riverzhang
49a223a17d
Update elrepo-release rpm version ( #1554 )
2017-08-23 09:54:51 +03:00
Brad Beam
e5cfdc648c
Adding ability to override max ttl ( #1559 )
...
Prior this would fail because we didnt set max ttl for vault temp
2017-08-23 09:54:01 +03:00
Erik Stidham
9f9f70aade
Update Calico to 2.4.1 release.
...
- Switched Calico images to be pulled from quay.io
- Updated Canal too
2017-08-21 09:33:12 -05:00
Matthew Mosesohn
ca3050ec3d
Update to Kubernetes v1.7.3 ( #1549 )
...
Change kubelet deploy mode to host
Enable cri and qos per cgroup for kubelet
Update CoreOS images
Add upgrade hook for switching from kubelet deployment from docker to host.
Bump machine type for ubuntu-rkt-sep
2017-08-21 10:53:49 +03:00
Vijay Katam
97031f9133
Make epel-release install configurable ( #1497 )
2017-08-20 14:03:10 +03:00
Vijay Katam
c92506e2e7
Add calico variable that enables ignoring Kernel's RPF Setting ( #1493 )
2017-08-20 14:01:09 +03:00
Kevin Lefevre
65a9772adf
Add OpenStack LBaaS support ( #1506 )
2017-08-20 13:59:15 +03:00
Anton
1e07ee6cc4
etcd_compaction_retention every 8 hour ( #1527 )
2017-08-20 13:55:48 +03:00
Miad Abrin
3c710219a1
Fix Some Typos in kubernetes master role ( #1547 )
...
* Fix Typo etc3 -> etcd3
* Fix typo in post-upgrade of master. stop -> start
2017-08-20 13:54:28 +03:00
Maxim Krasilnikov
2ba285a544
Fixed deploy cluster with vault cert manager ( #1548 )
...
* Added custom ips to etcd vault distributed certificates
* Added custom ips to kube-master vault distributed certificates
* Added comment about issue_cert_copy_ca var in vault/issue_cert role file
* Generate kube-proxy, controller-manager and scheduler certificates by vault
* Revert "Disable vault from CI (#1546 )"
This reverts commit 781f31d2b8
.
* Fixed upgrade cluster with vault cert manager
* Remove vault dir in reset playbook
2017-08-20 13:53:58 +03:00
Antoine Legrand
72ae7638bc
Merge pull request #1446 from matlockx/master
...
add possibility to ignore the hostname override
2017-08-18 17:03:40 +02:00
Xavier Lange
3bfad5ca73
Bump etcd to 3.2.4 ( #1468 )
2017-08-18 17:12:33 +03:00
Matthew Mosesohn
df28db0066
Fix cert and netchecker upgrade issues ( #1543 )
...
* Bump tag for upgrade CI, fix netchecker upgrade
netchecker-server was changed from pod to deployment, so
we need an upgrade hook for it.
CI now uses v2.1.1 as a basis for upgrade.
* Fix upgrades for certs from non-rbac to rbac
2017-08-18 15:46:22 +03:00
Jan Jungnickel
20183f3860
Bump Calico CNI Plugin to 1.8.0 ( #1458 )
...
This aligns calico component versions with Calico release 2.1.5 and
fixes an issue with nodes being unable to schedule existing workloads
as per [#349 ](https://github.com/projectcalico/cni-plugin/issues/349 )
2017-08-18 15:40:14 +03:00
Matthew Mosesohn
2645e88b0c
Fix vault setup partially ( #1531 )
...
This does not address per-node certs and scheduler/proxy/controller-manager
component certs which are now required. This should be handled in a
follow-up patch.
2017-08-18 15:09:45 +03:00
Vijay Katam
55ba81fee5
Add changed_when: false to rpm query
2017-08-14 12:31:44 -07:00
Brad Beam
af007c7189
Fixing netchecker-server type - pod => deployment ( #1509 )
2017-08-14 18:43:56 +03:00
Seungkyu Ahn
b22bef5cfb
Apply RBAC to efk and create fluentd.conf
...
Making fluentd.conf as configmap to change configuration.
Change elasticsearch rc to deployment.
Having installed previous elastaicsearch as rc, first should delete that.
2017-08-11 05:31:50 +00:00
Vijay Katam
7ad5523113
restrict rpm query to redhat
2017-08-10 13:49:14 -07:00
Brad Beam
1155008719
Merge pull request #1481 from magnon-bliex/fluentd-template-fix-typo
...
fixed typo in fluentd-ds.yml.j2
2017-08-10 08:19:59 -05:00
Vijay Katam
5efda3eda9
Configurable docker yum repos, systemd fix
...
* Make yum repos used for installing docker rpms configurable
* TasksMax is only supported in systemd version >= 226
* Change to systemd file should restart docker
2017-08-09 15:49:53 -07:00
Brad Beam
383d582b47
Merge pull request #1382 from jwfang/rbac
...
basic rbac support
2017-08-07 08:01:51 -05:00
Spencer Smith
6eacedc443
Merge pull request #1483 from delfer/patch-3
...
Update flannel from 0.6.2 to 0.8.0
2017-08-01 13:57:43 -04:00
Spencer Smith
e55f8a61cd
Merge pull request #1482 from bradbeam/fix1393
...
Removing run_once in these tasks so that etcd ca certs get propogated…
2017-07-31 13:47:18 -04:00
Spencer Smith
cb6892d2ed
Merge pull request #1469 from hzamani/etcd_metrics
...
Add etcd metrics flag
2017-07-31 09:04:07 -04:00
Spencer Smith
43eda8d878
Merge pull request #1471 from whereismyjetpack/fix_1447
...
add newline after expanding user information
2017-07-31 09:03:04 -04:00
nico
cc9f3ea938
Fix enforce-node-allocatable option
...
Closes #1228
pods is default enforcement
see https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/
add
update
2017-07-31 10:06:53 +02:00
Alexander Chumakov
8bc717a55c
Update flannel from 0.6.2 to 0.8.0
2017-07-29 10:54:31 +03:00
Brad Beam
d09222c900
Removing run_once in these tasks so that etcd ca certs get propogated properly to worker nodes
...
without this etcd ca certs dont exist on worker nodes causing calico to fail
2017-07-28 14:34:47 -05:00
magnon-bliex
38eb1d548a
fixed typo
2017-07-28 14:10:13 +09:00
Anton
e0960f6288
FIX: Unneded (extra) cycles in some tasks ( #1393 )
2017-07-27 20:46:21 +03:00
timtoum
3e457e4edf
Enable weave seed mode for kubespray ( #1414 )
...
* Enable weave seed mode for kubespray
* fix task Weave seed | Set peers if existing peers
* fix mac address variabilisation
* fix default values
* fix include seed condition
* change weave var to default values
* fix Set peers if existing peers
2017-07-26 19:09:34 +03:00
Dann Bohn
c4894d6092
add newline after expanding user information
2017-07-25 12:59:10 -04:00
Hassan Zamani
3fb0383df4
Add etcd metrics flag
2017-07-25 20:00:30 +04:30
Spencer Smith
ee36763f9d
Merge pull request #1464 from johnko/patch-4
...
set loadbalancer_apiserver_localhost default true
2017-07-25 10:00:56 -04:00
Spencer Smith
955c5549ae
Merge pull request #1402 from Lendico/fix_failed_when
...
"failed_when: false" and "|succeeded" checks for registered vars
2017-07-25 09:33:43 -04:00
Spencer Smith
4a34514b21
Merge pull request #1447 from whereismyjetpack/template_known_users
...
Template out known_users.csv, optionally add groups
2017-07-25 08:55:08 -04:00
Brad Beam
20f29327e9
Merge pull request #1379 from gdmello/etcd_data_dir_fix
...
Custom `etcd_data_dir` saves etcd data to host, not container
2017-07-20 09:30:18 -05:00
John Ko
018b5039e7
set loadbalancer_apiserver_localhost default true
...
to match this https://github.com/kubernetes-incubator/kubespray/blob/master/roles/kubernetes/node/tasks/main.yml#L20
and the documented behaviour in HA docs
related to #1456
@rsmitty
2017-07-20 10:27:05 -04:00
Spencer Smith
b5d3d4741f
Merge pull request #1454 from Abdelsalam-Abbas/higher_drain_timeout
...
higher the timeouts for draining nodes while upgrading kubernetes version
2017-07-19 10:39:33 -04:00
Spencer Smith
85c747d444
Merge pull request #1441 from bradbeam/1434
...
Adding recursive=true for rkt kubelet dir
2017-07-19 10:38:06 -04:00
Spencer Smith
927e6d89d7
Merge pull request #1435 from delfer/master
...
Kubernetes upgrade to 1.6.7
2017-07-19 05:23:38 -07:00
jwfang
3d87f23bf5
uncomment unintended local changes
2017-07-19 12:11:47 +08:00
jwfang
789910d8eb
remote unused netchecker-agent-hostnet-ds.j2
2017-07-17 19:29:59 +08:00
jwfang
a8e6a0763d
run netchecker-server with list pods
2017-07-17 19:29:59 +08:00
jwfang
e1386ba604
only patch system:kube-dns role for old dns
2017-07-17 19:29:59 +08:00
jwfang
83deecb9e9
Revert "no need to patch system:kube-dns"
...
This reverts commit c2ea8c588aa5c3879f402811d3599a7bb3ccab24.
2017-07-17 19:29:59 +08:00
jwfang
d8dcb8f6e0
no need to patch system:kube-dns
2017-07-17 19:29:59 +08:00
jwfang
552b2f0635
change authorization_modes default value
2017-07-17 19:29:59 +08:00
jwfang
0b3badf3d8
revert calico-related changes
2017-07-17 19:29:59 +08:00
jwfang
cea3e224aa
change authorization_modes default value
2017-07-17 19:29:59 +08:00
jwfang
1eaf0e1c63
rename task
2017-07-17 19:29:59 +08:00
jwfang
2cda982345
binding group system:nodes to clusterrole calico-role
2017-07-17 19:29:59 +08:00
jwfang
c9734b6d7b
run calico-policy-controller with proper sa/role/rolebinding
2017-07-17 19:29:59 +08:00
jwfang
fd01377f12
remove more bins when reset
2017-07-17 19:29:59 +08:00
jwfang
092bf07cbf
basic rbac support
2017-07-17 19:29:59 +08:00
Ubuntu
5145a8e8be
higher draining timeouts
2017-07-16 20:52:13 +00:00
Dann Bohn
d1f58fed4c
Template out known_users.csv, optionally add groups
2017-07-14 09:27:20 -04:00
Martin Joehren
12e918bd31
add possibility to ignore the hostname override
2017-07-13 14:04:39 +00:00
Brad Beam
637f445c3f
Merge pull request #1365 from AtzeDeVries/master
...
Give more control over IPIP, but with same default behaviour
2017-07-12 10:17:17 -05:00
Brad Beam
e0bf8b2aab
Adding recursive=true for rkt kubelet dir
...
Fixes #1434
2017-07-12 09:28:54 -05:00
Spencer Smith
c75b21a510
Merge pull request #1408 from amitkumarj441/patch-1
...
Remove deprecated 'enable-cri' flag in kubernetes 1.7
2017-07-11 08:56:14 -04:00
Delfer
9f45eba6f6
Kubernetes upgrade to 1.6.7
2017-07-11 09:11:55 +00:00
AtzeDeVries
e160018826
Fixed conflicts, ipip:true as defualt and added ipip_mode
2017-07-08 14:36:44 +02:00
Spencer Smith
d1a02bd3e9
match kubespray-defaults dns mode with k8s-cluster setting
2017-07-07 13:13:12 -04:00
Brad Beam
992023288f
Merge pull request #1319 from fieryvova/private-dns-server
...
Add private dns server for a specific zone
2017-07-06 15:02:54 -05:00
Spencer Smith
3ab90db6ee
Merge pull request #1411 from kevinjqiu/allow-calico-ipip-subnet-mode
...
Allow calico ipPool to be created with mode "cross-subnet"
2017-07-06 14:04:03 -04:00
Vladimir Kozyrev
e26be9cb8a
add private dns server for a specific zone
2017-07-06 16:30:47 +03:00
Spencer Smith
bba555bb08
Merge pull request #1346 from Starefossen/patch-1
...
Set kubedns minimum replicas to 2
2017-07-06 09:14:11 -04:00
Spencer Smith
4b0af73dd2
Merge pull request #1332 from gstorme/kube_apiserver_insecure_port
...
Use the kube_apiserver_insecure_port variable instead of static 8080
2017-07-06 09:06:50 -04:00
Spencer Smith
da72b8c385
Merge pull request #1391 from Abdelsalam-Abbas/master
...
Uncodron Masters which have scheduling Enabled
2017-07-06 09:06:02 -04:00
Spencer Smith
44079b7176
Merge pull request #1401 from Lendico/better_task_naming
...
Better naming for recurrent tasks
2017-07-06 09:01:07 -04:00
Kevin Jing Qiu
a742d10c54
Allow calico ipPool to be created with mode "cross-subnet"
2017-07-04 19:05:16 -04:00
Hans Kristian Flaatten
38f5d1b18e
Set kubedns minimum replicas to 2
2017-07-04 16:58:16 +02:00
Abdelsalam Abbas
5f75d4c099
Uncodron Masters which have scheduling Enabled
2017-07-03 15:30:21 +02:00
Amit Kumar Jaiswal
319a0d65af
Update kubelet.j2
...
Updated with closing endif.
2017-07-03 16:23:35 +05:30
Amit Kumar Jaiswal
3d2680a102
Update kubelet.j2
...
Updated!
2017-07-03 15:58:50 +05:30
Amit Kumar Jaiswal
c36fb5919a
Update kubelet.j2
...
Updated!!
2017-07-03 15:55:04 +05:30
Amit Kumar Jaiswal
46d3f4369e
Updated K8s version
...
Signed-off-by: Amit Kumar Jaiswal <amitkumarj441@gmail.com>
2017-07-03 04:06:42 +05:30
Martin Joehren
c2b3920b50
added flag for not populating inventory entries to etc hosts file
2017-06-30 16:41:03 +00:00
Spencer Smith
6e7323e3e8
Merge pull request #1398 from tanshanshan/fix-reset
...
clean files in reset roles
2017-06-30 07:59:44 -04:00
Spencer Smith
f085419055
Merge pull request #1388 from vgkowski/master
...
add six package to bootstrap role
2017-06-30 07:30:36 -04:00
Anton Nerozya
1fedbded62
ignore_errors instead of failed_when: false
2017-06-29 20:15:14 +02:00
Anton Nerozya
c8258171ca
Better naming for recurrent tasks
2017-06-29 19:50:09 +02:00
tanshanshan
007ee0da8e
fix reset
2017-06-29 14:45:15 +08:00
Brad Beam
5e1ac9ce87
Merge pull request #1354 from chadswen/kubedns-var-fix
...
kubedns consistency fixes
2017-06-27 22:26:46 -05:00
Brad Beam
a7cd08603e
Merge pull request #1384 from gdmello/etcd_backup_dir_fix
...
Make etcd_backup_prefix configurable.
2017-06-27 22:25:53 -05:00
Brad Beam
854cd1a517
Merge pull request #1380 from jwfang/max-dns
...
docker_dns_servers_strict to control docker_dns_servers rtrim
2017-06-27 21:15:12 -05:00
Spencer Smith
23565ebe62
Merge pull request #1356 from rsmitty/rename
...
Rename project to kubespray
2017-06-27 11:40:03 -04:00
Chad Swenson
8467bce2a6
Fix inconsistent kubedns version and parameterize kubedns autoscaler image vars
2017-06-27 10:19:31 -05:00
gdmelloatpoints
649654207f
mount the etcd data directory in the container with the same path as on the host.
2017-06-27 09:29:47 -04:00
gdmelloatpoints
3123502f4c
move `etcd_backup_prefix` to new home.
2017-06-27 09:12:34 -04:00
vincent gromakowski
17d54cffbb
add six package to bootstrap role
2017-06-27 10:08:57 +02:00
Seungkyu Ahn
d5516a4ca9
Make kubedns up to date
...
Update kube-dns version to 1.14.2
https://github.com/kubernetes/kubernetes/pull/45684
2017-06-27 00:57:29 +00:00
gdmelloatpoints
4ba237c5d8
Make etcd_backup_prefix configurable. Ensures that backups can be stored on a different location other than ${HOST}/var/backups, say an EBS volume on AWS.
2017-06-26 09:42:30 -04:00
jwfang
ec2255764a
docker_dns_servers_strict to control docker_dns_servers rtrim
2017-06-26 17:29:12 +08:00
Abdelsalam Abbas
1a8e92c922
Fixing cordoning condition that cause fail for upgrading the cluster
2017-06-23 20:41:47 +02:00
gdmelloatpoints
5c1891ec9f
In the etcd container, the etcd data directory is always /var/lib/etcd. Reverting to this value, since `etcd_data_dir` on the host maps to `/var/lib/etcd` in the container.
2017-06-23 13:49:31 -04:00
Spencer Smith
bae5ce0bfa
Merge branch 'master' into rename
2017-06-23 12:23:51 -04:00
AtzeDeVries
61b74f9a5b
updated to direct control over ipip
2017-06-23 09:16:05 +02:00