Commit Graph

864 Commits (3b2554217b1bf73126bfc2251e70e4679664ff48)
 

Author SHA1 Message Date
Bogdan Dobrelya a70c3b661e Add HA/LB endpoints for kube-apiserver
* Add auto-evaluated internal endpoints and clarify the loadbalancer_apiserver
vars and usecases.
* Add loadbalancer_apiserver_localhost (default false). If enabled, override
the external LB and expect localhost:443/8080 to be new internal only frontends.
* Add kube_apiserver_multiaccess to ignore loadbalancers, and make clients
to access the apiservers as a comma-separated list of access_ip/ip/ansible ip
(a default mode). When disabled, allow clients to use the given loadbalancers.
* Define connections security mode for kube controllers, schedulers, proxies.
It is insecure be default, which is the current deployment choice.
* Rework the groups['kube-master'][0] hardcode defining the apiserver
endpoints.
* Improve grouping of vars and add facts for kube_apiserver.
* Define kube_apiserver_insecure_bind_address as a fact, add more
facts for ease of use.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-07-21 11:05:03 +02:00
Antoine Legrand 0f246bfba4 Merge pull request #365 from kubespray/etcddockerdefault
Set default etcd deployment to docker
2016-07-21 10:59:49 +02:00
mattymo 8141b72d5e Merge branch 'master' into etcddockerdefault 2016-07-20 19:16:47 +03:00
Antoine Legrand 277c5d74cc Merge pull request #367 from bogdando/set_facts
Fix set_facts visibility
2016-07-20 18:00:15 +02:00
Matthew Mosesohn 7a86b6c73e Set default etcd deployment to docker
Improved docker reload command to wait for etcd to be
up before proceeding. Switched reload to run restart
because it can't reload if it is not guaranteed to be
in running state.
2016-07-20 18:26:16 +03:00
Antoine Legrand 52a85d5757 Merge pull request #366 from mattymo/kubeletresolv
Add variable kube_resolv_conf
2016-07-20 13:47:59 +02:00
Bogdan Dobrelya a76e5dbb11 Fix set_facts visibility
Move set_facts to the preinstall scope, so every role
may see it. For example, network plugins to see the etcd_endpoint.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-07-20 11:41:09 +02:00
Matthew Mosesohn c3e5aac18e Add variable kube_resolv_conf
Allow configuration of a custom /etc/resolv.conf for kubelet.
2016-07-20 11:57:47 +03:00
Antoine Legrand 10b38ab9ff Merge pull request #355 from bogdando/issues/26
Add etcd proxy support
2016-07-19 17:43:21 +02:00
Bogdan Dobrelya 32cd6e99b2 Add etcd proxy support
* Enforce a etcd-proxy role to a k8s-cluster group members. This
provides an HA layout for all of the k8s cluster internal clients.
* Proxies to be run on each node in the group as a separate etcd
instances with a readwrite proxy mode and listen the given endpoint,
which is either the access_ip:2379 or the localhost:2379.
* A notion for the 'kube_etcd_multiaccess' is: ignore endpoints and
loadbalancers and use the etcd members IPs as a comma-separated
list. Otherwise, clients shall use the local endpoint provided by a
etcd-proxy instances on each etcd node. A Netwroking plugins always
use that access mode.
* Fix apiserver's etcd servers args to use the etcd_access_endpoint.
* Fix networking plugins flannel/calico to use the etcd_endpoint.
* Fix name env var for non masters to be set as well.
* Fix etcd_client_url was not used anywhere and other etcd_* facts
evaluation was duplicated in a few places.
* Define proxy modes only in the env file, if not a master. Del
an automatic proxy mode decisions for etcd nodes in init/unit scripts.
* Use Wants= instead of Requires= as "This is the recommended way to
hook start-up of one unit to the start-up of another unit"
* Make apiserver/calico Wants= etcd-proxy to keep it always up

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
Co-authored-by: Matthew Mosesohn <mmosesohn@mirantis.com>
2016-07-19 14:09:40 +02:00
Smaine Kahlouch a2540e3318 Merge pull request #362 from bogdando/fix_service_unit
Fix systemd service unit for etcd
2016-07-16 10:38:36 +02:00
Bogdan Dobrelya 0b874e8db2 Fix systemd service unit for etcd
See https://github.com/coreos/etcd/issues/4308

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-07-15 16:22:17 +02:00
Smaine Kahlouch 192136df20 Merge pull request #359 from kubespray/fix_351
deployment idempotent
2016-07-14 21:34:21 +02:00
Smana ab8fdba484 deployment idempotent 2016-07-14 21:33:24 +02:00
Smaine Kahlouch 342e6d6823 Merge pull request #358 from kubespray/use_coreos_hyperkube
use hyperkube coreos image
2016-07-14 21:19:10 +02:00
Smana dfe7bfd127 use hyperkube coreos image 2016-07-14 21:20:41 +02:00
Smaine Kahlouch 51f55f3748 Merge pull request #353 from kubespray/proxymode_default_iptables
use iptables as default proxy mode
2016-07-12 11:16:39 +02:00
Smana a709cd9aa1 use iptables as default proxy mode 2016-07-12 10:20:43 +02:00
Jonathan Beckman d4dfdf68a6 Add settable flannel image tag & image repo
New settings with defaults:
flannel_server_helper_image_repo: "gcr.io/google_containers/"
flannel_server_helper_image_tag: "0.1"
flannel_image_repo: "quay.io/coreos/flannel"
flannel_image_tag: "0.5.5"
2016-07-11 13:18:20 +08:00
Smaine Kahlouch a5c21ab2e8 Merge pull request #346 from bogdando/issues/345
Add hostpath dynamic provisioner for PetSets
2016-07-09 22:43:09 +02:00
Smaine Kahlouch c1690c91c2 Merge pull request #348 from rsmitty/master
updated admission controllers for >1.2 Kubernetes
2016-07-08 23:08:32 +02:00
Smaine Kahlouch e8195b65e4 Merge pull request #344 from jcsirot/master
Some additional roadmap items
2016-07-08 19:06:35 +02:00
Spencer Smith c9cff5c845 updated admission controllers for >1.2 Kubernetes 2016-07-08 10:04:14 -07:00
Bogdan Dobrelya da20d9eda4 Add hostpath dynamic provisioner for PetSets
Defaults to false. Use with v1.3 only.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-07-08 16:52:39 +02:00
Jean-Christophe Sirot a2bdcabc33 Some additional roadmap items 2016-07-08 16:32:01 +02:00
Smana 1e8ee99d1a a small change in the roadmap 2016-07-08 09:40:12 +02:00
Smaine Kahlouch a07260959d Merge pull request #339 from kubespray/roadmap
roadmap
2016-07-08 09:20:29 +02:00
Smaine Kahlouch 5fdea4b947 first version of the roadmap 2016-07-08 09:21:33 +02:00
Smaine Kahlouch 83da5d7657 Merge pull request #335 from mattymo/calicoctl
Change calicoctl deployment to use container
2016-07-07 21:47:40 +02:00
Smaine Kahlouch 1761f9f891 Merge pull request #309 from mattymo/etcddocker
Add optional deployment mode for Docker etcd_deployment_type
2016-07-07 21:17:58 +02:00
Matthew Mosesohn b3282cd0bb Add optional deployment mode for Docker etcd_deployment_type
Running etcd in Docker reduces the number of individual file
downloads and services running on the host.

Note: etcd container v3.0.1 moves bindir to /usr/local/bin

Fixes: #298
2016-07-07 19:31:28 +03:00
Smaine Kahlouch 65ece3bc1d Merge pull request #341 from jcsirot/ci-test-matrix
Add CI test matrix for GCE
2016-07-07 11:11:03 +02:00
Jean-Christophe Sirot e2d6b92370 Add CI test matrix 2016-07-07 10:35:59 +02:00
Smaine Kahlouch bcd912e854 Merge pull request #337 from blasphemy/add-kubelet-ip
Add kubelet ip
2016-07-07 08:05:03 +02:00
Smaine Kahlouch 8251781efb Merge pull request #340 from abourget/fix/flanneld-free-the-logs
flanneld: don't redirect logs to an unreadable location
2016-07-07 07:56:10 +02:00
Alexandre Bourget 3b7eaf66b6 flanneld: don't redirect logs to an unreadable location, let docker/k8s see
and aggregate them.
2016-07-06 16:25:11 -04:00
Daniel Leining 1d148e9755 fix kubelet ip with quotes 2016-07-05 17:23:08 -04:00
Daniel Leining d84ed1b4b3 make kubelet use "ip" as bind address 2016-07-05 17:14:12 -04:00
Matthew Mosesohn baf80b7d7e Change calicoctl deployment to use container
Improves upgradability of calicoctl by leveraging docker tags.
2016-07-05 13:49:03 +03:00
Smaine Kahlouch 9777b3c177 Merge pull request #333 from mattymo/apiserver-loglevel
Fix kube-apiserver log level syntax
2016-07-05 12:15:26 +02:00
Matthew Mosesohn d2151500b6 Fix kube-apiserver log level syntax 2016-07-05 13:11:45 +03:00
Smaine Kahlouch e101b72a72 Merge pull request #332 from mattymo/hyperkubeversion
Set hyperkube version to kube_version
2016-07-05 11:47:30 +02:00
Matthew Mosesohn b847a43c61 Set hyperkube version to kube_version 2016-07-05 12:43:27 +03:00
Smaine Kahlouch 19f5093034 Merge pull request #331 from kubespray/docs
add documentation
2016-07-04 14:39:00 +02:00
Smaine Kahlouch 585102ee20 add documentation 2016-07-04 14:37:30 +02:00
Smaine Kahlouch ee7ac22f0d Merge pull request #328 from kubespray/upgrade_k8s_v1.3.0
upgrade to k8s v1.3.0
2016-07-03 18:23:17 +02:00
Smana 0b67c23d42 test the apiserver from the masters instead of the deployment machine 2016-07-03 16:18:04 +02:00
Smana f1ba247844 upgrade to k8s v1.3.0 2016-07-03 14:14:09 +02:00
Smaine Kahlouch 2fa7ee0cf9 Merge pull request #326 from kubespray/upgrade_etcd_v3
upgrade to etcd v3.0.1
2016-07-02 14:26:13 +02:00
Smana 40fbb3691d uprade to etcd v3.0.1 2016-07-02 14:14:32 +02:00