jwfang
27e3998cb6
add kube-node to system:nodes group, add system:kube-proxy cert for kube-proxy
2017-06-26 16:35:24 +08:00
Brad Beam
2b9e2d7179
Merge pull request #1335 from bradbeam/imagerepo
...
Set default value for kube_hyperkube_image_repo
2017-06-12 09:46:17 -05:00
Brad Beam
bccbb172c6
Fixing up vault variables
2017-06-08 16:15:33 -05:00
Brad Beam
80017dac22
Set default value for kube_hyperkube_image_repo
...
Fixes #1334
2017-06-08 12:22:16 -05:00
Brad Beam
4d9ee730ac
Merge pull request #1092 from bradbeam/rkt_docker
...
Adding flag for docker container in kubelet w/ rkt
2017-06-06 12:58:40 -05:00
Spencer Smith
4b955f8e9a
check if cloud_provider is defined
2017-05-31 08:24:24 -04:00
Spencer Smith
4c99902a69
add direct path for cert in AWS with RHEL family
2017-05-26 17:32:50 -04:00
Matthew Mosesohn
0e1fddb11c
Merge pull request #1293 from mattymo/kubelet_host_mode
...
Add host-based kubelet deployment
2017-05-19 18:07:39 +03:00
Matthew Mosesohn
3bb8fb6b3e
Add host-based kubelet deployment
...
Kubelet gets copied from hyperkube container and run locally.
2017-05-19 16:54:07 +03:00
Brad Beam
db0ff8762c
Fixing typo in kubelet cluster-dns and cluster-domain flags
2017-05-16 15:43:29 -05:00
Spencer Smith
82e1684aaf
Merge pull request #1254 from iJanki/cert_group
...
Adding /O=system:masters to admin certificate
2017-05-05 10:58:42 -04:00
Spencer Smith
755c20f2f9
ensure the /etc/os-release is mounted read only
2017-05-01 14:51:40 -04:00
Spencer Smith
f608e9e4f8
add for rkt as well
2017-04-28 17:45:10 -04:00
Spencer Smith
fe7c2709f9
mount os-release to ensure the node's OS is what's seen in k8s api
2017-04-28 13:40:54 -04:00
Sergii Golovatiuk
085aeb6a0a
Ansible 2.3 support
...
- Fix when clauses in various places
- Update requirements.txt
- Fix README.md
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-04-26 15:22:10 +02:00
Spencer Smith
04818b9d94
fix stray 'in' and break into multiple lines for clarity
2017-04-20 09:53:01 -04:00
Spencer Smith
21b10784f4
allow for correct aws default resolver
2017-04-20 09:32:03 -04:00
Matthew Mosesohn
cb52d78845
Merge pull request #1246 from holser/disable_dns_for_kube_services
...
Change DNS policy for kubernetes components
2017-04-20 16:12:52 +03:00
Sergii Golovatiuk
f061ce63b3
Add aws to default_resolver
...
When VPC is used, external DNS might not be available. This patch change
behavior to use metadata service instead of external DNS when
upstream_dns_servers is not specified.
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-04-20 11:47:19 +02:00
Sergii Golovatiuk
0a687a22ff
Change DNS policy for kubernetes components
...
According to code apiserver, scheduler, controller-manager, proxy don't
use resolution of objects they created. It's not harmful to change
policy to have external resolver.
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-04-20 11:22:57 +02:00
Matthew Mosesohn
fc5ca5090e
Merge pull request #1238 from Starefossen/fix/namespace-template-file
...
Move namespace file to template directory
2017-04-20 12:19:55 +03:00
Matthew Mosesohn
8d5d973a64
Merge pull request #1241 from bradbeam/rktcnidir
...
Explicitly create cni bin dir
2017-04-20 12:19:26 +03:00
Sergii Golovatiuk
1268c9b642
Fix restart kube-controller ( #1242 )
...
kubernetesUnitPrefix was changed to k8s_* in 1.5. This patch reflects
this change in kargo
2017-04-20 11:26:01 +03:00
Brad Beam
0dc4967e43
Explicitly create cni bin dir
...
If this path doesnt exist, it will cause kubelet to fail to start when
using rkt
2017-04-19 16:00:44 +00:00
Hans Kristian Flaatten
12bbb243b2
Move namespace file to template directory
2017-04-19 13:37:02 +02:00
Spencer Smith
e76ed88ea2
Merge pull request #1232 from rsmitty/custom-flags
...
add ability for custom flags
2017-04-17 14:01:32 -04:00
Spencer Smith
1d848dc211
remove stray spaces in templating
2017-04-17 12:24:24 -04:00
Spencer Smith
daa728e3cf
ensure spacing on string of flags
2017-04-17 12:13:39 -04:00
Spencer Smith
0fb9469249
ensure spacing on string of flags
2017-04-17 11:11:10 -04:00
Spencer Smith
c1192b1154
update to safeguard against accidentally passing string instead of list
2017-04-17 11:09:34 -04:00
Matthew Mosesohn
f500f32771
Merge pull request #1233 from gbolo/master
...
allow admission control plug-ins to be easily customized
2017-04-17 12:59:49 +03:00
gbolo
c05d141128
allow admission control plug-ins to be easily customized
2017-04-16 22:03:45 -04:00
Spencer Smith
7656ae2887
add ability for custom flags
2017-04-14 17:33:04 -04:00
Matthew Mosesohn
74c43c290a
Skip vault cert task evaluation completely when using script cert generation
2017-04-13 19:29:07 +03:00
Matthew Mosesohn
72749b8e73
Update kubelet.j2
2017-04-06 22:59:18 +03:00
Matthew Mosesohn
d74770147e
Unbreak 1.5 deployment with kubelet
...
1.5 kubelet fails to start when using unknown params
2017-04-06 21:07:48 +03:00
Matthew Mosesohn
06c8399c6e
Merge pull request #1208 from mattymo/1.6-flannel
...
Update to k8s 1.6 with flannel and centos fixes
2017-04-06 13:04:02 +03:00
Matthew Mosesohn
655721268d
Fix flannel for 1.6 and apply fixes to enable containerized kubelet
2017-04-06 10:06:21 +04:00
Matthew Mosesohn
b50839bb9f
Merge pull request #1205 from holser/resolv_updates
...
Refactoring resolv.conf
2017-04-05 14:22:52 +03:00
Sergii Golovatiuk
16dd412d89
Refactoring resolv.conf
...
- Renaming templates for netchecker
- Add dnsPolicy: ClusterFirstWithHostNet to kube-proxy
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-04-05 09:28:01 +02:00
Matthew Mosesohn
b9461abeec
Merge pull request #1204 from mattymo/resolvconf-nodes
...
Restart kubelet when updating /etc/resolv.conf on all k8s nodes
2017-04-04 22:03:44 +03:00
Matthew Mosesohn
91be2aa8bb
Merge pull request #1186 from holser/resolv_conf
...
Set ClusterFirstWithHostNet for Pods with hostnetwork: true
2017-04-04 20:49:55 +03:00
Matthew Mosesohn
927a95fb65
Restart kubelet when updating /etc/resolv.conf on all k8s nodes
2017-04-04 20:43:47 +03:00
Sergii Golovatiuk
829b0948a3
Set ClusterFirstWithHostNet for Pods with hostnetwork: true
...
In kubernetes 1.6 ClusterFirstWithHostNet was added as an option. In
accordance to it kubelet will generate resolv.conf based on own
resolv.conf. However, this doesn't create 'options', thus the proper
solution requires some investigation.
This patch sets the same resolv.conf for kubelet as host
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-04-04 16:34:13 +02:00
Matthew Mosesohn
380ad9815f
Merge pull request #1153 from mattymo/graceful_drain
...
Move graceful upgrade test to Ubuntu canal HA, adjust drain
2017-04-04 17:33:53 +03:00
Matthew Mosesohn
90e8d4c4ea
Add /var/lib/cni to kubelet
...
Necessary to persist this directory for host-local IPAM used by Canal
Add pre-upgrade task to copy /var/lib/cni out of old kubelet.
2017-04-03 19:38:24 +03:00
Matthew Mosesohn
620944b052
Fix multiline condition for k8s check certs
...
Fixes #1190
2017-04-03 17:44:55 +03:00
Matthew Mosesohn
a5391ff21a
use etcd2 when upgrading unless forced
2017-04-03 15:07:42 +03:00
Matthew Mosesohn
423fe7e51d
Update .gitlab-ci.yml
2017-03-30 12:19:15 +04:00
Matthew Mosesohn
1d4e6b2ade
delete master containers forcefully
2017-03-27 19:08:22 +03:00