Commit graph

9 commits

Author SHA1 Message Date
Matthew Mosesohn
fad22bae97 More idempotency fixes
Fixed sync_tokens fact
Fixed sync_certs for k8s tokens fact
Disabled register docker images changability
Fixed CNI dir permission
Fix idempotency for etcd pre upgrade checks
2017-03-15 19:06:39 +03:00
Vladimir Rutsky
fff8780a51 set "check_mode: no" for read-only "shell" steps that registers result
"shell" step doesn't support check mode, which currently leads to failures,
when Ansible is being run in check mode (because Ansible doesn't run command,
assuming that command might have effect, and no "rc" or "output" is registered).

Setting "check_mode: no" allows to run those "shell" commands in check mode
(which is safe, because those shell commands doesn't have side effects).
2017-02-13 18:53:41 +03:00
Matthew Mosesohn
94b81dbdd7 Use tar+register instead of copy/slurp for distributing tokens and certs
Related bug: https://github.com/ansible/ansible/issues/15405

Uses tar and register because synchronize module cannot sudo on the
remote side correctly and copy is too slow.

This patch dramatically cuts down the number of tasks to process
for cert synchronization.
2016-10-26 15:46:18 +03:00
Smana
ae5ff890d4 fix flannel deployment, remove docker bridge before restarting 2016-05-13 18:10:00 +02:00
Smana
1884d89d3b fixes the certs issue when masters or not in the kube-node group 2016-05-12 10:07:34 +02:00
Spencer Smith
743ad0eb5c s/sync_certs/sync_tokens 2016-05-11 09:38:26 -07:00
Smana
4f627baf71 generate secrets on first master 2016-05-07 21:08:29 +02:00
Smana
850b7466cd remove deprecation warns and update doc 2016-04-04 10:14:56 +02:00
Smana
91fca69aa0 generate secrets on deployment machine
test travis with sudo=true instead of required
2016-02-13 06:51:54 +01:00