Commit graph

528 commits

Author SHA1 Message Date
Miad Abrin
3c710219a1 Fix Some Typos in kubernetes master role (#1547)
* Fix Typo etc3 -> etcd3

* Fix typo in post-upgrade of master. stop -> start
2017-08-20 13:54:28 +03:00
Maxim Krasilnikov
2ba285a544 Fixed deploy cluster with vault cert manager (#1548)
* Added custom ips to etcd vault distributed certificates

* Added custom ips to kube-master vault distributed certificates

* Added comment about issue_cert_copy_ca var in vault/issue_cert role file

* Generate kube-proxy, controller-manager and scheduler certificates by vault

* Revert "Disable vault from CI (#1546)"

This reverts commit 781f31d2b8.

* Fixed upgrade cluster with vault cert manager

* Remove vault dir in reset playbook
2017-08-20 13:53:58 +03:00
Antoine Legrand
72ae7638bc Merge pull request #1446 from matlockx/master
add possibility to ignore the hostname override
2017-08-18 17:03:40 +02:00
Matthew Mosesohn
df28db0066 Fix cert and netchecker upgrade issues (#1543)
* Bump tag for upgrade CI, fix netchecker upgrade

netchecker-server was changed from pod to deployment, so
we need an upgrade hook for it.

CI now uses v2.1.1 as a basis for upgrade.

* Fix upgrades for certs from non-rbac to rbac
2017-08-18 15:46:22 +03:00
Brad Beam
383d582b47 Merge pull request #1382 from jwfang/rbac
basic rbac support
2017-08-07 08:01:51 -05:00
Spencer Smith
43eda8d878 Merge pull request #1471 from whereismyjetpack/fix_1447
add newline after expanding user information
2017-07-31 09:03:04 -04:00
nico
cc9f3ea938 Fix enforce-node-allocatable option
Closes #1228
pods is default enforcement

see https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/
add

update
2017-07-31 10:06:53 +02:00
Anton
e0960f6288 FIX: Unneded (extra) cycles in some tasks (#1393) 2017-07-27 20:46:21 +03:00
Dann Bohn
c4894d6092 add newline after expanding user information 2017-07-25 12:59:10 -04:00
Spencer Smith
ee36763f9d Merge pull request #1464 from johnko/patch-4
set loadbalancer_apiserver_localhost default true
2017-07-25 10:00:56 -04:00
Spencer Smith
4a34514b21 Merge pull request #1447 from whereismyjetpack/template_known_users
Template out known_users.csv, optionally add groups
2017-07-25 08:55:08 -04:00
John Ko
018b5039e7 set loadbalancer_apiserver_localhost default true
to match this https://github.com/kubernetes-incubator/kubespray/blob/master/roles/kubernetes/node/tasks/main.yml#L20
and the documented behaviour in HA docs 
related to #1456
@rsmitty
2017-07-20 10:27:05 -04:00
jwfang
092bf07cbf basic rbac support 2017-07-17 19:29:59 +08:00
Dann Bohn
d1f58fed4c Template out known_users.csv, optionally add groups 2017-07-14 09:27:20 -04:00
Martin Joehren
12e918bd31 add possibility to ignore the hostname override 2017-07-13 14:04:39 +00:00
Brad Beam
e0bf8b2aab Adding recursive=true for rkt kubelet dir
Fixes #1434
2017-07-12 09:28:54 -05:00
Spencer Smith
c75b21a510 Merge pull request #1408 from amitkumarj441/patch-1
Remove deprecated 'enable-cri' flag in kubernetes 1.7
2017-07-11 08:56:14 -04:00
Spencer Smith
4b0af73dd2 Merge pull request #1332 from gstorme/kube_apiserver_insecure_port
Use the kube_apiserver_insecure_port variable instead of static 8080
2017-07-06 09:06:50 -04:00
Amit Kumar Jaiswal
319a0d65af Update kubelet.j2
Updated with closing endif.
2017-07-03 16:23:35 +05:30
Amit Kumar Jaiswal
3d2680a102 Update kubelet.j2
Updated!
2017-07-03 15:58:50 +05:30
Amit Kumar Jaiswal
c36fb5919a Update kubelet.j2
Updated!!
2017-07-03 15:55:04 +05:30
Amit Kumar Jaiswal
46d3f4369e Updated K8s version
Signed-off-by: Amit Kumar Jaiswal <amitkumarj441@gmail.com>
2017-07-03 04:06:42 +05:30
Martin Joehren
c2b3920b50 added flag for not populating inventory entries to etc hosts file 2017-06-30 16:41:03 +00:00
Brad Beam
5e1ac9ce87 Merge pull request #1354 from chadswen/kubedns-var-fix
kubedns consistency fixes
2017-06-27 22:26:46 -05:00
Chad Swenson
8467bce2a6 Fix inconsistent kubedns version and parameterize kubedns autoscaler image vars 2017-06-27 10:19:31 -05:00
Spencer Smith
8203383c03 rename almost all mentions of kargo 2017-06-16 13:25:46 -04:00
Brad Beam
b73786c6d5 Merge pull request #1335 from bradbeam/imagerepo
Set default value for kube_hyperkube_image_repo
2017-06-12 09:46:17 -05:00
Gregory Storme
266ca9318d Use the kube_apiserver_insecure_port variable instead of static 8080 2017-06-12 09:20:59 +02:00
Brad Beam
db3e8edacd Fixing up vault variables 2017-06-08 16:15:33 -05:00
Brad Beam
6e41634295 Set default value for kube_hyperkube_image_repo
Fixes #1334
2017-06-08 12:22:16 -05:00
Brad Beam
696fd690ae Merge pull request #1092 from bradbeam/rkt_docker
Adding flag for docker container in kubelet w/ rkt
2017-06-06 12:58:40 -05:00
Spencer Smith
01c0ab4f06 check if cloud_provider is defined 2017-05-31 08:24:24 -04:00
Spencer Smith
7e2aafcc76 add direct path for cert in AWS with RHEL family 2017-05-26 17:32:50 -04:00
Matthew Mosesohn
9e64267867 Merge pull request #1293 from mattymo/kubelet_host_mode
Add host-based kubelet deployment
2017-05-19 18:07:39 +03:00
Matthew Mosesohn
cc6e3d14ce Add host-based kubelet deployment
Kubelet gets copied from hyperkube container and run locally.
2017-05-19 16:54:07 +03:00
Brad Beam
b999ee60aa Fixing typo in kubelet cluster-dns and cluster-domain flags 2017-05-16 15:43:29 -05:00
Spencer Smith
c572760a66 Merge pull request #1254 from iJanki/cert_group
Adding /O=system:masters to admin certificate
2017-05-05 10:58:42 -04:00
Spencer Smith
0afbc19ffb ensure the /etc/os-release is mounted read only 2017-05-01 14:51:40 -04:00
Spencer Smith
ac9290f985 add for rkt as well 2017-04-28 17:45:10 -04:00
Spencer Smith
5657738f7e mount os-release to ensure the node's OS is what's seen in k8s api 2017-04-28 13:40:54 -04:00
Sergii Golovatiuk
674b71b535 Ansible 2.3 support
- Fix when clauses in various places
- Update requirements.txt
- Fix README.md

Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-04-26 15:22:10 +02:00
Spencer Smith
88b5065e7d fix stray 'in' and break into multiple lines for clarity 2017-04-20 09:53:01 -04:00
Spencer Smith
b690008192 allow for correct aws default resolver 2017-04-20 09:32:03 -04:00
Matthew Mosesohn
2d6bc9536c Merge pull request #1246 from holser/disable_dns_for_kube_services
Change DNS policy for kubernetes components
2017-04-20 16:12:52 +03:00
Sergii Golovatiuk
01dc6b2f0e Add aws to default_resolver
When VPC is used, external DNS might not be available. This patch change
behavior to use metadata service instead of external DNS when
upstream_dns_servers is not specified.

Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-04-20 11:47:19 +02:00
Sergii Golovatiuk
d8aa2d0a9e Change DNS policy for kubernetes components
According to code apiserver, scheduler, controller-manager, proxy don't
use resolution of objects they created. It's not harmful to change
policy to have external resolver.

Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-04-20 11:22:57 +02:00
Matthew Mosesohn
19bb97d24d Merge pull request #1238 from Starefossen/fix/namespace-template-file
Move namespace file to template directory
2017-04-20 12:19:55 +03:00
Matthew Mosesohn
9f4f168804 Merge pull request #1241 from bradbeam/rktcnidir
Explicitly create cni bin dir
2017-04-20 12:19:26 +03:00
Sergii Golovatiuk
e796cdbb27 Fix restart kube-controller (#1242)
kubernetesUnitPrefix was changed to k8s_* in 1.5. This patch reflects
this change in kargo
2017-04-20 11:26:01 +03:00
Brad Beam
b60a897265 Explicitly create cni bin dir
If this path doesnt exist, it will cause kubelet to fail to start when
using rkt
2017-04-19 16:00:44 +00:00