Commit Graph

423 Commits (311baeed5d776567f2d57872210ad89e298ccba1)

Author SHA1 Message Date
Smana 4a7d8c6fea clean conditions into docker templates 2016-06-02 21:01:41 +02:00
Smaine Kahlouch 722aacb633 Merge pull request #272 from rustyrobot/fix-etcd-scale-up
Add scale-up for etcd cluster
2016-06-01 17:20:04 +02:00
mattymo 68808534b3 Fix order in restart kubelet to fix systemd reload
Systemd reload before reload kubelet was failing because its definition was before "restart kubelet". Its definition should be after the notify hook.
2016-05-31 20:09:49 +04:00
Evgeny L 0500f27db8 Scale-up functionality for etcd cluster
* Set ETCD_INITIAL_CLUSTER_STATE from `new` to `existing`,
because parameter `new` makes sense only on cluster assembly
stage.
* If cluster exists and current node is not a part
of the cluster, add it with command `etcdctl add member name url`.

Closes kubespray/kargo/#270
2016-05-31 18:23:46 +03:00
Smaine Kahlouch 96a2439c38 Merge pull request #264 from rsmitty/issue-255
resolves coreos nodes not setting up docker proxies
2016-05-26 21:55:53 +02:00
Spencer Smith 87757d4fcf provides initial docker options support 2016-05-25 12:56:45 -04:00
Spencer Smith 492218a3e1 resolves coreos nodes not setting up docker proxies 2016-05-24 12:11:24 -04:00
Spencer Smith a740e521d2 removed os restriction for coreos 2016-05-24 12:03:16 -04:00
Smaine Kahlouch bdc183114a Merge pull request #261 from paulczar/meta_roles_yo
turn adduser/download roles into meta roles
2016-05-23 17:29:37 +02:00
Paul Czarkowski 7de87d958e turn adduser/download roles into meta roles
This should make things a little more composable,
by making these roles meta roles that perform no
actions by default we allow each role to own its own
resources.
2016-05-22 17:25:52 -05:00
Paul Czarkowski c226b4e5cb fixes issue #258
Kubernetes API server has an option:

```
--advertise-address=<nil>: The IP address on which to advertise the apiserver to members of the cluster. This address must be reachable by the rest of the cluster. If blank, the --bind-address will be used. If --bind-address is unspecified, the host's default interface will be used.
```

kargo does not set --bind-address, thus it binds to eth0, in vagrant and similar
environments this causes issues because nodes cannot talk to eachother over eth0.

This sets `--advertise-address` to `ip` if its set, otherwise the default behavior
of is persisted by using `ansible_default_ipv4.address`.
2016-05-22 13:48:16 -05:00
Paul Czarkowski ba615ff94e race condition in download role under vagrant
using a shared folder can cause race conditions for the download
role as it tries to download files on all the nodes to the same
shared path.  This adds a flag to run the tasks in the download
role on just one node.
2016-05-20 17:04:38 -05:00
Paul Czarkowski d8bebcd201 Fix issue with check_certs playbook
check_certs task "Check_certs | Set 'sync_certs' to true" was failing
due to the dict not existing, this sets defaults that allows the
correct behavior of the conditionals.
2016-05-15 17:15:59 -05:00
Smaine Kahlouch f576d70b3c Merge pull request #245 from kubespray/fix_flannel_deploy_213
fix flannel deployment, remove docker bridge before restarting
2016-05-13 19:54:07 +02:00
Smana ae5ff890d4 fix flannel deployment, remove docker bridge before restarting 2016-05-13 18:10:00 +02:00
Spencer Smith f949bfd46c remove need for baking image to get writeable /opt/bin 2016-05-13 02:48:13 -07:00
Spencer Smith 66d9a6ebbc updated to use handlers 2016-05-12 12:18:38 -07:00
Spencer Smith 9b8a757526 missed a name update :) 2016-05-12 09:30:11 -07:00
Spencer Smith a894a8c7bc Merge branch 'master' into issue-229 2016-05-12 09:10:57 -07:00
Spencer Smith 962155e463 updated names and removed checks for rhel, as we already know we have systemd inside that play 2016-05-12 09:06:31 -07:00
Spencer Smith c90c981bb2 updated to support all OSes using systemd 2016-05-12 09:03:11 -07:00
Smana 608e7dfab2 upgrade k8s vers, and add a script for future upgrades 2016-05-12 15:56:30 +02:00
Smana 1884d89d3b fixes the certs issue when masters or not in the kube-node group 2016-05-12 10:07:34 +02:00
Smaine Kahlouch ed95f9ab81 Merge pull request #232 from rsmitty/issue-231
Issue 231: ensure ca.pem makes it to multi-masters
2016-05-11 21:24:04 +02:00
Spencer Smith 9f8466a186 ensure ALL certs are synced between masters 2016-05-11 10:09:13 -07:00
Spencer Smith 743ad0eb5c s/sync_certs/sync_tokens 2016-05-11 09:38:26 -07:00
Spencer Smith 5253b3ec13 ensure ca.pem makes it to multi-masters 2016-05-11 09:06:08 -07:00
Spencer Smith ebf8231c9a only run if proxy variables are added 2016-05-10 15:53:32 -07:00
Spencer Smith adceaf60e1 support proxies with docker on rhel 2016-05-10 15:49:27 -07:00
Smaine Kahlouch 96c63cc0b6 Merge pull request #227 from paulczar/vagrant
Add native Vagrant support
2016-05-09 11:47:07 +02:00
Paul Czarkowski 5f2fa6d76f revert .gitignore for secrets 2016-05-08 23:46:35 -05:00
Paul Czarkowski bd064e8094 fix flannel's cross vm networking for vagrant
* set flannel backend type to `host-gw`
* set flannel interface to be eth1 ip
2016-05-08 23:42:42 -05:00
Paul Czarkowski 8f4e879ca7 Add native Vagrant support
This allows you to simply run `vagrant up` to get a 3 node HA cluster.

* Creates a dynamic inventory and uses the inventory/group_vars/all.yml
* commented lines in inventory.example so that ansible doesn't try to use it.
* added requirements.txt to give easy way to install ansible/ipaddr
* added gitignore files to stop attempts to save unwated files
* changed `Check if kube-system exists` to `failed_when: false` instead of
`ignore_errors`
2016-05-08 10:17:11 -05:00
Smana 4f627baf71 generate secrets on first master 2016-05-07 21:08:29 +02:00
David Reuss 180f2d1fde Pull correct variable for etcd initial variable
This shouldn't use the `inventory_hostname` variable, as that will just yield the same variable, but rather use the `host` which we're looping over.
2016-04-29 14:37:01 +02:00
Antoine Legrand 391b155a98 Merge pull request #216 from cmluciano/cml/fixubuntu
Fix ansible dict error on Ubuntu 14.04
2016-04-25 14:54:17 +02:00
Christopher M Luciano 47982ea21c Use ansible array format instead of dot-notation.
This fixes the ansible error ```'dict object' has no attribute
'ansible_default_ipv4'"}```. Closes #215
2016-04-25 08:45:58 -04:00
Smana 97de82bbcc upgrade weave to v1.5.0 with cni 2016-04-20 17:09:09 +02:00
Smana 928bbeaf0f upgrade calico v0.19.0, calico-cni v1.2.1 2016-04-19 18:28:45 +02:00
Rob Hirschfeld 107da007b1 Merge branch 'master' into flagfixes12 2016-04-12 18:44:06 -07:00
Rob Hirschfeld fb980e4542 missed tick in message
cosmetic
2016-04-12 18:43:31 -07:00
Rob Hirschfeld f12ad6a56f consolidate EPEL change into a single task
as per @smana request
2016-04-12 18:41:46 -07:00
Smaine Kahlouch 5691086ba2 Merge pull request #164 from oneswig/master
Provide a non-default hostname for CoreOS systems.
2016-04-12 17:18:33 +02:00
Rob Hirschfeld 831a54e9b7 add code to detect if epel is already installed and skip it if it is
add option for generic
2016-04-11 16:44:56 -05:00
Smana 3cd89bed45 Kubernetes upgrade to 1.2.2 2016-04-11 12:19:09 +02:00
Smana 48a85ce8f8 use docker repository to install on CentOS 2016-04-11 11:17:14 +02:00
Smana 936927a54f Fix docker install on rhel7 2016-04-10 22:08:13 +02:00
Smana 5c22133492 fix add nodes to the cluster 2016-04-08 07:45:39 +02:00
Smana b03093be73 update kubectl bash completion
change hyperkube image repository
2016-04-05 15:27:06 +02:00
Smana bc44d5deb3 upgrade to kubernetes v1.2.1 2016-04-05 12:59:18 +02:00
Smana 850b7466cd remove deprecation warns and update doc 2016-04-04 10:14:56 +02:00
Stig Telfer bf96b92def Merge branch 'master' into coreos-fixes 2016-04-02 21:01:28 +01:00
Stig Telfer ab21f4d169 Define empty default objects for docker package management.
On CoreOS where there is no package management, perform zero-trip
loops instead of throwing an exception for iterating over a member
of an undefined variable.
2016-04-02 20:55:17 +01:00
Stig Telfer 64a39fdb86 Use var for bin dir instead of assuming /usr/local/bin
On CoreOS the binaries are not installed in /usr/local/bin.
2016-04-02 20:53:33 +01:00
ant31 7237a925eb Add kubernetes.default.svc in certs dns 2016-04-01 12:40:01 +02:00
teuto.net Netzdienste GmbH 8cbdf73eba Changed path to hosts ssl certs from /usr/share/ca-certificates to /etc/ssl/certs/ which fixes https problems in kube-controller-manager and kube-apiserver (#189) caused by the lack of certificates on debian and redhat based systems. 2016-04-01 09:34:28 +02:00
teuto.net Netzdienste GmbH 624a964cda Implemented Dynamic Provisioning of PersistentVolumes with cinder
When kubespray is deployed on OpenStack, the kube-controller-manager is now aware of the cluster and can create new cinder volumes automatically if the PersistentVolumeClaims are annotated accordingly.
Note that this is an alpha feature of kubernetes 1.2
2016-03-31 14:38:46 +02:00
Smaine Kahlouch a14dfe74e1 Merge pull request #188 from teutostack/warnings-removal
Fixing deprecation warnings regarding bare variables and apt
2016-03-30 11:57:57 +02:00
teuto.net Netzdienste GmbH a192111e6a Reverted deletion of "changed_when: False" for Task "Install python-dnf for latest RedHat versions". Deleted "changed_when: False" on Task "Install latest version of python-apt for Debian distribs" to get notified when kubespray has installed a new package version. 2016-03-30 11:21:36 +02:00
teuto.net Netzdienste GmbH 4271dd6645 using apt module instead of command module to install python-apt 2016-03-30 10:39:33 +02:00
teuto.net Netzdienste GmbH 457ed11b49 fixed deprecation warnings regarding bare variables 2016-03-30 10:23:43 +02:00
teuto.net Netzdienste GmbH 9f8da6c225 Implemented cloud-provider integration for OpenStack.
Currently kubespray does not install kubernetes in a way that allows cinder volumes to be used. This commit provides the necessary cloud configuration file and configures kubelet and kube-apiserver to use it.
2016-03-29 15:17:22 +02:00
Smaine Kahlouch 68fafd030d choose between gce and aws cloud providers 2016-03-23 17:27:06 +01:00
Smaine Kahlouch e8aec5f4f0 Don't call the apiserver when the server is master only 2016-03-22 13:25:41 +01:00
Smaine Kahlouch c51ed4bbb7 use master election option instead of podmaster 2016-03-21 22:25:09 +01:00
Smaine Kahlouch ba4ad51c26 add aufs-tools package for debian 2016-03-21 17:25:14 +01:00
Antoine Legrand 785b84fd43 Upgrade to docker 1.10.3 2016-03-21 16:54:14 +01:00
Antoine Legrand 15ce66b2f5 Kubernetes 1.2.0 2016-03-21 16:54:14 +01:00
Smaine Kahlouch 7e6d7caf4b Dnsmasq runs on all nodes 2016-03-21 11:37:35 +01:00
ant31 6297e5ea93 Use dnsmasq inside pods 2016-03-19 23:41:27 +01:00
Antoine Legrand 72807965a8 Upload files to a separate storage 2016-03-04 17:39:02 +01:00
Antoine Legrand 611c7744a1 Remove submodules 2016-03-04 16:14:01 +01:00
Smana ede3aad2ab flannel backend type option 2016-03-04 14:55:04 +01:00
Smana 62218c1497 upgrade calicoctl to v0.17.0 2016-03-02 10:42:31 +01:00
Smana cb3cc6f523 adding option --proxy-mode for kubeproxy 2016-02-29 11:41:08 +01:00
Smaine Kahlouch 87fd8415da Merge pull request #163 from Smana/upgrade_kube_v1.1.8
Upgrade kuberenetes to v1.1.8
2016-02-26 23:25:00 +01:00
Stig Telfer edcd5bf67f Provide a non-default hostname for CoreOS systems.
A freshly-installed CoreOS system does not always have a hostname configured.
This causes problems for etcd and BGP mesh configuration for Calico.
Assign the Ansible inventory name as hostname as part of CoreOS bootstrap,
if the hostname is the default ("localhost").
2016-02-26 13:43:07 +00:00
Smana 9528caa1d7 Upgrade kuberenetes to v1.1.8 2016-02-25 17:35:38 +01:00
Smaine Kahlouch 3f32e5973f Merge pull request #158 from Smana/calico_nat_outgoing_opt
calico: enabling nat outgoing by default
2016-02-24 12:11:34 +01:00
Stig Telfer ff03c82151 On CoreOS, /etc/hosts does not always exist. 2016-02-23 12:04:58 +00:00
Smana 152c409022 calico: enabling nat outgoing by default 2016-02-21 17:11:49 +01:00
Smana fca384e24c first version of CoreOS on GCE
Please enter the commit message for your changes. Lines starting
2016-02-21 00:06:36 +01:00
Spencer Smith 20adb604cc confirmed working change to mktemp command 2016-02-18 15:56:10 -05:00
Smana 39caf94790 update hyperkube version 2016-02-18 16:38:25 +01:00
Smana b013b125bc Upgrade Calico and etcd 2016-02-15 12:41:27 +01:00
Smana 01397678df upgrade kubernetes to 1.1.7 2016-02-15 10:57:45 +01:00
Smana c3a8f379e8 rollback to docker 1.9 2016-02-13 15:38:42 +01:00
Smana c0cf506fb4 install epel-release on RHEL7 2016-02-13 13:15:08 +01:00
Smana a649aa8b7e use ansible_service_mgr to detect init system 2016-02-13 11:46:53 +01:00
Smana 91fca69aa0 generate secrets on deployment machine
test travis with sudo=true instead of required
2016-02-13 06:51:54 +01:00
Antoine Legrand 3fef552978 Docker 1.10.1 2016-02-13 06:19:47 +01:00
ntfrnzn a4e32c748a pin docker version actually 2016-02-12 14:45:09 -08:00
ntfrnzn c48bc34a34 pin docker versions to 1.9 or earlier 2016-02-12 14:40:13 -08:00
ant31 4ee3699933 Add weave to tests 2016-02-11 10:57:54 +01:00
Smaine Kahlouch 05c8a29688 Merge branch 'master' into weave_network_plugin 2016-02-10 18:33:48 +01:00
Smana 793d665db4 specify weave version 2016-02-10 18:19:03 +01:00
Greg Althaus 6f1fe0cda2 Force kube-proxy to bind to local address 2016-02-10 10:53:22 -06:00
Smana ab007e4ab8 weave network plugin 2016-02-09 17:55:12 +01:00
Smaine Kahlouch 4f92417a5d split network plugins into distinct roles 2016-02-09 11:42:00 +01:00
Smana b2d6626363 fix some issues with fedora 23 and dnf 2016-02-03 21:26:49 +01:00
Smaine Kahlouch 779299de15 calico uses --ip option 2016-02-01 15:53:23 +01:00
Antoine Legrand 7e94d31c8b Merge branch 'master' into increase_timeout 2016-02-01 14:32:25 +01:00
ant31 21b0a3649d Increase liveness timeout 2016-02-01 13:41:49 +01:00
Smaine Kahlouch 3bb6066558 add option '--nat-outgoing' for calico on clouds 2016-02-01 10:47:34 +01:00
Smaine Kahlouch 64be24dd20 Merge pull request #123 from Smana/install_epel_rhel
install epel release for rhel
2016-02-01 10:46:10 +01:00
Smaine Kahlouch 4d3f6c6533 install epel release for rhel
install required packages before common

roles/kubernetes/preinstall/tasks/main.yml
2016-01-31 22:12:34 +01:00
Greg Althaus 6163fe166e Update docker for CentOS issues in AWS and general
variables.

1. AWS has issues with ext4 (use xfs instead for CentOS only)
2. Make sure all the centos config files are include in the systemd config
3. Make sure that network options are set in the correct file by os family

This allows downstream items like opencontrail and others change variables
in expected locations.
2016-01-30 21:46:32 -06:00
Smaine Kahlouch 6358cf788f etcd initd startup command fix 2016-01-30 22:31:41 +01:00
Antoine Legrand b33713da4a Change calico condition --ipip 2016-01-29 14:07:21 +01:00
Antoine Legrand 83c1bd516d Update calico.yml 2016-01-29 12:23:29 +01:00
Antoine Legrand 5d24cabc83 Merge pull request #116 from ansibl8s/calico_on_cloud
Add --ipip to calico if on cloud_proivder
2016-01-28 20:28:15 +01:00
Antoine Legrand 7127e6de54 Add --ipip to calico if on cloud_proivder 2016-01-28 20:13:50 +01:00
Greg Althaus bedcca922c Add variables and defaults for multiple types of ip addresses.
Each node can have 3 IPs.
1. ansible_default_ip4 - whatever ansible things is the first IPv4 address
   usually with the default gw.
2. ip - An address to use on the local node to bind listeners and do local
   communication.  For example, Vagrant boxes have a first address that is the
   NAT bridge and is common for all nodes.  The second address/interface should
   be used.
3. access_ip - An address to use for node-to-node access.  This is assumed to
   be used by other nodes to access the node and may not be actually assigned
   on the node.  For example, AWS public ip that is not assigned to node.

This updates the places addresses are used to use either ip or access_ip and walk
up the list to find an address.
2016-01-27 16:05:39 -06:00
Smaine Kahlouch a323335d36 use 'kube_pods_subnet' var for flannel conf 2016-01-27 22:00:12 +01:00
Smaine Kahlouch 8d71d56809 update submodules and documentation 2016-01-27 17:02:41 +01:00
Antoine Legrand cf472a6b4c Merge pull request #107 from ansibl8s/race_condition_api_master
Slowdown apimaster restart
2016-01-26 18:00:47 +01:00
ant31 fd6ac61afc Use local etcd/etcdproxy for calico 2016-01-26 17:28:30 +01:00
Antoine Legrand 4566d60e6f Slowdown apimaster restart 2016-01-26 15:23:16 +01:00
Antoine Legrand 49a7278563 Set perms on unarchive 2016-01-26 12:17:33 +01:00
Antoine Legrand b9781fa7c2 Symlink dnsmasq conf 2016-01-26 00:30:29 +01:00
Smaine Kahlouch 90ffb8489a fix some handlers 2016-01-25 22:49:24 +01:00
Greg Althaus e7d5b7af67 Force owner and permissions for get_url retrieved
files.  get_url doesn't honor owner and mode is spotty.
2016-01-25 13:30:48 -06:00
Greg Althaus c7bd2a2a1e Need to use separate stanzas for each repo because the
args are different.  Sigh.
2016-01-25 11:16:56 -06:00
Smaine Kahlouch baaa6efc2b workaround_ha_apiserver 2016-01-25 12:07:32 +01:00
ant31 56b92812fa Fix systemd reload and calico unit 2016-01-25 10:54:07 +01:00
ant31 f5508b1794 Use update_cache when possible 2016-01-25 02:06:34 +01:00
Greg Althaus bcd6ecb7fb Add flannel vars to enable vagrant and amazon environments 2016-01-24 16:18:35 +01:00
Antoine Legrand b4734c280a Merge branch 'master' into add_users_role 2016-01-24 15:58:10 +01:00
Antoine Legrand dd61f685b8 AddUser Role 2016-01-24 11:54:34 +01:00
Smaine Kahlouch 4984b57aa2 use rsync instead of command 2016-01-23 18:26:07 +01:00
Smaine Kahlouch 283c4169ac run apiserver as a service
reorder master handlers

typo for sysvinit
2016-01-23 14:21:04 +01:00
Smaine Kahlouch 5edc81c627 moving kube-cert group into group_vars 2016-01-22 17:18:45 +01:00
Smaine Kahlouch 391413f7e7 missing commits for the PR #86 2016-01-22 17:10:31 +01:00
Smaine Kahlouch 87b42e34e0 create kube-cert group task 2016-01-22 16:51:54 +01:00
Smaine Kahlouch be0bec9eab add kube-cert group 2016-01-22 16:46:06 +01:00
Smaine Kahlouch cb59559835 use command instead of synchronize 2016-01-22 16:37:07 +01:00
Antoine Legrand 078b67c50f Remove downloader host 2016-01-22 09:59:39 +01:00
Greg Althaus 32877bdc7b Merge branch 'master' into etcd-sync 2016-01-21 13:13:58 -06:00
Greg Althaus ec1073def8 Test for a systemd service that should be up. 2016-01-21 11:35:15 -06:00
Greg Althaus 28e530e005 Fix etcd synchronize to other nodes from the downloader 2016-01-21 11:21:25 -06:00
Smaine Kahlouch de038530ef don't run gitinfos by default 2016-01-21 13:41:01 +01:00
Smaine Kahlouch 337977e868 script which gives info about the deployment state
fix script location
2016-01-21 13:41:01 +01:00
Smaine Kahlouch 9715962356 etcd directly in host
fix etcd configuration for nodes

fix wrong calico checksums

using a var name etcd_bin_dir

fix etcd handlers for sysvinit

using a var name etcd_bin_dir

sysvinit script

review etcd configuration
2016-01-21 11:36:11 +01:00
Smaine Kahlouch a5094f2a6a move /etc/hosts configuration in 'preinstall' role 2016-01-20 17:37:23 +01:00
Greg Althaus fe5ec398bf Use IP is specified, otherwise use the ansible discovered address.
This fixes cases for use in Vagrant environments.
2016-01-20 08:34:39 -06:00
Antoine Legrand 859f6322a0 Merge branch 'master' into add_set_remote_user 2016-01-19 21:08:52 +01:00
Greg Althaus 10b2466d82 run_once only works if master[0] is first in inventory list
of all nodes.
2016-01-19 13:10:54 -06:00
Antoine Legrand f68d8f3757 Add seT_remote_user in synchronize 2016-01-19 14:20:05 +01:00
Antoine Legrand 9b083b62cf Rename tasks 2016-01-19 14:20:05 +01:00
Smaine Kahlouch b54af6b42f reduce dns timeout 2016-01-19 13:49:33 +01:00