C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
4226 commits 17 branches 66 tags 141 MiB
Commit graph

2700 commits

Author SHA1 Message Date
Sergey
55890e1b82 keep compatibility as it was before (#4268) 2019-04-03 01:39:42 -07:00
Sergey
1e524c68d5 remove our config if docker start failed (#4260) 2019-04-03 01:37:44 -07:00
Sergey
740d8b0a26 enable kubelet client certificate rotation (#4081) 
* enable kubelet client certificate rotation

* change to variable kubelet_rotate_certificates
 2019-04-03 01:35:44 -07:00
Gautam Divgi
a8dd69cf17 Fixed cleanup-docker-orphans.sh to use docker-containerd-shim and containerd-shim (#4418) 2019-04-02 09:11:21 -07:00
Matthew Mosesohn
4fe2aa6bf7 Use install_cni init container for cni copy for calico/canal (#4416) 2019-04-02 03:32:36 -07:00
Chad Swenson
5d5c9cab19 Speed up old docker package removal (#4408) 
Both the `yum` and `apt` modules support a list as input, this allows us avoid the slower `with_items` approach, which can take a long time with a large count of cluster nodes.
 2019-04-01 15:08:35 -07:00
Matthew Mosesohn
5f12b7aedf Remove kubedns and dnsmasq. Move dns_late phase after apps (#4406) 
Both kubedns and dnsmasq modes are long not maintained.
We should run dns_late steps at the end because sshd
makes DNS lookups during Ansible run and has 2s timeouts
for each failed lookup trying to connect to coredns before
it is ready.
 2019-04-01 12:32:34 -07:00
Bort Verwilst
d71590bbd0 add 1.14.0 checksum, remove 1.11.* checksums (#4401) 2019-04-01 07:16:33 -07:00
ml
483f1d2ca0 Calico felix - Fix jinja2 boolean condition (#4348) 
* Fix jinja2 boolean condition

* Convert all felix variable to booleans instead.
 2019-03-29 16:07:09 -07:00
Dmitry Chepurovskiy
0440e45d65 Fix supplementary_addresses rendering error (#4403) 2019-03-29 00:26:13 -07:00
Stefan Prietl
2fb27c8521 Use static files in KubeDNS templating task (#4379) 
This commit adapts the "Lay Down KubeDNS Template" task to use the static
files moved by pull request [1]

[1] https://github.com/kubernetes-sigs/kubespray/pull/4341
 2019-03-28 06:26:43 -07:00
Qasim Sarfraz
f17f4ff963 Fix bootsrap-os role, failing to create remote_tmp (#4384) 
* Fix bootsrap-os role, failing to create remote_tmp

* use ansible_remote_tmp hostvar
 2019-03-28 06:24:43 -07:00
Sergey
e9c34fe038 Default values for variable dns_servers and dns_domain are set in two files: (#3999) 
values from inventory in roles/kubespray-defaults/defaults/main.yml
hardcoded values in roles/container-engine/defaults/main.yml

dns_servers set empty in roles/container-engine/defaults/main.yml and skydns_server not set in docker_dns_servers variables
also set default value for manual_dns_serve

another variables in roles/container-engine/defaults not need to set
 2019-03-28 06:22:44 -07:00
Dmitry Chepurovskiy
669ab10c17 Added livenessProbe for local nginx apiserver proxy liveness probe (#4222) 
* Added configurable local apiserver proxy liveness probe

* Enable API LB healthcheck by default

* Fix template spacing and moved healthz location to nginx http section

* Fix healthcheck listen address to allow kubelet request healthcheck
 2019-03-28 06:20:46 -07:00
Qasim Sarfraz
0a3cf1a087 Fix CA cert environment variable for ectd v3 (#4381) 2019-03-28 00:18:43 -07:00
Bart Verwilst
0efa3e6392
Upgrade to k8s 1.13.5 2019-03-27 11:16:21 +01:00
Matthew Mosesohn
6d7f3c4405 Reduce jinja2 filters in coredns templates (#4390) 2019-03-26 11:09:17 -07:00
Etienne
d0ae316934 Use proxy_env with kubeadm phase commands (#4325) 2019-03-26 03:03:19 -07:00
Matthew Mosesohn
b7fd462944 Fix support for ansible 2.7.9 (#4375) 2019-03-20 11:29:42 -07:00
Matthew Mosesohn
ec08303f82 Revert "Fix #4237: update kube cert path (#4354)" (#4369) 
This reverts commit ea7a6f1cf1.

This change modified the certs dir for Kubernetes, but did not move the directories for existing clusters.
 2019-03-20 05:56:57 -07:00
Dmitry Chepurovskiy
ea7a6f1cf1 Fix #4237: update kube cert path (#4354) 2019-03-17 23:55:11 -07:00
Matthew Mosesohn
150a969cf4
Forcefully delete pods when necessary (#4328) 
Pods on down/unresponsive nodes can't be deleted without
--force --grace-period=0.

Fixes #4314
 2019-03-14 07:45:46 -07:00
Manuel Cintron
3c4cbf133e Adding ability to override dashboard replica count (#4344) 2019-03-13 13:58:25 -07:00
Matthew Mosesohn
fd2c47b56a Move most coredns templates to static files (#4341) 
* Move most coredns templates to static files

This should speed up the task slightly

* yaml lint fixes
 2019-03-12 21:17:31 -07:00
Bort Verwilst
33024731e4 Upgrade to k8s 1.13.4 (#4319) 2019-03-06 23:16:56 -08:00
chadswilson
d469282f1c add blockSize to IPPool spec for Calico >= v3.3.0 (#4224) 
* add blockSize to IPPool spec for Calico >= v3.3.0

* fix "cidr" spec in Calico IPPool resource for my PR
 2019-03-06 12:42:48 -08:00
Matthew Mosesohn
acbf3db233 Remove hard dependence on facts for all nodes (#4304) 
* Remove hard dependence on facts for all nodes

* Update main.yaml

* Update main.yaml
 2019-03-05 03:04:39 -08:00
Matthew Mosesohn
adf6a7121f Reenable set_facts task for dns_late (#4312) 2019-03-01 05:39:30 -08:00
Bort Verwilst
bbfd2dc2bd Add 1.12.6, sort arm64 descending (#4308) 
* Add 1.12.6, sort arm64 descending

* remove 1.10.x checksums (EOL anyways)
 2019-02-28 05:55:19 -08:00
Matthew Mosesohn
4fe61968cf Set default value for local_path_provisioner_enabled in role (#4309) 2019-02-28 05:36:08 -08:00
Anupam Basak
9e8e069b23 remove kube bridge on reset (#4250) 2019-02-26 00:32:00 -08:00
Peter Metz
26ca58419f feat(external-provisioner): adds support for local-path-provisioner (#4232) 
* feat(external-provisioner/local-path-provisioner): adds support for local path provisioner

Helpful for local development but also in production workloads (once the
permission model is worked out) where you have redundancy built into the
software uses the PVCs (e.g. database cluster with synchronous
replication)

* feat(local-path-provisioner): adds debug flag, image tag group var

* fix(local-path-provisioner): moves image repo/tag to download role

* test(gce_centos7-flannel): enables local-path-provisioner in test case

* fix(addons): add image repo/tag to commented default values

* fix(local-path-provisioner): typo in jinja template for local path provisioner

* style(local-path-provisioner): debug flag condition re-formatted

* fix(local-path-provisioner): adds missing default value for debug flag

* fix(local-path-provisioner): syntax fix for debug if condition end

* fix(local-path-provisioner): jinja template syntax: if condition white space
 2019-02-25 22:45:30 -08:00
hikoz
67832aada9 changed_when:false (#4189) 2019-02-25 20:09:30 -08:00
hikoz
3d25b4dfc1 30MiB for gpu-device-plugin (#4227) 
* 30MiB for gpu-device-plugin

* use vars for easier configuration
 2019-02-25 20:03:53 -08:00
Wong Hoi Sing Edison
1c12c19150 weave: Upgrade to 2.5.1 (#4248) 
Upstream Changes:

  - weave 2.5.1 (https://github.com/weaveworks/weave/releases/tag/v2.5.1)

Our Changes:

  - Sync templates with upstream changes
 2019-02-25 20:02:00 -08:00
Ryler Hockenbury
88249308a0 Add labels to vsphere cloud config (#4275) 2019-02-25 19:58:15 -08:00
Gabor Lekeny
b4aaa7b908 Speed up tasks (#4278) 
* fact gathering should run only once per node
* eliminate ansible version check, it is at the beginning of each
  playbook
 2019-02-25 19:56:23 -08:00
Vasilis Remmas
81801ce23b Add master toleration flag in dashboard deployment (#4290) 2019-02-25 19:34:47 -08:00
Etienne
7dfa39483f Make container storage repository configurable (#4284) 2019-02-25 19:29:32 -08:00
Matthew Mosesohn
b07641c3f3 Move kube_proxy_remove out of set_facts and set default (#4180) 2019-02-25 00:08:06 -08:00
Matthew Mosesohn
4638acfe81 Retry applying podsecurity policies (#4279) 2019-02-24 22:50:55 -08:00
Kaoet
aadef80404 Upgrade to latest version of ubuntu-nvidia-driver-installer. (#4296) 
The lastest version of ubuntu-nvidia-driver-installer contains a fix for
https://github.com/GoogleCloudPlatform/container-engine-accelerators/issues/90
which causes the installer pod to crash when driver is already loaded.
 2019-02-24 22:22:48 -08:00
Frank Ritchie
9805fb7a34 Add flexvolume plugin dir to kubeadm kubelet (#4168) 
This was already approved in #4106 but there are CI issues
with that PR due to references to kubernetes incubator.

After upgrading to Kubespray 2.8.1 with Kubeadm enabled Rook
Ceph volume provision failed due to the flexvolume plugin dir not
being correct. Adding the var fixed the issue
 2019-02-20 15:02:02 -08:00
Maxime Guyot
323d788f48 Add support for --enable-skip-login in Dashboard (#4265) 2019-02-19 23:24:29 -08:00
Abdulaziz AlMalki
eafab9636f fix wrong indent of oidc-username-prefix and oidc-groups-prefix in kubeadm config template (#4263) 2019-02-19 23:22:32 -08:00
Seungkyu Ahn
107bfb259a This PS is to fix the bug when Workers can't join the cluster (#4276) 
because of etc-kubernetes-manifests not empty.
 2019-02-19 22:13:59 -08:00
Rong Zhang
d4a36aa55b
Merge pull request #4027 from riverzhang/kube-proxy 
Add update server field in kube-proxy kubeconfig
 2019-02-20 13:41:06 +08:00
Manuel Cintron
07b2894080 Adding ability to maintain existing Encryption Secrets at Rest. (#4255) 
* Adding ability to maintain existing Encryption Secrets at Rest.

If secrets_encryption.yaml is present it will not be overriten with a new kube_encrypt_token.

This should allow for it to be set ahead of a playbook running or maintain it if cluster.yml is ran on the same cluster and the ansible host does not have access to the secrets.

* Setting existing kube_encrypt_token across all master nodes in case it was missing in one or more nodes.
 2019-02-19 07:31:45 -08:00
Florent Monbillard
802ac377b8 Fix typo in task description (#4243) 2019-02-19 06:06:29 -08:00
Kaoet
23685b4537 Add image tag in "pause" container of nvidia driver installer. (#4247) 2019-02-17 21:02:30 -08:00