Chad Swenson
038a2eb862
Merge pull request #3949 from trogeat/patch-fix-missing-ca-cert-apiserver
...
kubespray: fix missing ca-certificate path in apiserver
2019-02-11 15:40:04 -06:00
Manuel Cintron
5d146e52fe
If a centos or rhel node is not configured with the extras repo installation of required packages (python-httplib2 in particular) will fail later on. ( #4213 )
2019-02-11 13:27:02 -08:00
Jeff Bornemann
c41c1e771f
OCI Cloud Provider Update ( #4186 )
...
* OCI subnet AD 2 is not required for CCM >= 0.7.0
Reorganize OCI provider to generate configuration, rather than pull
Add pull secret option to OCI cloud provider
* Updated oci example to document new parameters
2019-02-11 12:08:53 -08:00
Karl
85b77f7c22
Remove Ubuntu Bionic specific vars file - breaks multi-arch ( #3974 )
2019-02-11 00:04:27 -08:00
Maxime Guyot
6b3f7306a4
Add support for arm64 images for hyperkube, kubeadm and cni_binary ( #4176 )
2019-02-09 02:08:57 -08:00
joakimr-axis
01d70f2c7c
Update flannel version to v0.11.0 ( #4190 )
...
Change-Id: I27d670803bea82a68d5eb0e49d4677f4afdce55f
2019-02-07 04:33:01 -08:00
Chad Swenson
6878c2af4e
Fix kube_hostname_override inconsistencies ( #4185 )
2019-02-06 22:20:11 -08:00
Bort Verwilst
db2b76a22a
update k8s to 1.13.3 ( #4192 )
...
* update k8s to 1.13.3
* update README as well
2019-02-06 10:48:05 -08:00
peerapach
69e5deeccc
Fix newline issue of priorityClassName when enable tolerations ( #4164 )
2019-02-04 12:59:01 -08:00
Danny Kulchinsky
226d5ed7de
[Calico] Define FELIX_KUBENODEPORTRANGES when kube-proxy in ipvs mode ( #4173 )
...
* Define FELIX_KUBENODEPORTRANGES when kube-proxy in ipvs mode
* ensure kube_apiserver_node_port_range is defined
2019-02-04 12:42:40 -08:00
Earl C. Ruby III
52e0aa7a80
Install the latest filesystem creation packages ( #3904 )
...
This PR ensures that the e2fsprogs and xfsprogs packages are
installed on all Kubernetes nodes and that the packages are
the latest versions. It also ensures that the nodes can
create XFS filesystems when necessary, since not all distros
install xfsprogs by default.
e2fsprogs - ext2/ext3/ext4 file system utilities
xfsprogs - Utilities for managing the XFS filesystem
2019-02-04 12:23:33 -08:00
peerapach
bd9474bafd
fix kubeadm-setup when enable access_ip ( #4145 )
2019-02-01 20:10:34 -08:00
Sorin Sbarnea
316b73178d
Add timeout to Get current version of calico cluster version ( #4149 )
...
Avoid waiting forever for this task that should be very quick.
Fixes : #4148
2019-02-01 20:09:04 -08:00
Manuel Cintron
143e2272ff
Fixing an issue where trying to install docker-ce-18.09 on rhel7 nodes (or potentially centos 7) without an enabled extras repo the installation will fail because container-selinux >= 2.9 is required. The check for container-selinux upfront should obviate the need for adding an extras repo if the node is able to find it from another source. ( #4161 )
2019-01-31 16:19:48 -08:00
Vasilis Remmas
cd7924f8c9
Add oidc prefixes to kubeadm templates ( #4159 )
2019-01-31 15:31:43 -08:00
Erwan Miran
7f93a5a0f5
Fix deprecation warnings ( #4130 )
...
* use not deprecated ansible_play_hosts variable
* Using tests as filters is deprecated
* Fix deprecation warning about pkg list
2019-01-31 14:57:22 -08:00
Erwan Miran
f6d60a7e89
Calico: Ability to define the default IPPool CIDR (instead of kube_pods_subnet) ( #4131 )
...
* Calico: Ability to define the default IPPool CIDR (instead of kube_pods_subnet)
* Documentation for calico_pool_cidr (and calico_advertise_cluster_ips which has been forgotten...)
2019-01-31 13:39:13 -08:00
Thomas Nys
68fd7e39da
Set cluster DNS correctly in case of nodelocal dns cache ( #3879 )
...
* Set cluster DNS correctly in case of nodelocal dns cache
* Pass in cluster_ip based on dns mode
* Disable nodelocaldns by default
* Fix syntax error
* Fix syntax issue
* Add nodelocadns ip to vars of node installation
* Change location of nodelocaldns_ip
* Try to remove newlines from jinja template
* Add debug for config file
* Move parameter logic outside of template
* Adapt templates after feedback
* Remove debugging
2019-01-28 23:39:27 -08:00
wangxf
a096761306
[PR-Calico]Support calico 3.4.0 ( #4102 )
...
* Suport calico 3.4.0
Signed-off-by: wangxf1987 <xiaofeix.wang@gmail.com>
* Remove symlink + cni conflist template when 3.3.0+, handle Canal, addition of install-cni: sidecar(3.3.0) or initontainer(3.4.0), KUBECONFIG_FILEPATH, calico_cert_dir, advertise cluster ips
* scheduler.alpha.kubernetes.io/critical-pod deprecated since 1.12
2019-01-28 11:03:49 -08:00
Florent Monbillard
2054a98cf7
Run kubeadm and hyperkube outside of local_release_dir ( #4098 )
...
Addressing the discussion started in #4064 , this PR moves kubeadm and
hyperkube binaries to /usr/local/bin before running them on the master
nodes.
It is to address the case where local_release_dir points to /tmp
(kubespray default) and /tmp is mounted with noexec mode, preventing
any binaries to be run in that partition.
In role "node", we still move kubeadm to bin_dir only on the worker
nodes.
2019-01-28 02:00:49 -08:00
Sergey
ce8ba1f170
create artifacts_dir ( #4079 )
2019-01-28 01:59:15 -08:00
Danny Kulchinsky
595d6427ac
[Nodelocal DNS cache] Mount host /run/xtables.lock in nodelocaldns container ( #4074 )
...
* Mount host /run/xtables.lock in nodelocaldns container
* fix typo in nodelocaldns daemonset manifest yml
* Add prometheus scrape annotation, updateStrategy and reduce termination grace period
* fix indentation
* actually fix it..
* Bump k8s-dns-node-cache tag to 1.15.1 (fixes https://github.com/kubernetes/dns/issues/282 )
2019-01-28 01:57:40 -08:00
Danny Kulchinsky
96688269f8
Support both --address and --bind-address for scheduler and controller-manager ( #4112 )
2019-01-27 23:43:34 -08:00
Rong Zhang
55aa58ee2e
Merge pull request #4025 from riverzhang/download-images
...
Fix kubeadm config images pull
2019-01-28 15:41:15 +08:00
Erwan Miran
556a8d68bc
Set IP env var to autodetect when calico_ip_auto_method is defined ( #4105 )
2019-01-27 23:09:18 -08:00
rongzhang
8d0158ceeb
Fix kubeadm config images pull
...
Supported by kubeadm v1.11
2019-01-28 14:42:55 +08:00
Douglas Hellinger
4479cc48fe
Introduce calico_upgrade_url
var for Calico upgrade tool.
...
So that binary can be sourced from anywhere - not only github.
2019-01-23 16:19:27 +08:00
Chad Swenson
881be9b741
Fix epel_enabled and RHEL support in bootstrap-os
...
Looks like `epel_enabled` was not configured for the epel install in `bootstrap-centos.yml`. Also, there were no conditionals that would trigger bootstrap for RHEL.
2019-01-22 16:40:02 -06:00
Chad Swenson
e2592f1ce2
Fix docker 18.09.1 systemd service
...
The `docker-ce` 18.09.1 packaging missed an `After` dependency on containerd in the systemd service. Upstream PR: https://github.com/docker/docker-ce-packaging/pull/290
2019-01-22 11:19:54 -06:00
Matthew Mosesohn
77d31e679a
fixup external kube-apiserver port ( #4075 )
2019-01-21 14:43:27 +03:00
Florent Monbillard
decbcdc423
Use external LB IP for external api endpoint ( #4060 )
...
* Use external LB IP for external api endpoint
Use loadbalancer_apiserver.address instead of apiserver_loadbalancer_domain_name for kudadm init --apiserver-advertise-address argument
https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-init/#options states apiserver-advertise-address needs to be a IPv4 or IPv6 address
* only use loadbalancer IP if it is defined
2019-01-21 12:27:42 +03:00
Chad Swenson
e3ffa21303
Merge pull request #4019 from chadswen/kubeadm-env
...
Fix PATH for kubeadm init
2019-01-18 11:27:57 -06:00
Chad Swenson
f2ecda6f0f
Merge pull request #4059 from chadswen/helm-version-bump
...
Update helm version for security and stablity fixes
2019-01-18 11:25:42 -06:00
Chad Swenson
26f6f1f62e
Merge pull request #4050 from chadswen/docker-18.09.1
...
Bump docker 18.09 to the latest patch
2019-01-18 11:23:44 -06:00
Bort Verwilst
f97cb4e761
Add 1.12.5 checksums ( #4067 )
2019-01-18 07:16:43 -08:00
Chad Swenson
405198acd0
Update helm version for security and stablity fixes
...
Helm v2.12.2 has fixes for a security vuln, and there have been several improvements since our last update.
2019-01-16 11:03:23 -06:00
Matthew Mosesohn
eecaba6b84
Generate external admin.conf with kubeadm ( #4056 )
...
* Generate external admin.conf with kubeadm
* Fix apiserver sans
2019-01-16 16:30:50 +03:00
Thomas Rogeat
83e11f9ef7
kubespray: fix missing ca-certificate path in apiserver
2019-01-16 11:48:24 +01:00
Chad Swenson
5a7ac7e5c1
Merge pull request #3984 from dannyk81/calico_xtables_lock
...
[calico/canal] mount host's xtables lock and enable calico locking for <v3.2.1
2019-01-15 23:13:02 -06:00
Chad Swenson
c15c933ce8
Bump docker 18.09 to the latest patch
...
Docker 18.09.1 is out and it includes some fixes that are quite critical for RHEL distros, details here: https://docs.docker.com/engine/release-notes/#18091
2019-01-15 13:54:58 -06:00
Chad Swenson
0697ab4b4f
Merge pull request #4048 from chadswen/readonly-writable-fix
...
Fix kubeadm config extra volumes
2019-01-15 13:02:04 -06:00
Chad Swenson
13e3e867ac
Fix kubeadm config extra volumes
...
I found a potential use case where `writable` could be null and therfore
not treated like a boolean, so this adds an extra default statement to
avoid negating a non-boolean as boolean which would lead to undefined. refs #4020
2019-01-15 12:35:22 -06:00
Chad Swenson
cc30220f01
Merge pull request #4044 from chadswen/lvp-cm-fix
...
Fix local-volume-provisioner configmap template
2019-01-15 09:08:08 -06:00
Danny Kulchinsky
257019d424
Mount host's xtable lock and enable calico lokcing for <v3.2.1
2019-01-14 17:16:29 -05:00
Chad Swenson
4959bfc1b3
Merge pull request #3950 from elementyang/pr-registry
...
fix registry_storage_class equals empty string
2019-01-14 15:45:09 -06:00
Chad Swenson
301671ae19
Merge pull request #4026 from riverzhang/bind-address
...
Use --bind-address instead of --address
2019-01-14 15:35:00 -06:00
Chad Swenson
f10f7d0e84
Merge pull request #3975 from kskewes/arm64-urls
...
Update kubectl and etcd download urls for mult-arch
2019-01-14 15:04:29 -06:00
Chad Swenson
3ee5aa0d6b
Fix local-volume-provisioner configmap template
...
Looks like the template is removing the trailing space between storage
class entries, and since CI only has one storage class we never hit this
issue. This change will prevent the yaml from printing on a single line
when multiple storage classes are defined.
2019-01-14 14:28:00 -06:00
Chad Swenson
fce8712bff
Merge pull request #4033 from MarkusTeufelberger/pypy_portable
...
Use Pypy portable on coreos
2019-01-14 12:30:47 -06:00
Markus Teufelberger
87c9a871b9
bootstrap-os: use the systemd module to stop and mask locksmithd
2019-01-12 15:06:01 +01:00