Commit Graph

895 Commits (73a2a180061113ac124683e5cc492ba07df33d4c)

Author SHA1 Message Date
Yumo Yang 6c2f169ea2 update test-pr2 (#2911) 2018-06-22 13:22:26 +03:00
Rong Zhang 1aee6ec371
Merge pull request #2903 from riverzhang/swap
Add manage swap on the worker node
2018-06-21 22:20:23 +08:00
rongzhang 3232e2743e Add manage swap on the worker node 2018-06-21 08:15:01 +00:00
Andreas Krüger cbb959151c
Merge pull request #2737 from Miouge1/update-scheduler
Update kube-scheduler policy
2018-06-19 14:53:22 +02:00
Andreas Krüger c3d8b131db
Merge pull request #2801 from dvazar/bugfix/undefined__network_plugin__variable
Fixed "network_plugin" variable
2018-06-19 10:01:06 +02:00
Matthew Mosesohn 61e97251a5 Improve variable handling for disabling etcd events cluster 2018-06-18 16:58:29 +03:00
Andreas Krüger 3a569c9dcb
Merge pull request #2750 from w-leads/feature/add-vmname-to-vcp-config
Add vm_name option to vsphere cloud provider config
2018-06-14 22:22:34 +02:00
rongzhang 20bd656975 Reconfigure kube-proxy to access kube-apiserver via the LB(kubeadm) 2018-06-12 12:53:50 +00:00
Rong Zhang 10c9fe96b0
Merge pull request #2859 from riverzhang/nginx
Fix nginx-proxy HA when kubeadm enable
2018-06-08 01:10:01 +08:00
rongzhang f9ccb93825 Fix nginx-proxy HA when kubeadm enable 2018-06-07 14:27:19 +00:00
Aivars Sterns daeea75fbb
Merge pull request #2835 from oracle/bm_fix-apiserver-access-ip
roles/kubernetes/client: kubeconfig template should use access_ip
2018-06-07 11:50:57 +03:00
Matthew Mosesohn 59be578842
Revert "wip pr for improved cert sync" (#2849) 2018-06-06 17:22:25 +03:00
Aivars Sterns cb0a257349
Merge pull request #2819 from oleh-ozimok/fix-cidr-assert
Fix enough network address space assert
2018-06-06 07:32:16 +03:00
Aivars Sterns 69ea28e187
Merge pull request #2827 from mattymo/testpr
wip pr for improved cert sync
2018-06-04 12:43:00 +03:00
Ben Meier 2f5a9e180c kubernetes/client: kubeconfig template should use the access_ip for the chosen master node 2018-06-04 09:51:05 +01:00
Dmitry f912a4ece5 Fix compare AnsibleUnsafeText with int (#2828) 2018-06-04 11:34:10 +03:00
Rong Zhang d1e66f9cc8 Add label to kubelet env for kubeadm deploy cluster (#2841) 2018-06-04 11:26:47 +03:00
Matthew Mosesohn 7433348aae wip pr for improved cert sync 2018-05-30 12:15:11 +03:00
Oleg Ozimok 38f7ba2584 Fix enough network address space assert 2018-05-27 18:01:17 +03:00
dvazar b3f9cae820 fixed a check unknown networks (cilium & contiv) 2018-05-22 16:43:19 +07:00
Andreas Krüger a67bdff28c
Merge pull request #2743 from mrostecki/opensuse-tumbleweed-openssl
opensuse: Fix OpenSSL package name
2018-05-22 11:21:04 +02:00
dvazar 4b8daa22f6 Fixes #2800 2018-05-19 00:57:09 +07:00
Andreas Krüger e60a63ea51
Merge pull request #2577 from woopstar/etcd-fix-4
Makeover of etcd- and etcd-cluster setup.
2018-05-16 20:49:54 +02:00
Christopher J. Ruwe c1bc4615fe assert that number of pods on node does not exceed CIDR address range
The number of pods on a given node is determined by the  --max-pods=k
directive. When the address space is exhausted, no more pods can be
scheduled even if from the --max-pods-perspective, the node still has
capacity.

The special case that a pod is scheduled and uses the node IP in the
host network namespace is too "soft" to derive a guarantee.

Comparing kubelet_max_pods with kube_network_node_prefix when given
allows to assert that pod limits match the CIDR address space.
2018-05-16 11:55:46 +00:00
Matthew Mosesohn 7c93e71801
Upgrade k8s to 1.10.2 (#2748)
* Upgrade k8s to 1.10.2

Bumped etcd version to 3.2.16 as recommended

* Add ipvs fix for v1.10

* change flannel addons test to ha
2018-05-15 16:00:29 +03:00
Christopher J. Ruwe 73800ef111 make certificates non-executable 2018-05-15 07:54:32 +00:00
Christopher J. Ruwe 49d106f615 make admin.conf -> .kube/config non-executable
Almost certainly, the .kube/config file (YAML) should not be executable.
2018-05-14 09:29:48 +00:00
Miouge1 ad48606e4e Restart scheduler when policy changes 2018-05-14 10:09:30 +02:00
Matthew Mosesohn 07cc981971
refactor vault role (#2733)
* Move front-proxy-client certs back to kube mount

We want the same CA for all k8s certs

* Refactor vault to use a third party module

The module adds idempotency and reduces some of the repetitive
logic in the vault role

Requires ansible-modules-hashivault on ansible node and hvac
on the vault hosts themselves

Add upgrade test scenario
Remove bootstrap-os tags from tasks

* fix upgrade issues

* improve unseal logic

* specify ca and fix etcd check

* Fix initialization check

bump machine size
2018-05-11 19:11:38 +03:00
Ryo Nishikawa 51a9379d3c Add vm_name option to vsphere cloud provider config 2018-05-08 12:23:58 -07:00
Andreas Krüger d73d60c9b0
Merge pull request #2600 from maximegaillard/master
Add Openstack tenant name
2018-05-08 12:03:01 +02:00
Michal Rostecki 066016cd3e opensuse: Fix OpenSSL package name
OpenSSL 1.1 package in openSUSE Tumbleweed is named openssl-1_1,
not openssl-1_1_0.
2018-05-08 10:03:30 +02:00
Andreas Krüger 28d6eb6af1
Merge pull request #2644 from cp3hu/master
Fix apiserver manifest and kubelet for kube version < 1.9
2018-05-08 09:22:36 +02:00
Miouge1 70e0998a70 Update kube-scheduler policy 2018-05-03 21:56:51 +02:00
Chad Swenson 595e96ebf1
Merge pull request #2693 from romaindequidt/sync-certs-tasks-fix
sync certs tasks (fix #2596 #2667)
2018-05-02 12:17:23 -05:00
woopstar 4c81cd2a71 Merge branch 'master' of https://github.com/kubernetes-incubator/kubespray into etcd-fix-4 2018-05-02 14:45:58 +02:00
Maxime Gaillard 00db751646 Add Openstack tenant name 2018-05-01 09:21:37 +02:00
Tomasz Majchrowski 59789ae02a ISSUE-2706: Provide consistent usage of supplementary_addresses_in_ssl_keys across vault and script mode (#2707) 2018-04-30 14:48:17 +03:00
Andreas Krüger 03de4c0806
Merge pull request #2695 from suzutan/add-oidc-prefix-args
Add oidc-user-prefix and oidc-group-prefix args
2018-04-30 09:17:02 +02:00
mirwan 06cdb260f6 labelvalue must be formatted to handle non string values (#2722) 2018-04-29 19:02:14 +03:00
mirwan c3c5817af6 sysctl file should be in defaults so that it can be overriden (#2475)
* sysctl file should be in defaults so that it can be overriden

* Change sysctl_file_path to be consistent with roles/kubernetes/preinstall/defaults/main.yml
2018-04-27 18:50:58 +03:00
Markos Chandras 9168c71359 Revert "Revert "Add openSUSE support" (#2697)" (#2699)
This reverts commit 51f4e6585a.
2018-04-26 12:52:06 +03:00
Matthew Mosesohn 1a14f1ecc1
Fix vol format for local volume provisioner in rkt (#2698) 2018-04-24 20:32:08 +03:00
Matthew Mosesohn 51f4e6585a
Revert "Add openSUSE support" (#2697) 2018-04-23 14:28:24 +03:00
Suzuka Asagiri f81e6d2ccf
Add oidc-user-prefix and oidc-group-prefix args 2018-04-23 12:23:59 +09:00
Romain DEQUIDT 80dd230a65 sync certs tasks (fix #2596 #2667) 2018-04-22 10:00:31 +02:00
Paul Montero 75950344fb
run_once pre_upgrade tasks which are executing in localhost 2018-04-19 11:38:13 -05:00
Matthew Mosesohn f73717ea35
Mount local volume provisioner dirs for containerized kubelet (#2648) 2018-04-12 22:55:13 +03:00
Aivars Sterns 1967963702
Merge pull request #2380 from hwoarang/add-opensuse-support
Add openSUSE support
2018-04-12 20:28:50 +03:00
Chad Swenson d87b6fd9f3 Use dedicated front-proxy-ca for front-proxy-client 2018-04-12 11:03:22 -05:00