bobahspb
16961f69f2
Merge branch 'master' into master
2018-03-31 21:48:39 +03:00
Andreas Krüger
b9b028a735
Update etcd deployment to use correct cert and key ( #2572 )
...
* Update etcd deployment to use correct cert and key
* Update to use admin cert for etcdctl commands
* Update handler to use admin cert too
2018-03-31 14:06:09 -04:00
Wong Hoi Sing Edison
5fe144aa0f
ingress-nginx: container download related things should defined in the download role
2018-04-01 00:22:33 +08:00
Andreas Krüger
5b0da4279f
Merge pull request #2543 from hswong3i/cert-manager-0.2.3
...
Integrate jetstack/cert-manager 0.2.3 to Kubespray
2018-03-31 18:15:25 +02:00
Andreas Krüger
1ac978b8fa
Merge pull request #2567 from mirwan/node_labels_doc_plus_kube_ingress_handling
...
node_labels documentation and kube-ingress label definition as role_node_label
2018-03-31 18:05:52 +02:00
Wong Hoi Sing Edison
195d6d791a
Integrate jetstack/cert-manager 0.2.3 to Kubespray
2018-03-31 19:29:11 +08:00
avoidik
aa301c31d1
Move credential checks into proper folder
2018-03-31 13:29:00 +03:00
Andreas Krüger
d9418b1dc4
Merge pull request #2554 from georgejdli/fix-sa-token-signing
...
Fix kubespray's ServiceAccount token signing keys
2018-03-31 09:59:22 +02:00
Andreas Krüger
2c89a02db3
Only download container/file if host is in defined group ( #2565 )
...
* Only download container/file if host is in defined group
* Set correct when clause
* Fix last entries
* Update download groups
2018-03-30 22:40:01 -04:00
Chad Swenson
0ca08e03af
Merge pull request #2566 from woopstar/etcd-fix-2
...
Fix etcd from import task to include task
2018-03-30 20:53:32 -04:00
avoidik
15efdf0c16
Move credential checks
2018-03-31 03:26:37 +03:00
avoidik
ab8760cc83
Move credentials pre-check
2018-03-31 03:24:57 +03:00
avoidik
b6da596ec1
Move default configuration parameters for cloud-config
2018-03-31 03:18:23 +03:00
avoidik
3c12c6beb3
Move cloud config configurations to proper location
2018-03-31 02:59:59 +03:00
Erwan Miran
8ece922ef0
node_labels documentation + kube-ingress label handling as role_node_label
2018-03-31 00:36:11 +02:00
Andreas Krüger
887a468d32
Merge pull request #2562 from avoidik/fix-indexes-pr-2251
...
Fix kubecert_node.results indexes
2018-03-31 00:16:11 +02:00
woopstar
859a7f32fb
Fix import task. Has to be include task to evalutate etcd_cluster_setup variable at run time
2018-03-31 00:06:34 +02:00
Andreas Krüger
1f28764ca1
Merge pull request #2512 from woopstar/hyperkube-fix-1
...
Switch hyperkube from CoreOS to Google
2018-03-30 21:58:03 +02:00
Andreas Krüger
76cb37d6b5
Merge pull request #2544 from woopstar/cert-fix-2
...
Update openssl.conf to count better and work with Jinja 2.9
2018-03-30 21:57:17 +02:00
Andreas Krüger
7ddd4cd38c
Merge pull request #2561 from rsmitty/no_proxy
...
only set no_proxy if other proxy vars are defined
2018-03-30 21:43:23 +02:00
Andreas Krüger
c1eb975545
Merge pull request #2557 from chenhonggc/vault_health_check_delay
...
Maybe vault health check needs delay
2018-03-30 21:39:15 +02:00
georgejdli
572ab650db
copy dedicated service account token signing key for kubeadm migration
2018-03-30 13:03:32 -05:00
avoidik
72c2a8982b
Fix kubecert_node.results indexes
2018-03-30 17:24:50 +03:00
Spencer Smith
13c57147eb
only set no_proxy if other proxy vars are defined
2018-03-30 09:48:55 -04:00
Matthew Mosesohn
03bcfa7ff5
Stop templating kube-system namespace and creating it ( #2545 )
...
Kubernetes makes this namespace automatically, so there is
no need for kubespray to manage it.
2018-03-30 14:29:13 +03:00
Andreas Kruger
af5f376163
Revert
2018-03-30 11:42:20 +02:00
woopstar
004b0a3fcf
Fix merge conflict
2018-03-30 11:38:59 +02:00
Andreas Kruger
4bb7d2b566
Merge branch 'master' of https://github.com/kubernetes-incubator/kubespray into cert-fix-2
2018-03-30 11:34:05 +02:00
Andreas Krüger
f619eb08b1
Merge pull request #2350 from whereismyjetpack/kubeadm-nodename
...
set nodeName to "{{ inventory_hostname }}" in kubeadm-config
2018-03-30 11:15:52 +02:00
Andreas Krüger
55195fe546
Merge pull request #2500 from gorazio/patch-1
...
Add prometheus annotations to spec in ingress
2018-03-30 11:02:31 +02:00
RongZhang
5711074c5a
Merge pull request #2290 from mirwan/node_labels_from_inventory
...
Node labels definition in kubelet params from inventory
2018-03-30 03:42:52 -05:00
Chen Hong
4a705b3fba
May vault health check needs delay
2018-03-30 16:42:08 +08:00
陈宏
4d85e3765e
remove redundancy code
2018-03-30 09:19:00 +08:00
Vladimir Vasilkin
f0a04b4d65
wait 5 * 4 secs until Tiller starts
2018-03-30 00:09:36 +03:00
Vladimir Vasilkin
760ca1c3a9
adding checking for prometheus_operator_enabled
2018-03-29 23:03:43 +03:00
Vladimir Vasilkin
23b3833806
running on the first master only.
2018-03-29 22:51:46 +03:00
Kuldip Madnani
daeeae1a91
Added retries in pre-upgrade.yml and retries while applying kube-dns.yml ( #2553 )
...
* Added retries in pre-upgrade.yml and retries while applying kube-dns.yml
* Removed trailing spaces
2018-03-29 11:37:32 -05:00
georgejdli
c8f857eae4
configure kubespray to sign service account tokens with a dedicated and stable key
2018-03-29 09:50:31 -05:00
Andreas Krüger
270d21f5c1
Merge pull request #2540 from mattymo/cloud_config_timing
...
Write cloud-config during kubelet configuration
2018-03-29 09:12:18 +02:00
Andreas Kruger
bf29198efd
Fix merge conflict
2018-03-29 09:11:13 +02:00
Kuldip Madnani
9ebbf1c3cd
Added a fix in openssl.conf template to check if IP of loadbalncer is available or not.
2018-03-28 16:34:26 -05:00
Chad Swenson
ef7f5edbb3
Remove old docker packages and other docker upgrade fixes ( #2536 )
...
* Remove old docker packages
This removes docker packages that are obsolete if docker-ce packages are to be installed, which fixes some package conflict issues that can occur during upgrades.
* Add support for setting obsoletes=0 when installing docker with yum
2018-03-28 15:10:39 -05:00
woopstar
0b5404b2b7
Fix
2018-03-28 20:28:04 +02:00
Vladimir Vasilkin
19e1b11d98
prometheus operator, metrics for k8s cluster
...
install using Helm:
- Prometheus Operator
- metrics for k8s cluster including: grafana dashboard, alertmanager, node exporters
base project:
https://github.com/coreos/prometheus-operator
the issue:
https://github.com/kubernetes-incubator/kubespray/issues/2042
Previous PR, raw ansible without Helm:
https://github.com/kubernetes-incubator/kubespray/pull/2499
2018-03-28 21:23:30 +03:00
woopstar
0df32b03ca
Update openssl.conf to count better and work with Jinja 2.9
2018-03-28 17:48:56 +02:00
Matthew Mosesohn
72a4223884
Write cloud-config during kubelet configuration
...
This file should only be updated during kubelet upgrade so that
master components are not accidentally restarted first during
preinstall stage.
2018-03-28 16:26:36 +03:00
Andreas Krüger
03117d9572
Merge pull request #2488 from LuckySB/ingress-nginx-node-role
...
Dedicated node for ingress nginx controller
2018-03-28 14:07:40 +02:00
Wong Hoi Sing Edison
848fc323db
Fixup for #2523 :
...
- Rename template for /etc/cni/net.d/00-weave.conflist to 00-weave.conflist.j2
- Apply resources requests/limits to both container weave and weave-npc
2018-03-28 11:16:42 +08:00
Brad Beam
015ea62e92
Merge pull request #2262 from tmjd/calico-canal-v2-6-7
...
Update Calico and Canal
2018-03-27 21:07:28 -05:00
Andreas Krüger
2ca7087018
Merge pull request #2524 from avoidik/systemd_user_kubelet
...
Set exact user for Kubelet services
2018-03-27 16:41:10 +02:00
Andreas Krüger
d665f14682
Merge pull request #2526 from mzehrer/patch-1
...
Remove kibana_base_url
2018-03-27 12:40:31 +02:00
avoidik
e375678674
Set exact user for Kubelet services
2018-03-27 11:13:52 +03:00
Sergey Bondarev
4f7479d94d
add etc tunning options
...
https://coreos.com/etcd/docs/latest/tuning.html
etcd_snapshot_count
and
ionice priority
2018-03-26 17:25:51 +03:00
Michael Zehrer
b8d1652baf
Remove kibana_base_url
...
The default for kibana_base_url does not make sense an makes kibana unusable. The default path forces a 404 when you try to open kibana in the browser. Not setting kibana_base_url works just fine.
2018-03-25 16:08:07 +02:00
Andreas Krüger
f7dc73b830
Merge pull request #2521 from f84anton/patch-1
...
optional calico_ip_auto_method variable with IP_AUTODETECTION_METHOD
2018-03-24 18:37:03 +01:00
Dann Bohn
1d0415a6cf
fixes typo in kube_override_hostname for kubeadm
2018-03-24 13:29:07 -04:00
Wong Hoi Sing Edison
3f5c60886b
Upgrade Weave to 2.2.1
...
- Fix #2414 , so namespace isolation should now works
- Update weave-net.yml.j2 as per latest https://cloud.weave.works/k8s/net
- Other minor fixup
2018-03-24 17:27:12 +08:00
Anton Fayzrahmanov
a75598b3f4
IP_AUTODETECTION_METHOD docs
2018-03-24 01:54:17 +03:00
Anton Fayzrahmanov
60a057cace
Update calico-node.yml.j2
2018-03-24 01:46:26 +03:00
Anton Fayzrahmanov
dd9d0c0530
optional calico_ip_auto_method variable with IP_AUTODETECTION_METHOD
...
can be set to one of
first-found
can-reach
interface
2018-03-23 16:33:20 +03:00
Dann Bohn
9fa995ac9d
only sets nodeName in kubeadm-config when kube_override_hostname is set
2018-03-23 08:33:25 -04:00
Wong Hoi Sing Edison
caec3de364
Updating to use calico-node v2.6.8
2018-03-22 12:33:04 -05:00
Erik Stidham
60bfc56e8e
Update Calico and Canal
...
- Updating to use calico-node v2.6.7
- A few updates to their manifests too
2018-03-22 12:30:23 -05:00
Wong Hoi Sing Edison
206e24448b
CephFS Provisioner Addon Fixup
2018-03-22 23:03:13 +08:00
Wong Hoi Sing Edison
bb1eb9fec8
Add labels for namespace
2018-03-22 21:33:32 +08:00
Keyvan Hedayati
b0d7115e9b
hswong3i/kubespray#3 : Use {{ cluster_name }} for valid FQDN in REGISTRY_HOST
2018-03-22 21:33:32 +08:00
Wong Hoi Sing Edison
f8ebd08e75
Registry Addon Fixup
2018-03-22 21:33:32 +08:00
Andreas Krüger
30e4b89837
Merge pull request #2504 from brtknr/patch-1
...
Update kube-apiserver.manifest.j2 and kubeadm-config.yaml.j2 to incorporate `endpoint-reconciler-type: lease`
2018-03-22 09:15:55 +01:00
Andreas Krüger
405c711edb
Remove v in tag
2018-03-22 09:07:28 +01:00
Chad Swenson
0e6b4e80f7
Merge pull request #2490 from woopstar/workaround-fix-1
...
Only apply roles from first master node to fix regression
2018-03-21 20:29:59 -05:00
Chad Swenson
9949782e96
Merge pull request #2489 from woopstar/token-fix-1
...
Only copy tokens if tokens_list contains any
2018-03-21 20:28:06 -05:00
Chad Swenson
bbb6e7b3da
Merge pull request #2508 from melkosoft/cilium
...
Cilium v.1.0.0-rc8
2018-03-21 20:25:43 -05:00
Chad Swenson
bc68188209
Merge pull request #2498 from zmsp/master
...
Upgraded kubernetes from 1.9.3 to 1.9.5
2018-03-21 20:25:05 -05:00
woopstar
d3780e181e
Switch hyperkube from CoreOS to Google
2018-03-21 23:27:16 +01:00
Andreas Krüger
2e202051e3
Merge pull request #2364 from whereismyjetpack/default-download
...
set local_release_dir in downloads to match others
2018-03-21 23:16:48 +01:00
Chad Swenson
448c1d5faa
Merge pull request #2509 from chadswen/flannel-update
...
Update flannel version to v0.10.0
2018-03-21 12:15:09 -05:00
Andreas Krüger
ff2b8e5e60
Merge pull request #2503 from woopstar/kubelet-fix-1
...
Fix duplicate --proxy-client-cert-file and --proxy-client-key-file
2018-03-21 10:03:31 +01:00
Erwan Miran
8b71ef8ceb
Labels from role (node-role.k8s.io/node) and labels from inventory are merged into node-labels parameter in kubelet
2018-03-21 09:19:05 +01:00
mirwan
ee8f678010
Addition of the .creds extension to the credentials files generated by password lookup in order for Ansible not to consider them as inventory files with inventory_ignore_extensions set accordingly ( #2446 )
2018-03-21 10:50:32 +03:00
Chad Swenson
a6b918c1a1
Merge pull request #2485 from LuckySB/flannel_iface_regexp
...
Add --iface-regex options to flannel
2018-03-20 21:18:01 -05:00
Chad Swenson
c025ab4eb4
Update flannel version to v0.10.0
2018-03-20 19:59:51 -05:00
melkosoft
ae30009fbc
changed version to 1.0.0-rc8
2018-03-20 14:18:56 -07:00
melkosoft
158d775306
changed cilium to 1.0.0-rc7. Set CI to use coreos for cilium test
2018-03-20 12:43:26 -07:00
woopstar
9d540165c0
Set kube_api_aggregator_routing to default false as we use kube-proxy
2018-03-20 16:28:05 +01:00
Bharat Kunwar
13e47e73c8
Update kubeadm-config.yaml.j2
...
As requested
2018-03-20 13:33:36 +00:00
Bharat Kunwar
d2fd7b7462
Update kube-apiserver.manifest.j2
2018-03-20 12:19:53 +00:00
Bharat Kunwar
d9453f323b
Update kube-apiserver.manifest.j2
2018-03-20 12:16:35 +00:00
Bharat Kunwar
b787b76c6c
Update kube-apiserver.manifest.j2
...
Ensure that kube-apiserver will respond even if one of the nodes are down.
2018-03-20 12:06:34 +00:00
woopstar
a94a407a43
Fix duplicate --proxy-client-cert-file and --proxy-client-key-file
2018-03-20 12:08:36 +01:00
gorazio
96e46c4209
bump after CLA signing
2018-03-20 10:23:50 +03:00
gorazio
aa30fa8009
Add prometheus annotations to spec in ingress
...
Added annotations from metadata to spec.template.metadata. Without it, pod does not get any annotations, and Prometheus didn't see it
2018-03-20 08:47:36 +03:00
Zobair Shahadat
ebfee51aca
Upgraded kubernetes from 1.9.3 to 1.9.5
2018-03-19 15:42:24 -04:00
Andreas Holmsten
14ac7d797b
Rotate local-volume-provisioner token
...
When tokens need to rotate, include local-volume-provisioner
2018-03-19 13:04:18 +01:00
Andreas Krüger
f253691a68
Merge pull request #2347 from hswong3i/multiple_artifacts_dir
...
Support multiple artifacts under individual inventory directory
2018-03-19 12:45:55 +01:00
Sergey Bondarev
038da7255f
check if group kube-ingress is not empty
...
fix spelling mistaker ingress_nginx_host_network
set default value for ingress_nginx_host_network: false
2018-03-19 12:59:38 +03:00
woopstar
f1d2f84043
Only apply roles from first master node to fix regression
2018-03-18 16:15:01 +01:00
woopstar
b9a949820a
Only copy tokens if tokens_list contains any
2018-03-18 08:42:38 +01:00
Andreas Krüger
50e5f0d28b
Merge pull request #2468 from LuckySB/master
...
change expirations period for generated certificate from 10y to 100 years
2018-03-17 19:43:40 +01:00
Sergey Bondarev
1481f7d64b
Dedicated node for ingress nginx controller
...
The ability to create dedicated node for ingress nginx controller
host type network for nginx controller
and add from example https://github.com/kubernetes/ingress-nginx/blob/master/docs/examples/static-ip/nginx-ingress-controller.yaml
terminationGracePeriodSeconds: 60
2018-03-17 02:54:46 +03:00
Chad Swenson
7d33650019
Merge pull request #2462 from woopstar/coredns-patch
...
Add CoreDNS support
2018-03-16 18:33:36 -05:00