kubeasz

Commit Graph

Author	SHA1	Message	Date
gjmzj	ccb5686e82	fix: kubelet 1.15 删除参数--allow-privileged	2019-06-30 21:23:38 +08:00
gjmzj	06c811203d	fix 离线安装基础软件包	2019-06-29 18:10:51 +08:00
gjmzj	657d2c12d8	增加支持离线安装ex-lb	2019-06-28 21:16:13 +08:00
gjmzj	b4df5ff604	增加支持离线安装haproxy	2019-06-28 19:36:53 +08:00
gjmzj	b925682d25	调整kubelet默认禁用system-reserved	2019-06-25 22:55:29 +08:00
gjmzj	d4d98ee8ba	Add system-reserved in kubelet	2019-06-12 21:31:06 +08:00
gjmzj	80217dc1cd	docs: update setup guide	2019-06-09 10:58:01 +08:00
gjmzj	2ef0e9f86c	fix 删除master/node流程	2019-06-04 13:06:11 +08:00
gjmzj	6e6792bbd4	调整addetcd/addnode/addmaster脚本	2019-06-01 09:24:43 +08:00
gjmzj	70c1f8b172	调整ex-lb的流程	2019-05-30 21:37:01 +08:00
gjmzj	8cf349b271	精简example hosts配置文件及配置项	2019-05-29 22:49:04 +08:00
gjmzj	d17d938dfc	调整network/cluster-addon安装流程	2019-05-29 20:45:25 +08:00
gjmzj	78cc26db8c	重构kube-master/kube-node流程	2019-05-28 23:46:22 +08:00
gjmzj	b4e373b01e	增加kubelet可选是否开启kube-reserved资源预留，默认开启	2019-05-22 00:06:21 +08:00
gjmzj	5712d6626b	integrate kubelet with containerd	2019-05-18 16:48:58 +08:00
gjmzj	0b7c85e72c	增加kubelet资源预留设置	2019-04-10 23:49:49 +08:00
gjmzj	884154bb03	删除cAdvisor 4194端口限制	2019-04-03 23:02:33 +08:00
gjmzj	92ea99e677	调整ca证书有效期等配置	2019-03-30 11:57:52 +08:00
gjmzj	ef0ed89c34	修复easzctl setup流程	2019-03-17 19:19:57 +08:00
gjmzj	812d71ca10	minor fix	2019-03-16 17:32:43 +08:00
gjmzj	f19339d7f1	调整prepare tasks，避免把证书和kubeconfig分发到不需要的节点	2019-02-01 13:45:46 +08:00
gjmzj	edd68c7f47	增加 pod-infra-container 可选择配置	2019-01-10 23:51:50 +08:00
lixianyang	0a57c136a7	移除 kube-node csr 请求批准部分	2018-12-07 08:52:14 +08:00
gjmzj	aa869e17ff	set kubelet authentication/authorization webhook	2018-10-06 10:21:04 +08:00
gjmzj	6b21f30ab9	调整安装步骤中kubectl的执行以适合公有云部署	2018-09-15 11:27:33 +08:00
gjmzj	cdf778b6ab	取消 Node节点 Bootstrap机制	2018-09-11 20:46:46 +08:00
lusyoe	2b4d92a07a	添加kubelet根目录	2018-08-31 23:02:31 +08:00
gjmzj	30b6ebb59f	fix 兼容ansible执行节点与deploy节点分离	2018-08-11 09:14:03 +08:00
lusyoe	be08287672	支持deploy与ansible执行节点分离	2018-08-07 17:11:33 +08:00
gjmzj	5f07276ea2	废弃ansible hosts变量SERVICE_PROXY	2018-07-09 18:18:32 +08:00
gjmzj	2a916c0ad1	更新kube-proxy使用ipvs模式	2018-07-09 17:43:12 +08:00
gjmzj	6f201476bd	增加等待网络插件正常运行	2018-06-18 00:04:00 +08:00
gjmzj	2f65a8bba6	minor 脚本和文档更新	2018-06-15 10:52:59 +08:00
jmgao	931b2cf1b9	用inventory_hostname替换变量NODE_IP	2018-06-09 22:19:20 +08:00
gjmzj	fe1e5a65a5	设置node roles	2018-05-22 15:57:44 +08:00
gjmzj	15bbc26d3f	minor fix:等待node节点Ready	2018-05-20 23:18:53 +08:00
gjmzj	1fd8515711	增加master和node服务重启tags	2018-05-20 00:17:59 +08:00
gjmzj	58ccd3bc88	增加[可选]OS安全加固脚本	2018-05-19 22:40:41 +08:00
gjmzj	a0d3ac6ec9	增加升级k8s时服务文件的更新	2018-05-17 23:07:01 +08:00
gjmzj	83bdcfd41a	修复kubelet匿名访问漏洞	2018-05-17 22:51:15 +08:00
spirit	6b6de7881e	修复kubelet安全策略 (#192 ) https://kubernetes.io/docs/admin/kubelet-authentication-authorization/ By default, requests to the kubelet’s HTTPS endpoint that are not rejected by other configured authentication methods are treated as anonymous requests, and given a username of system:anonymous and a group of system:unauthenticated. To disable anonymous access and send 401 Unauthorized responses to unauthenticated requests: start the kubelet with the --anonymous-auth=false flag	2018-05-17 22:31:54 +08:00
gjmzj	45b7fab60e	新增upgrade脚本	2018-05-11 11:07:14 +08:00
gjmzj	afd667e2a3	更新pause镜像3.1，kube-dns 1.14.9	2018-04-24 23:06:57 +08:00
gjmzj	11974a4b14	minor fix	2018-04-10 18:58:10 +08:00
gjmzj	6eb58b175a	修复shell执行systemctl enable xx可能报错退出问题	2018-04-10 18:33:24 +08:00
gjmzj	b176a8761d	minor fix	2018-04-10 18:06:12 +08:00
gjmzj	99ea4b1144	update k8s 1.9.6 && minor fix	2018-03-28 17:59:26 +08:00
gjmzj	84b46057a7	更新等待node状态Ready脚本	2018-03-25 18:28:49 +08:00
gjmzj	825a241ed3	修改判断证书是否存在的方式	2018-03-24 09:25:20 +08:00
gjmzj	b33ab0eea2	优化等待kubelet启动bootstrap机制	2018-03-22 22:41:43 +08:00

1 2

73 Commits (ccb5686e822128ed5e8ca07e8f202577c4edfc8f)