Matthew Mosesohn
1e1dfe2cab
restart scheduler and controller-manager too
2017-03-27 13:51:35 +03:00
Matthew Mosesohn
51985ab9de
Change wait for dnsmasq to skip if there are no kube-nodes in play
...
Also changed unnecessary delay to a max timeout (now defaulting to 1s sleep
between tries)
Also rename play_hosts to ansible_play_hosts
2017-03-21 18:55:22 +03:00
Matthew Mosesohn
ad03f3ac84
Merge branch 'master' into idempotency2
2017-03-16 09:29:43 +03:00
Matthew Mosesohn
fad22bae97
More idempotency fixes
...
Fixed sync_tokens fact
Fixed sync_certs for k8s tokens fact
Disabled register docker images changability
Fixed CNI dir permission
Fix idempotency for etcd pre upgrade checks
2017-03-15 19:06:39 +03:00
Vincent Schwarzer
ea1f072c7e
Granular authentication Control
...
It is now possible to deactivate selected authentication methods
(basic auth, token auth) inside the cluster by adding
removing the required arguments to the Kube API Server and generating
the secrets accordingly.
The x509 authentification is currently not optional because disabling it
would affect the kubectl clients deployed on the master nodes.
2017-03-14 16:57:35 +01:00
Matthew Mosesohn
ccbdf6ec49
Sync master tokens only with those in play_hosts
2016-10-21 14:43:41 +03:00
Smana
ae5ff890d4
fix flannel deployment, remove docker bridge before restarting
2016-05-13 18:10:00 +02:00
Smana
4f627baf71
generate secrets on first master
2016-05-07 21:08:29 +02:00
