0392acef0 fix 安全加固允许ip_forward 2019-06-05 20:41:09 +08:00
gjmzj d0a481cd09 fix easzctl脚本适应新流程 2019-06-04 23:46:12 +08:00
gjmzj 2ef0e9f86c fix 删除master/node流程 2019-06-04 13:06:11 +08:00
gjmzj 48697d9f34 新增role: clean,重写99.clean.yml 2019-06-02 00:04:33 +08:00
gjmzj 254f6528b9 调整addetcd/addnode/addmaster等脚本2 2019-06-01 22:16:14 +08:00
gjmzj 6e6792bbd4 调整addetcd/addnode/addmaster脚本 2019-06-01 09:24:43 +08:00
gjmzj d2d164b2b8 fix 删除deploy角色 2019-05-31 23:07:00 +08:00
gjmzj 4999b2bd6a 调整去掉delegate_to deploy节点的任务 2019-05-31 00:00:01 +08:00
gjmzj 70c1f8b172 调整ex-lb的流程 2019-05-30 21:37:01 +08:00
gjmzj 8cf349b271 精简example hosts配置文件及配置项 2019-05-29 22:49:04 +08:00
gjmzj d17d938dfc 调整network/cluster-addon安装流程 2019-05-29 20:45:25 +08:00
gjmzj 78cc26db8c 重构kube-master/kube-node流程 2019-05-28 23:46:22 +08:00
gjmzj c2d2dab242 重构kube-master流程 2019-05-28 09:10:44 +08:00
gjmzj 05d5288d5c 安装流程重构之优化prepare/etcd/containerd/docker等阶段 2019-05-27 21:28:36 +08:00
gjmzj 8712819a9c 安装流程重构之优化prepare阶段 2019-05-27 20:02:02 +08:00
gjmzj 5859315c3e update kube-route v0.3.1 2019-05-27 00:04:00 +08:00
gjmzj 148dce5e81 fix: 双网卡下 apiserver endpoint 可能错误 #479 2019-05-23 23:22:25 +08:00
gjmzj 828de9d3b5 增加网络插件kube-ovn支持 2019-05-22 11:17:42 +08:00
gjmzj b4e373b01e 增加kubelet可选是否开启kube-reserved资源预留,默认开启 2019-05-22 00:06:21 +08:00
gjmzj 9b1ba6e5b5 更新containerd离线镜像导入脚本 2019-05-21 23:47:49 +08:00
gjmzj 72dd8bfa67 去除containerd相关测试工具 2019-05-21 07:32:02 +08:00
gjmzj e749f32738 增加containerd与harbor集成 2019-05-19 22:01:40 +08:00
gjmzj be3b7e090a update containerd/docker registry mirror settings 2019-05-18 22:44:23 +08:00
gjmzj a625c99b2f 更新离线镜像推送条件 2019-05-18 18:07:34 +08:00
gjmzj 5712d6626b integrate kubelet with containerd 2019-05-18 16:48:58 +08:00
lusyoe 4105238c23 添加Amazon Linux支持 2019-05-12 20:38:42 +08:00
gjmzj 369ab3e991 update traefik v1.7.11 2019-05-04 22:42:46 +08:00
gjmzj 3a97bd3b8d 更新docker国内镜像站点设置 2019-05-02 18:29:38 +08:00
gjmzj f931516d10 update coredns 1.5.0 2019-05-02 12:10:05 +08:00
gjmzj 881a43ab26 优化只读kubectl配置的创建流程 #537 2019-05-01 17:20:20 +08:00
gjmzj a1939079b4 fix: centos7 rsyslog服务启动错误 #538 2019-04-30 16:15:19 +08:00
suxiaolin 3835d32915 remove docker cn registry 2019-04-18 23:04:26 +08:00
waiting 4fe5305aea feat(chrony): 增加授时源 
增加一个阿里云,两个腾讯云,一个中国区

BREAKING CHANGE: 修改变量名 ntp_server 为 ntp_servers
 2019-04-18 22:56:45 +08:00
gjmzj 2bab10f502 增加每个node节点pod网络掩码长度设置项 2019-04-11 22:03:28 +08:00
gjmzj 0b7c85e72c 增加kubelet资源预留设置 2019-04-10 23:49:49 +08:00
gjmzj 80dff1d7b0 fix kernel>=4.19 加载nf_conntrack问题 2019-04-09 17:39:13 +08:00
gjmzj 9b4ec4b656 easzctl集成basic-auth配置 2019-04-07 20:38:23 +08:00
gjmzj 3c1c348544 更新dashboard关于basic-auth认证的相关 2019-04-04 09:08:27 +08:00
gjmzj 884154bb03 删除cAdvisor 4194端口限制 2019-04-03 23:02:33 +08:00
gjmzj 608c262d6e minor fix:提升系统安装包速度 2019-04-03 15:02:05 +08:00
gjmzj 92ea99e677 调整ca证书有效期等配置 2019-03-30 11:57:52 +08:00
gjmzj eca81279b7 修复docker安装时版本判断条件 2019-03-29 12:50:39 +08:00
gjmzj 047a0488e5 修复centos日志优化配置等 2019-03-28 18:44:10 +08:00
gjmzj ece94ff0b4 优化journald日志服务配置 2019-03-28 12:45:03 +08:00
gjmzj b684e96b6f work around with CVE-2019-3874 2019-03-28 09:44:56 +08:00
gjmzj b88d352ad7 增加kubectl使用可选参数配置kubeconfig 2019-03-28 09:18:00 +08:00
gjmzj 8319b3217b 修复当第一个etcd成员故障时apiserver也故障的bug,详见 kubernetes issue #72102 2019-03-27 21:59:34 +08:00
gjmzj b652d0ad62 update coredns 1.4.0 2019-03-27 20:55:34 +08:00
gjmzj 66f1ba2550 修复apiserver启用basic_auth认证 2019-03-26 15:20:54 +08:00
gjmzj 306fcbe6d1 update calico 3.4.3 2019-03-22 17:13:13 +08:00
gjmzj a076a384ad 修改安装dashboard同时安装heapster 2019-03-22 16:11:41 +08:00
gjmzj ef0ed89c34 修复easzctl setup流程 2019-03-17 19:19:57 +08:00
gjmzj 812d71ca10 minor fix 2019-03-16 17:32:43 +08:00
gjmzj cdddf6e6bb 调整apiserver可选开启基本认证(默认关闭) 2019-03-15 14:17:24 +08:00
gjmzj 78b947f86f 更新dashboard文档 2019-03-15 09:58:45 +08:00
gjmzj 0559c97a11 在role:kube-master中增加basic_auth相关配置 2019-03-14 23:51:04 +08:00