Commit Graph

1058 Commits (3f786542d3161fd1dc87f982ffe6d6e2382f968e)

Author SHA1 Message Date
Smana 247a1a6e6e change hyperkube repository 2016-06-29 14:07:05 +02:00
mattymo 708d2fbd61 Add KUBE_API_INSECURE_BIND to systemd unit file
This was missing from commit c4c312c2e6
2016-06-27 13:01:22 +04:00
Matthew Mosesohn c4c312c2e6 Add configurable option for kube_apiserver_insecure_bind_address 2016-06-24 18:10:01 +03:00
Smana 922c6897d1 Install python-pip on first master 2016-06-12 20:44:12 +02:00
Smana 8281b98e19 install kpm in order to deploy addons 2016-06-11 21:08:05 +02:00
mattymo 68808534b3 Fix order in restart kubelet to fix systemd reload
Systemd reload before reload kubelet was failing because its definition was before "restart kubelet". Its definition should be after the notify hook.
2016-05-31 20:09:49 +04:00
Spencer Smith a740e521d2 removed os restriction for coreos 2016-05-24 12:03:16 -04:00
Smaine Kahlouch bdc183114a Merge pull request #261 from paulczar/meta_roles_yo
turn adduser/download roles into meta roles
2016-05-23 17:29:37 +02:00
Paul Czarkowski 7de87d958e turn adduser/download roles into meta roles
This should make things a little more composable,
by making these roles meta roles that perform no
actions by default we allow each role to own its own
resources.
2016-05-22 17:25:52 -05:00
Paul Czarkowski c226b4e5cb fixes issue #258
Kubernetes API server has an option:

```
--advertise-address=<nil>: The IP address on which to advertise the apiserver to members of the cluster. This address must be reachable by the rest of the cluster. If blank, the --bind-address will be used. If --bind-address is unspecified, the host's default interface will be used.
```

kargo does not set --bind-address, thus it binds to eth0, in vagrant and similar
environments this causes issues because nodes cannot talk to eachother over eth0.

This sets `--advertise-address` to `ip` if its set, otherwise the default behavior
of is persisted by using `ansible_default_ipv4.address`.
2016-05-22 13:48:16 -05:00
Paul Czarkowski d8bebcd201 Fix issue with check_certs playbook
check_certs task "Check_certs | Set 'sync_certs' to true" was failing
due to the dict not existing, this sets defaults that allows the
correct behavior of the conditionals.
2016-05-15 17:15:59 -05:00
Smana ae5ff890d4 fix flannel deployment, remove docker bridge before restarting 2016-05-13 18:10:00 +02:00
Smana 608e7dfab2 upgrade k8s vers, and add a script for future upgrades 2016-05-12 15:56:30 +02:00
Smana 1884d89d3b fixes the certs issue when masters or not in the kube-node group 2016-05-12 10:07:34 +02:00
Smaine Kahlouch ed95f9ab81 Merge pull request #232 from rsmitty/issue-231
Issue 231: ensure ca.pem makes it to multi-masters
2016-05-11 21:24:04 +02:00
Spencer Smith 9f8466a186 ensure ALL certs are synced between masters 2016-05-11 10:09:13 -07:00
Spencer Smith 743ad0eb5c s/sync_certs/sync_tokens 2016-05-11 09:38:26 -07:00
Spencer Smith 5253b3ec13 ensure ca.pem makes it to multi-masters 2016-05-11 09:06:08 -07:00
Smaine Kahlouch 96c63cc0b6 Merge pull request #227 from paulczar/vagrant
Add native Vagrant support
2016-05-09 11:47:07 +02:00
Paul Czarkowski 5f2fa6d76f revert .gitignore for secrets 2016-05-08 23:46:35 -05:00
Paul Czarkowski 8f4e879ca7 Add native Vagrant support
This allows you to simply run `vagrant up` to get a 3 node HA cluster.

* Creates a dynamic inventory and uses the inventory/group_vars/all.yml
* commented lines in inventory.example so that ansible doesn't try to use it.
* added requirements.txt to give easy way to install ansible/ipaddr
* added gitignore files to stop attempts to save unwated files
* changed `Check if kube-system exists` to `failed_when: false` instead of
`ignore_errors`
2016-05-08 10:17:11 -05:00
Smana 4f627baf71 generate secrets on first master 2016-05-07 21:08:29 +02:00
Smana 97de82bbcc upgrade weave to v1.5.0 with cni 2016-04-20 17:09:09 +02:00
Rob Hirschfeld fb980e4542 missed tick in message
cosmetic
2016-04-12 18:43:31 -07:00
Rob Hirschfeld f12ad6a56f consolidate EPEL change into a single task
as per @smana request
2016-04-12 18:41:46 -07:00
Rob Hirschfeld 831a54e9b7 add code to detect if epel is already installed and skip it if it is
add option for generic
2016-04-11 16:44:56 -05:00
Smana 3cd89bed45 Kubernetes upgrade to 1.2.2 2016-04-11 12:19:09 +02:00
Smana 48a85ce8f8 use docker repository to install on CentOS 2016-04-11 11:17:14 +02:00
Smana 936927a54f Fix docker install on rhel7 2016-04-10 22:08:13 +02:00
Smana 5c22133492 fix add nodes to the cluster 2016-04-08 07:45:39 +02:00
Smana b03093be73 update kubectl bash completion
change hyperkube image repository
2016-04-05 15:27:06 +02:00
Smana bc44d5deb3 upgrade to kubernetes v1.2.1 2016-04-05 12:59:18 +02:00
Smana 850b7466cd remove deprecation warns and update doc 2016-04-04 10:14:56 +02:00
ant31 7237a925eb Add kubernetes.default.svc in certs dns 2016-04-01 12:40:01 +02:00
teuto.net Netzdienste GmbH 8cbdf73eba Changed path to hosts ssl certs from /usr/share/ca-certificates to /etc/ssl/certs/ which fixes https problems in kube-controller-manager and kube-apiserver (#189) caused by the lack of certificates on debian and redhat based systems. 2016-04-01 09:34:28 +02:00
teuto.net Netzdienste GmbH 624a964cda Implemented Dynamic Provisioning of PersistentVolumes with cinder
When kubespray is deployed on OpenStack, the kube-controller-manager is now aware of the cluster and can create new cinder volumes automatically if the PersistentVolumeClaims are annotated accordingly.
Note that this is an alpha feature of kubernetes 1.2
2016-03-31 14:38:46 +02:00
Smaine Kahlouch a14dfe74e1 Merge pull request #188 from teutostack/warnings-removal
Fixing deprecation warnings regarding bare variables and apt
2016-03-30 11:57:57 +02:00
teuto.net Netzdienste GmbH a192111e6a Reverted deletion of "changed_when: False" for Task "Install python-dnf for latest RedHat versions". Deleted "changed_when: False" on Task "Install latest version of python-apt for Debian distribs" to get notified when kubespray has installed a new package version. 2016-03-30 11:21:36 +02:00
teuto.net Netzdienste GmbH 4271dd6645 using apt module instead of command module to install python-apt 2016-03-30 10:39:33 +02:00
teuto.net Netzdienste GmbH 457ed11b49 fixed deprecation warnings regarding bare variables 2016-03-30 10:23:43 +02:00
teuto.net Netzdienste GmbH 9f8da6c225 Implemented cloud-provider integration for OpenStack.
Currently kubespray does not install kubernetes in a way that allows cinder volumes to be used. This commit provides the necessary cloud configuration file and configures kubelet and kube-apiserver to use it.
2016-03-29 15:17:22 +02:00
Smaine Kahlouch 68fafd030d choose between gce and aws cloud providers 2016-03-23 17:27:06 +01:00
Smaine Kahlouch e8aec5f4f0 Don't call the apiserver when the server is master only 2016-03-22 13:25:41 +01:00
Smaine Kahlouch c51ed4bbb7 use master election option instead of podmaster 2016-03-21 22:25:09 +01:00
Smaine Kahlouch ba4ad51c26 add aufs-tools package for debian 2016-03-21 17:25:14 +01:00
Antoine Legrand 785b84fd43 Upgrade to docker 1.10.3 2016-03-21 16:54:14 +01:00
Smana cb3cc6f523 adding option --proxy-mode for kubeproxy 2016-02-29 11:41:08 +01:00
Smana 9528caa1d7 Upgrade kuberenetes to v1.1.8 2016-02-25 17:35:38 +01:00
Stig Telfer ff03c82151 On CoreOS, /etc/hosts does not always exist. 2016-02-23 12:04:58 +00:00
Smana fca384e24c first version of CoreOS on GCE
Please enter the commit message for your changes. Lines starting
2016-02-21 00:06:36 +01:00
Spencer Smith 20adb604cc confirmed working change to mktemp command 2016-02-18 15:56:10 -05:00
Smana 39caf94790 update hyperkube version 2016-02-18 16:38:25 +01:00
Smana c0cf506fb4 install epel-release on RHEL7 2016-02-13 13:15:08 +01:00
Smana a649aa8b7e use ansible_service_mgr to detect init system 2016-02-13 11:46:53 +01:00
Smana 91fca69aa0 generate secrets on deployment machine
test travis with sudo=true instead of required
2016-02-13 06:51:54 +01:00
Smaine Kahlouch 05c8a29688 Merge branch 'master' into weave_network_plugin 2016-02-10 18:33:48 +01:00
Greg Althaus 6f1fe0cda2 Force kube-proxy to bind to local address 2016-02-10 10:53:22 -06:00
Smana ab007e4ab8 weave network plugin 2016-02-09 17:55:12 +01:00
Smaine Kahlouch 4f92417a5d split network plugins into distinct roles 2016-02-09 11:42:00 +01:00
Smana b2d6626363 fix some issues with fedora 23 and dnf 2016-02-03 21:26:49 +01:00
Antoine Legrand 7e94d31c8b Merge branch 'master' into increase_timeout 2016-02-01 14:32:25 +01:00
ant31 21b0a3649d Increase liveness timeout 2016-02-01 13:41:49 +01:00
Smaine Kahlouch 4d3f6c6533 install epel release for rhel
install required packages before common

roles/kubernetes/preinstall/tasks/main.yml
2016-01-31 22:12:34 +01:00
Greg Althaus bedcca922c Add variables and defaults for multiple types of ip addresses.
Each node can have 3 IPs.
1. ansible_default_ip4 - whatever ansible things is the first IPv4 address
   usually with the default gw.
2. ip - An address to use on the local node to bind listeners and do local
   communication.  For example, Vagrant boxes have a first address that is the
   NAT bridge and is common for all nodes.  The second address/interface should
   be used.
3. access_ip - An address to use for node-to-node access.  This is assumed to
   be used by other nodes to access the node and may not be actually assigned
   on the node.  For example, AWS public ip that is not assigned to node.

This updates the places addresses are used to use either ip or access_ip and walk
up the list to find an address.
2016-01-27 16:05:39 -06:00
Antoine Legrand 4566d60e6f Slowdown apimaster restart 2016-01-26 15:23:16 +01:00
Antoine Legrand b9781fa7c2 Symlink dnsmasq conf 2016-01-26 00:30:29 +01:00
Smaine Kahlouch 90ffb8489a fix some handlers 2016-01-25 22:49:24 +01:00
Greg Althaus c7bd2a2a1e Need to use separate stanzas for each repo because the
args are different.  Sigh.
2016-01-25 11:16:56 -06:00
Smaine Kahlouch baaa6efc2b workaround_ha_apiserver 2016-01-25 12:07:32 +01:00
ant31 56b92812fa Fix systemd reload and calico unit 2016-01-25 10:54:07 +01:00
ant31 f5508b1794 Use update_cache when possible 2016-01-25 02:06:34 +01:00
Smaine Kahlouch 4984b57aa2 use rsync instead of command 2016-01-23 18:26:07 +01:00
Smaine Kahlouch 283c4169ac run apiserver as a service
reorder master handlers

typo for sysvinit
2016-01-23 14:21:04 +01:00
Smaine Kahlouch 391413f7e7 missing commits for the PR #86 2016-01-22 17:10:31 +01:00
Smaine Kahlouch cb59559835 use command instead of synchronize 2016-01-22 16:37:07 +01:00
Antoine Legrand 078b67c50f Remove downloader host 2016-01-22 09:59:39 +01:00
Greg Althaus ec1073def8 Test for a systemd service that should be up. 2016-01-21 11:35:15 -06:00
Smaine Kahlouch de038530ef don't run gitinfos by default 2016-01-21 13:41:01 +01:00
Smaine Kahlouch 337977e868 script which gives info about the deployment state
fix script location
2016-01-21 13:41:01 +01:00
Smaine Kahlouch a5094f2a6a move /etc/hosts configuration in 'preinstall' role 2016-01-20 17:37:23 +01:00
Antoine Legrand 859f6322a0 Merge branch 'master' into add_set_remote_user 2016-01-19 21:08:52 +01:00
Greg Althaus 10b2466d82 run_once only works if master[0] is first in inventory list
of all nodes.
2016-01-19 13:10:54 -06:00
Antoine Legrand f68d8f3757 Add seT_remote_user in synchronize 2016-01-19 14:20:05 +01:00
Antoine Legrand 9b083b62cf Rename tasks 2016-01-19 14:20:05 +01:00
ant31 4271126bae Change hyperkube repo 2016-01-18 17:17:08 +01:00
Smaine Kahlouch 049f5015c1 upgrade hyperkube image version 2016-01-18 16:55:57 +01:00
Smaine Kahlouch 8415634016 use google hyperkube image 2016-01-16 22:55:49 +01:00
Smaine Kahlouch 8127e8f8e8 Flannel running as pod 2016-01-15 13:03:27 +01:00
ant31 5d61b5e813 Fix namespace 2016-01-14 16:22:37 +01:00
ant31 b769636435 Ansible 2.0 2016-01-13 16:40:24 +01:00
Smaine Kahlouch eab2cec0ad fix kubectl perms 2016-01-08 16:02:40 +01:00
ant31 f49aa90bf7 fix synchronize pull mode 2016-01-08 11:32:06 +01:00
Antoine Legrand 7913d62749 Merge pull request #44 from ansibl8s/travis
Travis  tests
2016-01-07 23:46:02 +01:00
Smaine Kahlouch d5320961e9 enforce user root when sudo is used 2016-01-05 15:33:23 +01:00
ant31 9a03249446 Add travis tests 2016-01-05 12:31:49 +01:00
ant31 8fa0110e28 Remove local dep. downloader 2016-01-04 16:10:29 +01:00
Smaine Kahlouch 99d16913d3 use bin_dir var in init scripts 2016-01-04 14:35:01 +01:00
Smaine Kahlouch d172457504 sysvinit scripts 2016-01-04 14:30:37 +01:00
Smaine Kahlouch 6103d673b7 New calico's configuration 2016-01-04 14:30:37 +01:00
Smaine Kahlouch 29bf90a858 review handlers for sysvinit 2016-01-04 14:30:37 +01:00
Smaine Kahlouch 15cd1bfc56 rename env file 2015-12-31 14:55:06 +01:00
Smaine Kahlouch be5fe9af54 never report changed for init system detection 2015-12-31 14:54:15 +01:00
Smaine Kahlouch 7006d56ab8 split role download and preinstall 2015-12-31 14:07:02 +01:00
Smaine Kahlouch 1695682d85 handle sysvinit 2015-12-31 14:05:55 +01:00
Smaine Kahlouch 98fe2c02b2 review local tasks 2015-12-31 10:28:47 +01:00
Smaine Kahlouch 92c2a9457e rename role common to kubernetes/preinstall 2015-12-31 10:03:22 +01:00
Smaine Kahlouch c9d9ccf025 move network-environment template into node role, required by kubelet 2015-12-29 21:36:51 +01:00
ant31 e378f4fb14 Install calico-plugin before running calico 2015-12-28 22:04:39 +01:00
Antoine Legrand 5c15d14f12 Run etcd as pod 2015-12-28 22:04:39 +01:00
Smaine Kahlouch 680864f95c don't sync certs on masters, already done in another task 2015-12-21 14:24:57 +01:00
Smaine Kahlouch b2afbfd4fb don't touch if the file exists 2015-12-21 14:23:33 +01:00
Smaine Kahlouch ab694ee291 Install python-httplib2 required packaged 2015-12-21 12:00:42 +01:00
Smaine Kahlouch fec1dc9041 A single file for tokens tasks 2015-12-19 11:00:22 +01:00
Smaine Kahlouch e7e03bae9f calico talks to apiserver with https 2015-12-18 22:22:52 +01:00
Smaine Kahlouch c6d65cb535 remove temporary workaround due to node reboot issue with calico 2 2015-12-18 13:25:46 +01:00
Smaine Kahlouch a0746a3efd remove temporary workaround due to node reboot issue with calico 2015-12-18 13:22:32 +01:00
Antoine Legrand 184bb8c94d Use 0755 mode for binaries 2015-12-17 22:46:50 +01:00
Smaine Kahlouch 9914229484 using ip address instead of inventory_hostname for kube-proxy 2015-12-17 10:43:06 +01:00
Smaine Kahlouch b3841659d7 Review role order, use master ip even when fqdn are used in the inventory 2015-12-16 23:49:01 +01:00
ant31 958c770bef Update ports 2015-12-16 17:43:26 +01:00
ant31 6012230110 Merge branch 'ha_master' of https://github.com/ansibl8s/setup-kubernetes into ha 2015-12-15 17:42:01 +01:00
Smaine Kahlouch c91a3183d3 manage undefined vars for loadbalancing 2015-12-15 16:51:55 +01:00
ant31 693230ace9 Merge branch 'ha_master' of https://github.com/ansibl8s/setup-kubernetes into ha 2015-12-15 16:28:49 +01:00
ant31 f21f660cc5 Use kube_apiserver_port 2015-12-15 16:27:12 +01:00
Smaine Kahlouch 953f482585 kube-proxy loadbalancing, need an external loadbalancer 2015-12-15 15:20:08 +01:00
Smaine Kahlouch 4055980ce6 ha apiservers for kubelet 2015-12-15 13:14:27 +01:00
Smaine Kahlouch 2fc8b46996 etcd can run on a distinct cluster 2015-12-14 10:39:13 +01:00
Smaine Kahlouch 5efc09710b Renaming hyperkube image vars 2015-12-14 09:54:58 +01:00
Smaine Kahlouch 9862afb097 Upgrade kubernetes to v1.1.3 2015-12-13 16:41:18 +01:00
Smaine Kahlouch 59994a6df1 Quickstart documentation 2015-12-12 19:37:08 +01:00
Smaine Kahlouch 0a1b92f348 cluster log level variable 'kube_log_level' 2015-12-12 19:37:08 +01:00
Smaine Kahlouch af9b945874 add the loadbalancer address to ssl certs 2015-12-12 19:37:08 +01:00
Smaine Kahlouch 1568cbe8e9 optionnal api runtime extensions 2015-12-12 19:37:08 +01:00
Smaine Kahlouch eb4dd5f19d update kubectl bash completion 2015-12-12 19:37:08 +01:00
Smaine Kahlouch f49620517e running kubernetes master processes as pods 2015-12-12 19:37:08 +01:00
Smaine Kahlouch d1e19563b0 Master and nodes will run the 'node' role, kube-proxy is run under a container, new script for ssl certs 2015-12-12 19:37:08 +01:00
Smaine Kahlouch 9cecc30b6d changing proxy mode to default 'userspace', issues with 'iptables' 2015-12-09 15:03:57 +01:00
Smaine Kahlouch a03f3739dc Add kubectl bash completion, missing script 2015-12-01 15:45:31 +01:00
Smaine Kahlouch bfe78848fa Add kubectl bash completion 2015-12-01 12:13:22 +01:00
Smaine Kahlouch 126d4e36c8 Fix kube-proxy on master 2015-11-30 16:41:22 +01:00
Smaine Kahlouch 97c4edc028 Add api runtime config option, review kubernetes handlers 2015-11-27 12:32:31 +01:00
Smaine Kahlouch 4a9a82ca86 include kubernetes config 2015-11-22 18:04:50 +01:00
Smaine Kahlouch d7b7db34fa move task service kube-api to the end of role master 2015-11-21 17:01:43 +01:00
Antoine Legrand 7f73bb5522 Keep workaround 2015-11-21 14:04:42 +01:00
ant31 323155b0e1 Fix docker 2015-11-20 14:04:13 +01:00
ant31 8fa7811b63 Remove workaround 2015-11-20 11:36:32 +01:00
ant31 c352df6fc8 Add Backup 2015-11-20 11:18:37 +01:00
Antoine Legrand 57e1831f78 Update calico to 0.11.0 2015-11-20 10:38:39 +01:00
Smaine Kahlouch 3f411bffe4 include config file into systemd unit file 2015-11-16 22:22:19 +01:00
Smaine Kahlouch 5cc29b77aa add option proxy mode iptables for better performances 2015-11-16 22:21:17 +01:00
Smaine Kahlouch 0b164bec02 add option proxy mode iptables for better performances 2015-11-16 22:17:21 +01:00
Smaine Kahlouch 2b3543d0ee Merge branch 'master' of https://github.com/ansibl8s/setup-kubernetes 2015-11-02 13:46:23 +01:00
Smaine Kahlouch c997860e1c move vars for api socket into group_vars 2015-11-02 13:46:08 +01:00
ant31 3bf74530ce Add IP var 2015-11-01 11:12:12 +01:00
Smaine Kahlouch f216302f95 Calico is not a network overlay 2015-10-27 15:49:07 +01:00
Smaine Kahlouch 6183a4d3b1 dns vars for skydns submodule 2015-10-13 17:12:59 +02:00
Smaine Kahlouch 347bc4a79c remove fluentd configuration on nodes 2015-10-12 17:28:17 +02:00
Smaine Kahlouch 00c562828f Initial commit 2015-10-03 22:19:50 +02:00