Commit Graph

110 Commits (41e684eb5a281b8118e745f727d3687083405748)

Author SHA1 Message Date
Antoine Legrand 5f7607412b Add default var role 2017-02-23 12:07:17 +01:00
Alexander Block d2e010cbe1 Add kernel upgrade for CentOS 2017-02-10 09:29:12 +01:00
Antoine Legrand 067bbaa473 Merge pull request #1001 from idcrook/kargo-issue-1000-efk-enable
removed explicit role for efk in cluster.yml
2017-02-10 03:03:18 +01:00
David Crook d4d9f27a8d removed explicit role for efk in cluster.yml 2017-02-08 20:48:28 -07:00
Josh Conant 245e05ce61 Vault security hardening and role isolation 2017-02-08 21:41:36 +00:00
Josh Conant f4ec2d18e5 Adding the Vault role 2017-02-08 21:31:28 +00:00
Brad Beam df3e11bdb8 Adding EFK logging stack 2017-02-03 16:27:08 -06:00
Brad Beam b54eb609bf Consolidating kube.py module 2017-01-27 11:28:11 -06:00
Alexander Block 1d2a18b355 Introduce dns_mode and resolvconf_mode and implement docker_dns mode
Also update reset.yml to do more dns/network related cleanup.
2017-01-05 23:38:51 +01:00
Brad Beam 8dc19374cc Allowing etcd to run via rkt 2017-01-03 10:10:38 -06:00
Brad Beam a8f2af0503 Adding initial rkt support 2017-01-03 10:08:43 -06:00
Bogdan Dobrelya ff8cb46bb9 Rework wildcards matching all nodes
* Re-enable ansible_ssh_pipelining as expected for the cluster.yml
* Do not use 'all' wildcasts for hosts, limit only to k8s-cluster, etcd,
  calico-rr groups instead. Other nodes in inventory are out of Kargo
  scope and it's up to users how to manage them.

Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2016-12-27 17:02:08 +01:00
Antoine Legrand 768fe05eea Merge pull request #704 from vwfs/bastion_hosts
Add support for bastion hosts
2016-12-17 12:08:49 +01:00
Aleksandr Didenko d57c27ffcf Add calico/routereflector support
Add BGP route reflectors support in order to optimize BGP topology
for deployments with Calico network plugin.

Also bump version of calico/ctl for some bug fixes.
2016-12-14 13:44:10 +01:00
Alexander Block 96640e68e2 Add tags for bastion-ssh-config 2016-12-13 17:29:47 +01:00
Alexander Block 06584ee3aa Add support for bastion hosts 2016-12-13 17:29:47 +01:00
Alexander Block 42ea4d2cfd Add comment about why ansible_ssh_pipelining is set to false in bootstrap-os 2016-12-12 09:55:28 +01:00
Alexander Block 7abcf6e0b9 Remove requiretty from sudoers to actually make pipelining work
Some systems (e.g. CentOS on Azure) have requiretty in sudoers which makes
pipelining fail.
2016-12-12 09:54:39 +01:00
Bogdan Dobrelya a15d626771 Preconfigure DNS stack and docker early
In order to enable offline/intranet installation cases:
* Move DNS/resolvconf configuration to preinstall role. Remove
  skip_dnsmasq_k8s var as not needed anymore.

* Preconfigure DNS stack early, which may be the case when downloading
  artifacts from intranet repositories. Do not configure
  K8s DNS resolvers for hosts /etc/resolv.conf yet early (as they may be
  not existing).

* Reconfigure K8s DNS resolvers for hosts only after kubedns/dnsmasq
  was set up and before K8s apps to be created.

* Move docker install task to early stage as well and unbind it from the
  etcd role's specific install path. Fix external flannel dependency on
  docker role handlers. Also fix the docker restart handlers' steps
  ordering to match the expected sequence (the socket then the service).

* Add default resolver fact, which is
  the cloud provider specific and remove hardcoded GCE resolver.

* Reduce default ndots for hosts /etc/resolv.conf to 2. Multiple search
  domains combined with high ndots values lead to poor performance of
  DNS stack and make ansible workers to fail very often with the
  "Timeout (12s) waiting for privilege escalation prompt:" error.

* Update docs.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-09 17:30:55 +01:00
Pablo Moreno 27e239c8d6 GlusterFS with external VMs, terraform/os included 2016-12-06 11:03:13 +00:00
ant31 dba2026002 Fail all nodes on error 2016-12-02 12:37:22 +01:00
Aleksandr Didenko 309240cd6f Adding support for canal network plugin
This patch provides support for Canal network plugin installation
as a self-hosted app, see the following link for details:

https://github.com/tigera/canal/tree/master/k8s-install
2016-11-08 11:04:01 +01:00
Bogdan Dobrelya c59c3a1bcf Fix idempotency/recurrence of download and preinstall
* Don't push containers if not changed
* Do preinstall role only once and redistribute defaults to
  corresponding roles

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-10-24 18:28:53 +02:00
Anthony Howell 1a05b5980f restored gather facts on all hosts 2016-09-19 14:12:42 -05:00
Antoine Legrand 2e386dfbdc Merge pull request #465 from kubespray/freeze_kpm_version
Multiple app deploy tools
2016-09-08 22:01:52 +02:00
Antoine Legrand ccbb2ee3ae App deployer plugins 2016-09-08 15:01:57 +02:00
Brandon B. Jozsa 2606e8e1c8 combine bootstrap options, add xenial support 2016-09-06 10:04:41 -04:00
Bogdan Dobrelya 8168689caa Refactor roles and hosts
Shorten deployment time with:
- Remove redundand roles if duplicated by a dependency and vice versa
- When a member of k8s-cluster, always install docker as a dependency
  of the etcd role and drop the docker role from cluster.yaml.
- Drop etcd and node role dependencies from master role as they are
  covered by the node role in k8s-cluster group as well. Copy defaults
  for master from node role.
- Decouple master, node, secrets roles handlers and vars to be used w/o
  cross references.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-08-25 13:27:57 +02:00
Matthew Mosesohn d591b59205 Fix etcd play to only run on non-k8s-cluster nodes
This decreases the time required to deploy a cluster with
3 nodes, but none are standalone etcd roles.
2016-08-18 14:08:24 +03:00
Spencer Smith 298ab8e89e force fact check of all nodes first thing 2016-08-12 10:06:31 -04:00
Matthew Mosesohn 1b1f5f22d4 Fix etcd standalone deployment
etcd facts are generated in kubernetes/preinstall, so etcd nodes need
to be evaluated first before the rest of the deployment.

Moved several directory facts from kubernetes/node to
kubernetes/preinstall because they are not backward dependent.
2016-07-26 18:15:06 +03:00
ant31 eb6025a184 Add kubedns as default package to install 2016-06-12 18:08:53 +02:00
Spencer Smith 492218a3e1 resolves coreos nodes not setting up docker proxies 2016-05-24 12:11:24 -04:00
Paul Czarkowski 7de87d958e turn adduser/download roles into meta roles
This should make things a little more composable,
by making these roles meta roles that perform no
actions by default we allow each role to own its own
resources.
2016-05-22 17:25:52 -05:00
Smaine Kahlouch 7e6d7caf4b Dnsmasq runs on all nodes 2016-03-21 11:37:35 +01:00
ant31 6297e5ea93 Use dnsmasq inside pods 2016-03-19 23:41:27 +01:00
Smana fca384e24c first version of CoreOS on GCE
Please enter the commit message for your changes. Lines starting
2016-02-21 00:06:36 +01:00
Smaine Kahlouch 4f92417a5d split network plugins into distinct roles 2016-02-09 11:42:00 +01:00
Antoine Legrand dd61f685b8 AddUser Role 2016-01-24 11:54:34 +01:00
Antoine Legrand 078b67c50f Remove downloader host 2016-01-22 09:59:39 +01:00
ant31 b769636435 Ansible 2.0 2016-01-13 16:40:24 +01:00
Smaine Kahlouch 92c2a9457e rename role common to kubernetes/preinstall 2015-12-31 10:03:22 +01:00
Smaine Kahlouch a11e0cb3d1 keep host downloader 2015-12-31 09:38:55 +01:00
Smaine Kahlouch dbb6f4934e common role in order to support other linux distribs 2015-12-30 22:26:45 +01:00
Antoine Legrand 5c15d14f12 Run etcd as pod 2015-12-28 22:04:39 +01:00
Smaine Kahlouch 94c0c32752 The etcd role is run on all the servers 2015-12-18 11:29:06 +01:00
Antoine Legrand 184bb8c94d Use 0755 mode for binaries 2015-12-17 22:46:50 +01:00
Smaine Kahlouch b3841659d7 Review role order, use master ip even when fqdn are used in the inventory 2015-12-16 23:49:01 +01:00
Smaine Kahlouch e2984b4fdb ha etcd with calico 2015-12-15 11:49:11 +01:00
Smaine Kahlouch 2fc8b46996 etcd can run on a distinct cluster 2015-12-14 10:39:13 +01:00
Smaine Kahlouch d9a8de487f review roles order 2015-12-12 19:37:08 +01:00
ant31 1a0208f448 Separate apps deploy from cluster deploy 2015-11-19 22:49:02 +01:00
Smaine Kahlouch f216302f95 Calico is not a network overlay 2015-10-27 15:49:07 +01:00
Smaine Kahlouch 73e240c644 Running apps after cluster setup 2015-10-21 14:03:39 +02:00
Smaine Kahlouch 5d61661850 renaming role k8s-skydns to k8s-kubedns 2015-10-18 16:23:01 +02:00
Smaine Kahlouch 481d16d5ad tag 'apps' 2015-10-12 17:31:04 +02:00
Smaine Kahlouch c105e20ac9 Role common required 2015-10-12 14:13:53 +02:00
Smaine Kahlouch 744b0be2ac Comment additionnal addons in playbook 2015-10-12 13:17:40 +02:00
Smaine Kahlouch 5fbfee593d Procedure for addons installation 2015-10-11 09:48:58 +02:00
Smaine Kahlouch 00c562828f Initial commit 2015-10-03 22:19:50 +02:00