Etienne Champetier
fa35cc02a7
Fix scaling ( #5889 ) ( #5911 )
...
* etcd: etcd-events doesn't depend on etcd_cluster_setup
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
* etcd: remove condition already present on include_tasks
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
* etcd: fix scaling up
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
* etcd: use *access_addresses, do not delegate to etcd[0]
We want to wait for the full cluster to be healthy,
so use all the cluster addresses
Also we should be able to run the playbook when etcd[0] is down
(not tested), so do not delegate to etcd[0]
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
* etcd: use failed_when for health check
unhealthy cluster is expected on first run, so use failed_when
instead of ignore_errors to remove scary red messages
Also use run_once
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
* kubernetes/preinstall: ensure ansible_fqdn is up to date after changing /etc/hosts
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
* kubernetes/master: regenerate apiserver cert if needed
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit a35b6dc1af
)
2020-04-20 00:45:39 -07:00
Bort Verwilst
f33aafefa2
added "Flatcar", "Flatcar Container Linux by Kinvolk" for all coreOS role ( #5607 ) ( #5818 )
...
Co-authored-by: Sylvain Chateau <sylvain.chateau@epitech.eu>
2020-03-27 06:06:23 -07:00
Etienne Champetier
fde234fda7
Fix certificates checking when adding etcd node to existing k8s node ( #5807 ) ( #5826 )
...
Co-authored-by: alexkomrakov <alexkomrakov@gmail.com>
(cherry picked from commit 6ad6609872
)
2020-03-26 08:50:25 -07:00
Maxime Guyot
b15d41a96a
Add support to Ansible 2.9 ( #5361 )
2019-12-05 07:24:32 -08:00
Sergey
932935ecc7
fix wrong path in include install_host.yml in etcd role ( #5256 )
2019-10-13 18:16:34 -07:00
Matthew Mosesohn
7abf6a6958
Allow etcd member join by checking cluster health only on first etcd ( #5032 )
...
Change-Id: I9cc01cef3a437893225e2d9f58495826bbce7be9
2019-08-07 04:44:50 -07:00
Matthew Mosesohn
4348e78b24
Enable kubeadm etcd mode ( #4818 )
...
* Enable kubeadm etcd mode
Uses cert commands from kubeadm experimental control plane to
enable non-master nodes to obtain etcd certs.
Related story: PROD-29434
Change-Id: Idafa1d223e5c6ceadf819b6f9c06adf4c4f74178
* Add validation checks and exclude calico kdd mode
Change-Id: Ic234f5e71261d33191376e70d438f9f6d35f358c
* Move etcd mode test to ubuntu flannel HA job
Change-Id: I9af6fd80a1bbb1692ab10d6da095eb368f6bc732
* rename etcd_mode to etcd_kubeadm_enabled
Change-Id: Ib196d6c8a52f48cae370b026f7687ff9ca69c172
2019-06-20 11:12:51 -07:00
MarkusTeufelberger
73c2ff17dd
Fix Ansible-lint error [E502] ( #4743 )
2019-05-16 00:27:43 -07:00
MarkusTeufelberger
e67f848abc
ansible-lint: add spaces around variables [E206] ( #4699 )
2019-05-02 14:24:21 -07:00
Stas
50bdaa573c
Apply etcd_extra_vars to etcd-events.env as well. ( #4219 )
...
This change ensures that etcd_extra_vars variable applies
to events etcd as well.
2019-05-02 12:24:27 -07:00
Christoffer Anselm
dcd9c9509b
Add etcd role dependency on kube user to avoid etcd role failure when running scale.yml with a fresh node. ( #3240 ) ( #4479 )
2019-04-30 04:01:36 -07:00
Andreas Krüger
38af93b60c
Remove rkt support ( #4671 )
2019-04-29 01:14:20 -07:00
gitareest
6ca2019002
Fix issue with etcd arm host installation case ( #4589 )
...
Use host_architecture variable.
2019-04-25 04:58:47 -07:00
Attilio Greco
6243467856
remove duble check for run this task just one time ( #4613 )
2019-04-24 05:38:01 -07:00
Matthew Mosesohn
fc072300ea
Purge legacy cleanup tasks from older than 1 year ( #4450 )
...
We don't need to support upgrades from 2 year old installs,
just from the last major version.
Also changed most retried tasks to 1s delay instead of longer.
2019-04-24 00:08:05 -07:00
MarkusTeufelberger
a65605b17a
ansible-lint: Don't use bare variables ( #4608 )
...
Circumvented one false positive from ansible-lint
Moved a block of jinja magic into its own variable
2019-04-23 22:20:00 -07:00
MarkusTeufelberger
424e59805f
ansible-lint: Fix commands that are also available as module ( #4619 )
2019-04-23 22:18:00 -07:00
Qasim Sarfraz
0a3cf1a087
Fix CA cert environment variable for ectd v3 ( #4381 )
2019-03-28 00:18:43 -07:00
Matthew Mosesohn
acbf3db233
Remove hard dependence on facts for all nodes ( #4304 )
...
* Remove hard dependence on facts for all nodes
* Update main.yaml
* Update main.yaml
2019-03-05 03:04:39 -08:00
Ganesh Maharaj Mahalingam
73aee004ac
Enable ClearLinux as a distro in kubespray ( #3855 )
...
Signed-off-by: Ganesh Maharaj Mahalingam <ganesh.mahalingam@intel.com>
2018-12-18 01:39:25 -08:00
Andrey Zhelnin
1712314fab
Setting host_architecture var ( #3846 )
...
Setting host_architecture to allow etcd upgrade working through: ansible-playbook -b -i inventory/sample/hosts.ini cluster.yml --tags=etcd (on other case host_architecture is missing)
2018-12-07 05:41:30 -08:00
Chad Swenson
145687a48e
Reduce log spam of verbose tasks ( #3806 )
...
Added a loop_control label to a few tasks that flood our logs.
2018-12-04 10:35:44 -08:00
Zohar Mamedov
af5e05d08d
etcd_log_package_levels for /etc/etcd.env ( #3700 )
2018-11-16 23:59:40 -08:00
Antoine Legrand
3dcb914607
Remove Vault ( #3684 )
...
* Remove Vault
* Remove reference to 'kargo' in the doc
* change check order
2018-11-10 08:51:24 -08:00
Bily Zhang
b2b421840c
Fix some typos ( #3690 )
...
Signed-off-by: mooncake <xcoder@tenxcloud.com>
2018-11-10 15:53:58 +01:00
ankitcharolia
9c83551a0e
add certificate authority file ( #3433 )
2018-11-02 08:27:53 -07:00
Matthew Mosesohn
bc74a37696
Calculate etcd client cert serial for appropriate groups ( #3605 )
...
Standalone etcd nodes do not generate node-$hostname certs and do
not need this serial calculated.
2018-11-01 05:50:26 -07:00
Bart Laarhoven
0acb823d96
Distribute node etcd certificates like it's done in kubernetes/secrets ( #3486 )
...
* do it like in kubernetes/secrets
* fix indentation
* processed comments
* missed one, sorry
* trailing space fix
2018-10-29 11:45:32 +01:00
Erwan Miran
b4e2b85745
Replace shell with command in order to allow the task to fail when openssl x509 does return zero ( #3516 )
2018-10-15 23:48:12 -07:00
Erwan Miran
fcd8d850dc
Fix ansible syntax to avoid ansible warnings (again) ( #3509 )
...
* Fix ansible syntax to avoid ansible warnings (again)
* warn: false on tar -cfz
* wrong placement of warn:false
2018-10-15 23:47:04 -07:00
Erwan Miran
2ab2f3a0a3
Ability to define SSL certificates duration and SSL key size ( #3482 )
...
* Ability to specify ssl certificate duration and ssl key size - etcd/secrets
* Ability to specify ssl certificate duration and ssl key size - helm/contiv + fix contiv missing copy certs generation script
2018-10-09 04:43:30 -07:00
刘旭
145e5c8943
use copy and slurp module ( #3313 )
2018-09-27 02:12:02 -07:00
rongzhang
84c4c7dc82
Use synchronize module
2018-09-16 20:36:44 +08:00
Matthew Mosesohn
aaa9a4efac
Ensure vault file permissions are correct
2018-09-10 12:04:04 +03:00
k8s-ci-robot
db11394711
Merge pull request #3200 from pablodav/feature/k8s_win_v1.11
...
Required support to start working on windows node support
2018-09-03 04:51:23 -07:00
Pablo Estigarribia
7cbe3c2171
ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version
...
ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version
remove empty when line
ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version
force kubeadm upgrade due to failure without --force flag
ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version
added nodeSelector to have compatibility with hybrid cluster with win nodes, also fix for download with missing container type
fixes in syntax and LF for newline in files
fix on yamllint check
ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version
some cleanup for innecesary lines
remove conditions for nodeselector
2018-09-02 12:47:06 -03:00
k8s-ci-robot
6e7100f283
Merge pull request #3208 from mirwan/etcd_ha_doc_n_cleaning
...
Add documentation about having HA for etcd
2018-08-31 08:06:05 -07:00
Erwan Miran
82a28d6bb3
Add documentation about having HA for etcd
2018-08-31 14:40:25 +02:00
Antoine Legrand
da06c8e5a9
etcd UNSUPPORTED for all arch
2018-08-31 13:45:08 +02:00
Antoine Legrand
19268ded23
Fix some arm64 errors
2018-08-31 13:45:08 +02:00
Antoine Legrand
f67933d2ac
add ETCD_UNSUPPORTED_ARCH=arm64 flag
2018-08-31 13:45:08 +02:00
Takashi Okamoto
359009bb05
Download etcd and hyperkube binary.
2018-08-28 01:24:26 +00:00
Vasilis Remmas
b61eb7d7f3
Add ETCD_QUOTA_BACKEND_BYTES environment variable
2018-08-24 12:17:34 +02:00
Aivars Sterns
1567a977c3
Revert "gen_certs_script: refactor using stdin (Ansible 2.4+)"
2018-08-24 12:35:31 +03:00
Tatsuyuki Ishi
69786b2d16
gen_certs_script: refactor using stdin (Ansible 2.4+)
2018-08-23 11:19:17 +09:00
Antoine Legrand
e51c5dc0a6
Merge pull request #3123 from mathieuherbert/until-restart-etcd
...
add until option for etcd backup commands
2018-08-17 22:09:08 +02:00
Sergey Bondarev
ce6854e726
add version to environment file
...
Trigger reboot handler when version upgrade during update script
2018-08-17 17:25:35 +03:00
Mathieu Herbert
59d89a37cc
add until option for etcd backup commands
2018-08-17 11:05:57 +02:00
Matthew Mosesohn
97e0de7e29
Fix vault file owner issues and k8s apiserver cert creation ( #2985 )
...
apiserver cert should be created only once
2018-07-11 14:58:02 +03:00
Matthew Mosesohn
5c617c5a8b
Add tags to deploy components by --tags option ( #2960 )
...
* Add tags for cert serial tasks
This will help facilitate tag-based deployment of specific components.
* fixup kubernetes node
2018-07-06 09:12:13 +03:00