Matthew Mosesohn
1f9f885379
Fix etcd cert generation to support large deployments
...
Due to bash max args limits, we should pass all node filenames and
base64-encoded tar data through stdin/stdout instead.
Fixes #832
2016-12-30 12:55:26 +03:00
Bogdan Dobrelya
2c23027794
Merge pull request #838 from mattymo/invb_enhance
...
Add yaml/json loader for inventory
2016-12-29 13:19:19 +01:00
Matthew Mosesohn
15589dd88f
Merge pull request #816 from bogdando/paths_units
...
Systemd units, limits, and bin path fixes
2016-12-29 15:18:01 +03:00
Bogdan Dobrelya
1a7f52c889
Merge pull request #837 from bogdando/notall
...
Rework wildcards matching all nodes
2016-12-29 12:01:30 +01:00
Matthew Mosesohn
24cbf2287c
Update inventory.py
2016-12-29 10:57:58 +03:00
Bogdan Dobrelya
a56d9de502
Systemd units, limits, and bin path fixes
...
* Add restart for weave service unit
* Reuse docker_bin_dir everythere
* Limit systemd managed docker containers by CPU/RAM. Do not configure native
systemd limits due to the lack of consensus in the kernel community
requires out-of-tree kernel patches.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-28 15:49:42 +01:00
Matthew Mosesohn
95e14ffb54
Add yaml/json loader for inventory
2016-12-28 16:50:31 +03:00
Bogdan Dobrelya
6139ee3add
Merge pull request #831 from mattymo/fix_separate_etcd
...
Fix creation and sync of etcd certs
2016-12-28 13:56:42 +01:00
Matthew Mosesohn
f0c0390646
Fix creation and sync of etcd certs
...
Admin certs only go to etcd nodes
Only generate cert-data for nodes that need sync
2016-12-28 14:21:17 +04:00
Matthew Mosesohn
e7a1949d85
Merge pull request #818 from mattymo/calico-rr-certs
...
Fix calico-rr to use etcd certs instead of kube certs
2016-12-28 08:47:16 +03:00
Bogdan Dobrelya
ff8cb46bb9
Rework wildcards matching all nodes
...
* Re-enable ansible_ssh_pipelining as expected for the cluster.yml
* Do not use 'all' wildcasts for hosts, limit only to k8s-cluster, etcd,
calico-rr groups instead. Other nodes in inventory are out of Kargo
scope and it's up to users how to manage them.
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2016-12-27 17:02:08 +01:00
Antoine Legrand
399cb9707a
Merge pull request #828 from bogdando/triggers
...
Rework CI triggers/pipeline
2016-12-27 15:20:42 +01:00
Matthew Mosesohn
6d9cd2d720
Fix calico-rr to use etcd certs instead of kube certs
2016-12-27 17:04:50 +03:00
Bogdan Dobrelya
622537bd33
Rework CI triggers/pipeline
...
* Run CI triggers in one step
* Run all test matrix for triggers
* Switch back to g1-small
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2016-12-27 14:39:52 +01:00
Bogdan Dobrelya
9169f840c2
Merge pull request #827 from bogdando/noreds
...
Rework ignore_errors to report no reds
2016-12-27 14:37:38 +01:00
Bogdan Dobrelya
79996b557b
Rework ignore_errors to report no reds
...
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2016-12-27 13:00:50 +01:00
Antoine Legrand
be8e5e1fdc
Merge pull request #805 from bogdando/dnsmasq_armors
...
Do not forward private domains for upstream resolvers
2016-12-26 14:50:39 +01:00
Bogdan Dobrelya
bb0c3537cb
Do not forward bogus domains for upstream resolvers
...
Also fix kube log level 4 to log dnsmasq queries.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-23 11:53:14 +01:00
Matthew Mosesohn
36a5143478
Merge pull request #804 from mattymo/inventory_builder
...
Add inventory builder python script
2016-12-23 13:22:41 +03:00
Matthew Mosesohn
7b86b87dca
Add inventory builder python script
...
Includes tox support for running unit tests.
Small note added to getting-started guide for using
inventory_builder.py
Also adds manual-only unit test.
2016-12-23 13:00:56 +03:00
Spencer Smith
0fe2b66097
Merge pull request #813 from mattymo/etcdcertflags
...
Adjust etcd server certificates
2016-12-22 16:37:15 -05:00
Matthew Mosesohn
385f7f6e75
Update etcd.j2
2016-12-22 22:29:24 +03:00
Matthew Mosesohn
9f1e3db906
Adjust etcd server certificates
...
ETCD doesn't need cert/key options set. It only requires peer
cert options.
2016-12-22 23:05:17 +04:00
Spencer Smith
b63d900625
Workaround etcdctl not yet being installed ( #797 )
...
workaround case for etcdctl not yet being installed, only allow for return code of 0 (no error)
2016-12-22 12:41:38 -05:00
Antoine Legrand
ac295de64c
Merge pull request #812 from mattymo/vars_doc
...
Document commonly used Kargo vars
2016-12-22 18:01:23 +01:00
Matthew Mosesohn
111571b67a
Document commonly used Kargo vars
2016-12-22 19:57:39 +03:00
Matthew Mosesohn
a4bce333a3
Merge pull request #760 from genti-t/issue-748-flannel-options
...
Fix Flannel network on CoreOS
2016-12-22 19:02:31 +03:00
Matthew Mosesohn
c53a6eca86
Merge pull request #798 from mattymo/perhostssl7
...
Individual etcd ssl certs
2016-12-22 19:02:15 +03:00
Genti Topija
7c2785e083
Fix Flannel network on CoreOS
...
Resolves : #748
2016-12-22 16:50:04 +01:00
Antoine Legrand
aab4149ab0
Merge pull request #809 from bogdando/ci_forks
...
Raise ansible forks for CI test config
2016-12-22 15:55:47 +01:00
Bogdan Dobrelya
89a4b92753
Raise ansible forks for CI test config
...
As we raised the flavor from small to standard, raise the ansible
forks from default 5 to 20 to speed up deployment.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-22 15:12:47 +01:00
Bogdan Dobrelya
5414a410bd
Merge pull request #787 from bogdando/coreos_weave_manual
...
Add coreos-alpha weave manual CI builds
2016-12-22 14:32:03 +01:00
Matthew Mosesohn
ad796d188d
Individual etcd ssl certs
...
Includes hooks for triggering calico, kubelet, and kube-apiserver restarts
if etcd certs changed.
2016-12-22 13:31:11 +03:00
Bogdan Dobrelya
de8cd5cd7f
Merge pull request #786 from mattymo/bug777
...
Add wait for kube-apiserver to kubernetes-apps
2016-12-22 11:02:50 +01:00
Bogdan Dobrelya
cc93c4fe12
Merge pull request #801 from rsmitty/issue-800
...
create systemd drop-in path if not existent
2016-12-22 11:02:05 +01:00
Bogdan Dobrelya
c456a311d6
Add coreos-alpha weave manual CI builds
...
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-22 11:00:31 +01:00
Bogdan Dobrelya
ed4b4b8482
Merge pull request #791 from kubernetes-incubator/premptilble_gce_vm
...
Use preemptible instances
2016-12-22 11:00:08 +01:00
Spencer Smith
8d9f207836
create systemd drop-in path if not existent
2016-12-21 13:06:12 -05:00
Bogdan Dobrelya
2a3164e040
Merge pull request #794 from kubernetes-incubator/revert-722-dnsmasq_armors
...
Revert "Do not forward private domains for upstream resolvers"
2016-12-21 17:39:11 +01:00
Bogdan Dobrelya
f10d1327d4
Revert "Do not forward private domains for upstream resolvers"
2016-12-21 15:24:17 +01:00
Matthew Mosesohn
d314174149
Add wait for kube-apiserver to kubernetes-apps
...
Fixes #777
2016-12-21 15:39:39 +03:00
Antoine Legrand
9885fe73dc
use standard vm
2016-12-21 11:43:52 +01:00
Antoine Legrand
f2cf323ecf
Merge pull request #782 from samos123/master
...
Vagrant, skip synchronize tasks (bug #697 )
2016-12-21 11:18:20 +01:00
Bogdan Dobrelya
cf4f2b4f14
Merge pull request #780 from bogdando/downloads
...
Add download_always_pull check and sha256 for docker images
2016-12-21 11:02:57 +01:00
Antoine Legrand
fbc13ea6dc
Use preemptible instances
2016-12-21 09:27:21 +01:00
Bogdan Dobrelya
b8bc8eee41
Add download_always_pull check and sha256 for docker images
...
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-20 17:02:09 +01:00
Bogdan Dobrelya
11380769cd
Merge pull request #722 from bogdando/dnsmasq_armors
...
Do not forward private domains for upstream resolvers
2016-12-20 14:25:17 +01:00
Antoine Legrand
ee62c99eb1
Merge pull request #785 from bogdando/pipelines
...
Add gitlab CI auto builds for triggers
2016-12-20 14:18:19 +01:00
Bogdan Dobrelya
843d439898
Merge pull request #775 from kubernetes-incubator/register_master
...
Register master node as unschedulable
2016-12-20 14:17:55 +01:00
Bogdan Dobrelya
8d5da5cfca
Add gitlab CI auto builds for triggers
...
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-20 11:23:13 +01:00