C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
3688 commits 17 branches 66 tags 141 MiB
Commit graph

288 commits

Author SHA1 Message Date
Andreas Kruger
09b67c1ad5 Remove EFK from Kubespray 2018-09-20 10:44:17 +02:00
Karol Chrapek
0121bce9e5 Instead of doc update, change the verify step 2018-09-18 22:13:15 +02:00
mlushpenko
ea2c9d8f57 Fix yaml checks 2018-09-06 16:26:57 +02:00
Antoine Legrand
7e140e5f3c
Merge pull request #3122 from jbcraig/fix_cacert_feature 
resolve issues with new cacert feature
 2018-09-05 23:31:53 +02:00
Erwan Miran
059cd17b47 Fix target hosts generation when /etc/hosts does not contain 127.0.0.1 or ::1 2018-08-31 16:33:18 +02:00
Antoine Legrand
247b9e83d8 etcd arch-image 2018-08-31 13:45:08 +02:00
Antoine Legrand
9c2098b8fa fix kubelet_max_pod assert 2018-08-31 13:45:08 +02:00
Antoine Legrand
48c0c8d854 Update dir list 2018-08-31 13:45:08 +02:00
Erwan Miran
b395bb953f Fix wrong when condition that ends up with jinja error when the content of /etc/hosts contains parenthesis 2018-08-27 21:20:57 +02:00
k8s-ci-robot
7efe287c74
Merge pull request #2474 from mirwan/localhost_in_etc_hosts 
Localhost in hosts files should be updated (if necessary), not overriden
 2018-08-27 06:25:43 -07:00
k8s-ci-robot
d43cd9a24c
Merge pull request #3104 from maxbrunet/hotfix/replace-local_actions 
Use delegate_to: localhost instead of local_action
 2018-08-27 02:50:42 -07:00
Maxime Brunet
33135f2ada k8s/preinstall: Turn AND condition into a list 2018-08-25 14:33:31 -04:00
Erwan Miran
1432e511a2 same work with less lines 2018-08-24 14:06:07 +02:00
Antoine Legrand
4882531c29
Merge pull request #3115 from oracle/oracle_oci_controller 
Cloud provider support for OCI (Oracle Cloud Infrastructure)
 2018-08-23 18:22:45 +02:00
Aivars Sterns
23fd3461bc calico upgrade to v3 (#3086) 
* calico upgrade to v3

* update calico_rr version

* add missing file

* change contents of main.yml as it was left old version

* enable network policy by default

* remove unneeded task

* Fix kubelet calico settings

* fix when statement

* switch back to node-kubeconfig.yaml
 2018-08-23 17:17:18 +03:00
Erwan Miran
a7b0c454db Localhost in hosts files should be updated (if necessary), not overriden 2018-08-22 12:10:49 +02:00
Jeff Bornemann
94df70be98 Cloud provider support for OCI (Oracle Cloud Infrastructure) 
Signed-off-by: Jeff Bornemann <jeff.bornemann@oracle.com>
 2018-08-21 17:36:42 -04:00
Mark Eisenblaetter
0c0a2138d9 allow '.' in hostnames 
we use FQDN as inventory_hostname
 2018-08-21 08:24:33 +02:00
Tatsuyuki Ishi
3eef8dc8d0 Add bad hostname preflight check 
Hostname must be a valid DNS name, which is checked as https://github.com/kubernetes/apimachinery/blob/master/pkg/util/validation/validation.go#L115

The situation I have encountered is that my hostname contained underscore which is disallowed and apiserver refused to start.
 2018-08-20 09:09:00 +09:00
rongzhang
b421d0ed5b Fix install nss 2018-08-20 00:07:31 +08:00
Antoine Legrand
7a0f0126f7
Merge pull request #1295 from xuhuilong/master 
fix curl get calico status error ( error in tls version, centos 7.3 1611)
 2018-08-17 14:29:01 +02:00
Jonathan Craig
4d783fff0d resolve issues with new cacert feature 2018-08-16 23:31:21 -04:00
Maxime Brunet
70b28288a3 Use delegate_to: localhost instead of local_action 
Allow to use `ansible_become: true` (#2969)
And set it to `false` for `localhost` with an `host_var`
 2018-08-14 10:08:43 -04:00
Matthew Mosesohn
581a30fdec Remove erroneous cloud-config task 2018-08-10 15:59:18 +03:00
Rong Zhang
e71f261935
Merge pull request #3068 from riverzhang/swap 
Enable swap
 2018-08-07 21:29:41 +08:00
rongzhang
b902602d16 Enable swap 2018-08-07 21:13:12 +08:00
Rong Zhang
c288ffc55d
Merge pull request #2342 from southquist/add-ca-cert 
allow for setting the cacert on openstack cloud provider
 2018-08-07 17:46:01 +08:00
rongzhang
ac644ed049 Fix yaml roles error 2018-08-05 18:48:07 +08:00
woosley.xu
72074f283b set local for growpart part 2 2018-07-31 06:56:09 +08:00
woosley.xu
a5db3dbea9 set locale for growpart 2018-07-31 06:52:56 +08:00
southquist
c685dc493f allow for setting the cacert on openstack cloud provider 2018-06-28 16:00:13 +02:00
Rong Zhang
1aee6ec371
Merge pull request #2903 from riverzhang/swap 
Add manage swap on the worker node
 2018-06-21 22:20:23 +08:00
rongzhang
3232e2743e Add manage swap on the worker node 2018-06-21 08:15:01 +00:00
Andreas Krüger
c3d8b131db
Merge pull request #2801 from dvazar/bugfix/undefined__network_plugin__variable 
Fixed "network_plugin" variable
 2018-06-19 10:01:06 +02:00
Aivars Sterns
cb0a257349
Merge pull request #2819 from oleh-ozimok/fix-cidr-assert 
Fix enough network address space assert
 2018-06-06 07:32:16 +03:00
Dmitry
f912a4ece5 Fix compare AnsibleUnsafeText with int (#2828) 2018-06-04 11:34:10 +03:00
Oleg Ozimok
38f7ba2584 Fix enough network address space assert 2018-05-27 18:01:17 +03:00
dvazar
b3f9cae820 fixed a check unknown networks (cilium & contiv) 2018-05-22 16:43:19 +07:00
Andreas Krüger
a67bdff28c
Merge pull request #2743 from mrostecki/opensuse-tumbleweed-openssl 
opensuse: Fix OpenSSL package name
 2018-05-22 11:21:04 +02:00
dvazar
4b8daa22f6 Fixes #2800 2018-05-19 00:57:09 +07:00
Christopher J. Ruwe
c1bc4615fe assert that number of pods on node does not exceed CIDR address range 
The number of pods on a given node is determined by the  --max-pods=k
directive. When the address space is exhausted, no more pods can be
scheduled even if from the --max-pods-perspective, the node still has
capacity.

The special case that a pod is scheduled and uses the node IP in the
host network namespace is too "soft" to derive a guarantee.

Comparing kubelet_max_pods with kube_network_node_prefix when given
allows to assert that pod limits match the CIDR address space.
 2018-05-16 11:55:46 +00:00
Matthew Mosesohn
07cc981971
refactor vault role (#2733) 
* Move front-proxy-client certs back to kube mount

We want the same CA for all k8s certs

* Refactor vault to use a third party module

The module adds idempotency and reduces some of the repetitive
logic in the vault role

Requires ansible-modules-hashivault on ansible node and hvac
on the vault hosts themselves

Add upgrade test scenario
Remove bootstrap-os tags from tasks

* fix upgrade issues

* improve unseal logic

* specify ca and fix etcd check

* Fix initialization check

bump machine size
 2018-05-11 19:11:38 +03:00
Michal Rostecki
066016cd3e opensuse: Fix OpenSSL package name 
OpenSSL 1.1 package in openSUSE Tumbleweed is named openssl-1_1,
not openssl-1_1_0.
 2018-05-08 10:03:30 +02:00
mirwan
c3c5817af6 sysctl file should be in defaults so that it can be overriden (#2475) 
* sysctl file should be in defaults so that it can be overriden

* Change sysctl_file_path to be consistent with roles/kubernetes/preinstall/defaults/main.yml
 2018-04-27 18:50:58 +03:00
Markos Chandras
9168c71359 Revert "Revert "Add openSUSE support" (#2697)" (#2699) 
This reverts commit 51f4e6585a.
 2018-04-26 12:52:06 +03:00
Matthew Mosesohn
51f4e6585a
Revert "Add openSUSE support" (#2697) 2018-04-23 14:28:24 +03:00
Paul Montero
75950344fb
run_once pre_upgrade tasks which are executing in localhost 2018-04-19 11:38:13 -05:00
Matthew Mosesohn
f73717ea35
Mount local volume provisioner dirs for containerized kubelet (#2648) 2018-04-12 22:55:13 +03:00
Nirmoy Das
45eac53ec7 roles: kubernetes: preinstall: Install openssl-1.1.0 on Tumbleweed 
The openssl package on Tumbleweed is actually a virtual package covering
openssl-1.0.0 and openssl-1.1.0 implementations. It defaults to 1.1.0 so
when trying to install it and openssl-1.0.0 is installed, zypper fails
with conflicts. As such, lets explicitly pull the package that we need
which also updates the virtual one.

Co-authored-by: Markos Chandras <mchandras@suse.de>
 2018-04-11 17:46:14 +01:00
Markos Chandras
e42203a13e roles: kubernetes: preinstall: Add SUSE support 
Add support for installing package dependencies and refreshing metadata
on SUSE distributions

Co-authored-by: Nirmoy Das <ndas@suse.de>
 2018-04-11 17:46:14 +01:00