Andreas Krüger
044dcbaed0
Add Kubelet config, remove deprecated flags and fix minor bugs ( #4724 )
...
* Add kubelet config
* Change kubelet_authorization_mode_webhook to true
* Fix lint
* Sync env file
* Refactor the kubernetes node folder
* Remove deprecated flag and fix lint
2019-05-08 13:38:36 -07:00
Andreas Krüger
8a5eae94ea
Minor cleanups of CoreDNS issues and CI job ( #4719 )
...
* Minor cleanups
* Add comment in docs that nodelocaldns cache is enabled by default
2019-05-07 13:20:36 -07:00
Andreas Krüger
bf3c6aeed1
Add kube anon auth settings to kubeadm config templates ( #4713 )
...
* Disable kube_api_anonymous_auth by default to secure the setup
* Disable metrics-server in addons. Health endpoint is slow and unstable
* Fix anonymous-auth missing in configuration
* Cleanup a bit
* Fix kube anon auth
2019-05-07 12:52:34 -07:00
MarkusTeufelberger
f3fbf995ca
Update default CentOS version on Azure
2019-05-07 13:37:42 +02:00
Dmitri Rubinstein
03bded2b6b
Fix adding output of kubeadm to the admin.conf downloaded to the artifacts directory ( #4696 )
...
Fixes issue https://github.com/kubernetes-sigs/kubespray/issues/4695
2019-05-06 03:29:36 -07:00
Manuel Cintron
d5c0829d61
Removing unnecessary httplib2 install ( #4708 )
2019-05-03 17:55:38 -07:00
Alex Barcelo
00369303de
Fixing `msg` parameter for `debug` module ( #4702 )
...
According to [`debug` module documentation](https://docs.ansible.com/ansible/latest/modules/debug_module.html?highlight=msg ), the correct parameter name is `msg`.
With the previous `message` parameter name I was getting FAILED messages while ansible was trying to debug previous FAILED tasks.
2019-05-03 12:21:42 -07:00
okamototk
1f1479c0a7
Update ingress nginx 0.24.1. ( #4691 )
2019-05-03 12:19:39 -07:00
MarkusTeufelberger
e67f848abc
ansible-lint: add spaces around variables [E206] ( #4699 )
2019-05-02 14:24:21 -07:00
MarkusTeufelberger
560f50d3cd
Add support for http(s)_proxy to CoreOS, Fedora and OpenSUSE ( #4669 )
...
* Add support for http(s)_proxy to CoreOS and Fedora
* fix opensuse proxy support
* Fix CoreOS proxy support
* update documentation
2019-05-02 12:28:22 -07:00
Maxime Guyot
3f45122d0d
Refactor Terraform CI ( #4654 )
2019-05-02 12:26:19 -07:00
Stas
50bdaa573c
Apply etcd_extra_vars to etcd-events.env as well. ( #4219 )
...
This change ensures that etcd_extra_vars variable applies
to events etcd as well.
2019-05-02 12:24:27 -07:00
Maxime Guyot
24b6698cc9
Disable CI deploys on master ( #4690 )
2019-05-02 12:20:20 -07:00
Andreas Krüger
73885d3b9e
Validate Vagrantfile in CI unit-tests ( #4642 )
...
* Validate vagrant file on CI
* Install vagrant
* Install vagrant
* Install vagrant
* Install vagrant
* Install vagrant
* Install vagrant
* Test vagrant validate
2019-05-02 11:24:21 -07:00
Maxime Guyot
f29387316f
Fix ansible-lint 602 ( #4688 )
2019-05-01 23:42:17 -07:00
Timoses
d6fd0d2aca
Enable delegating all downloads (binaries, images, kubeadm images) ( #4420 )
...
* Download to delegate and sync files when download_run_once
* Fail on error after saving container image
* Do not set changed status when downloaded container was up to date
* Only sync containers when they are actually required
Previously, non-required images (pull_required=false as
image existed on target host) were synced to the target
hosts. This failed as the image was not downloaded to
the download_delegate and hence was not available for
syncing.
* Sync containers when only missing on some hosts
* Consider images with multiple repo tags
* Enable kubeadm images pull/syncing with download_delegate
* Use kubeadm images list to pull/sync
'kubeadm config images pull' is replaced by collecting the images
list with 'kubeadm config images list' and using the commonly
used method of pull/syncing the images.
* Ensure containers are downloaded and synced for all hosts
* Fix download/syncing when download_delegate is a kubernetes host
2019-05-01 01:10:56 -07:00
MarkusTeufelberger
e814da1eec
ansible-lint: Don't use the local_action module [E504] ( #4666 )
2019-05-01 00:38:55 -07:00
Andreas Krüger
e029a09345
Update CI to use 2.10.0 release ( #4682 )
...
* Update CI to use 2.10.0 release
* Add rsync as it's required to use synchronize
2019-04-30 07:29:37 -07:00
Christoffer Anselm
dcd9c9509b
Add etcd role dependency on kube user to avoid etcd role failure when running scale.yml with a fresh node. ( #3240 ) ( #4479 )
2019-04-30 04:01:36 -07:00
Matthew Mosesohn
15eb7db36d
Fix k8s api endpoint for secondary nodes in control plane mode ( #4675 )
...
Change-Id: I1588458b54c52443ad8d0afbd266f77ac0afea67
2019-04-29 07:50:24 -07:00
Matthew Mosesohn
a5b46bfc8c
Run dns_late preinstall tasks on all k8s nodes ( #4672 )
...
* Run dns_late preinstall tasks on all k8s nodes
Related issue: #4656
Change-Id: I63f8559ef1a497b7580ab084561e6603fe647834
* Fix ansible-lint
Change-Id: Ia5b33fa63dbc36d8c3e9557ef3f2ea02af2325a5
* Fix recover_control_plane lint issues
Change-Id: I16643a3193c11b6ba704e9698812cac7e4fd19a8
2019-04-29 05:12:21 -07:00
Youngchul Bang
fbba259933
ingress-nginx: enable --report-node-internal-ip-address flag ( #4114 )
...
Close #4113
2019-04-29 01:44:22 -07:00
Florent Monbillard
7b77e2d232
Remove docker-storage-setup dependency if not needed ( #4077 )
...
When docker_container_storage_setup is false,
docker service should not depend on docker-storage-setup service,
because it's not installed.
For example, when using overlay2 on recent RHEL 7/Centos 7 kernels,
you most likely don't need it.
2019-04-29 01:42:22 -07:00
qvicksilver
48a182844c
Documentation and playbook for recovering control plane from node failure ( #4146 )
2019-04-29 01:40:20 -07:00
MarkusTeufelberger
9335cdcebc
ansible-lint: Add exception for invocation of "rm" ( #4609 )
2019-04-29 01:34:20 -07:00
Andreas Krüger
38af93b60c
Remove rkt support ( #4671 )
2019-04-29 01:14:20 -07:00
Matthew Mosesohn
741de6051c
Fix nodeselectors for contiv and nginx-ingress ( #4662 )
...
* Fix nodeselectors for contiv and nginx-ingress
Change-Id: Ib3eb6bd87193c69a90ee944c9164a0b6792c79ba
* Set kube proxy mode to iptables for addons task
Change-Id: Iff71a71f672405c74b4708c71db15ddc4391a53a
2019-04-28 23:36:19 -07:00
Dmitry
b8f0de3074
Fixed etcd-servers-overrides in kubeadm config ( #4668 )
...
* kube-apiserver will fail if used comma as separator
2019-04-28 23:02:20 -07:00
MarkusTeufelberger
88d919337e
ansible-lint: don't compare to empty string [E602] ( #4665 )
2019-04-28 23:00:20 -07:00
Jiang Yi Tao
f518b90c6b
associate fips for masters with no etcd ( #4657 )
2019-04-28 22:58:20 -07:00
Maxime Guyot
d5c33e6d6c
Refactor test cases ( #4655 )
2019-04-28 22:56:19 -07:00
Matthew Mosesohn
338eb4ce65
Fix kubeadm upload certs with when condition ( #4659 )
...
* Fix kubeadm upload certs with when condition
Change-Id: I916dd2375b71eea2386047c7f185a2f8361f7a61
* Update kubeadm-secondary-experimental.yml
2019-04-27 01:14:20 -07:00
Matthew Mosesohn
009e208bcd
Remove RHEL from packet deploy ( #4661 )
...
Change-Id: I131d77bb9d16cc0f252dd86166c29f72daa9a64a
2019-04-26 09:56:29 -07:00
Matthew Mosesohn
81e6877b02
Make cilium tests pass ( #4660 )
...
Cilium requires a high kernel. rhel7 and centos7 are too low, so they are removed.
Bumping ubuntu to ubuntu-1804
Change-Id: Ib1bffa45b8f9ed0ba500f751714372b3a3f7878b
2019-04-26 05:54:37 -07:00
Andreas Krüger
3722acee85
Fix broken metrics-server deployment not starting ( #4651 )
...
* Fix metrics-server deployment
* Make metrics server work
* Fix sample inventory
2019-04-26 00:44:26 -07:00
Maxime Guyot
a4a35f8a4f
Git checkout a specific version for testing upgrades ( #4653 )
2019-04-25 05:24:46 -07:00
grialeyur
82119ca923
Add support calico kubernetes datastore and typha. ( #4498 )
...
* Add support calico kubernetes datastore and typha.
* Add typha_enabled to kubespray-defaults.
2019-04-25 05:00:48 -07:00
gitareest
6ca2019002
Fix issue with etcd arm host installation case ( #4589 )
...
Use host_architecture variable.
2019-04-25 04:58:47 -07:00
Maxime Guyot
53e3463b5a
Fix GCE tests with undefined CI_PLATFORM ( #4650 )
2019-04-25 04:20:47 -07:00
Matthew Mosesohn
c9ed5f69d7
Prepend docker.io for all docker hub images ( #4648 )
...
Change-Id: I71dc793641bc168e40419e38f33f68f5325e77a9
2019-04-25 01:34:46 -07:00
Maxime Guyot
696d481e3b
Fix dynamic inventory parsing in contrib/tf/packet ( #4645 )
2019-04-25 00:40:46 -07:00
Maxime Guyot
f5a83ceded
Fix typo in test-infra playbook ( #4644 )
2019-04-24 13:34:46 -07:00
Andreas Krüger
3fe66a1298
Update downloads role to download to correct group ( #4638 )
2019-04-24 10:48:03 -07:00
Maxime Guyot
6af1f65d3c
Fix python syntax in Terraform dynamic inventory ( #4643 )
2019-04-24 10:34:04 -07:00
Sergey Kolekonov
4a10dca7d4
Add an ability to provide oidc cert in base64 ( #4618 )
2019-04-24 09:40:01 -07:00
Matthew Mosesohn
4d57ed314d
Clean up check for setting kubeadm certificate key ( #4634 )
...
Change-Id: I2c97c4753089eb3ec2e6b01b2681a8be98ecbb57
2019-04-24 07:14:12 -07:00
Andreas Krüger
86d0e12695
Add missing comma ( #4636 )
2019-04-24 07:10:02 -07:00
iwankgb
4e81bcc147
Fixing Vagrant cluster provisioning ( #4218 )
...
* Pass ansible_ssh_user as host_var
Co-authored-by: Damian Darczuk <damian.darczuk@intel.com>
Co-authored-by: Paweł Pałucki <pawel.palucki@intel.com>
* Create a directory before downloading container images to ansible host
Co-authored-by: Damian Darczuk <damian.darczuk@intel.com>
Co-authored-by: Paweł Pałucki <pawel.palucki@intel.com>
* Set private key usuing synchronize task options
Co-authored-by: Damian Darczuk <damian.darczuk@intel.com>
Co-authored-by: Paweł Pałucki <pawel.palucki@intel.com>
2019-04-24 05:42:05 -07:00
andreyshestakov
691baf5b14
Calico fix ( #4540 )
...
* Mark "Calico | Set global as_num" as "unchanged"
This command executes with "--skip-exists" parameter, so it is idempotent
and should not be marked as "changed".
* trigger ci
2019-04-24 05:40:01 -07:00
Attilio Greco
6243467856
remove duble check for run this task just one time ( #4613 )
2019-04-24 05:38:01 -07:00