mervynzhang
a8dfcbbfc7
Switch /root references to ansible_env.HOME ( #4842 )
...
* kube config dir for current/ansible become user
* remove extra /
* fix default value
2019-06-06 02:06:11 -07:00
Andreas Krüger
818aa7aeb1
Set dnsPolicy to ClusterFirstWithHostNet when hostNetwork is true ( #4843 )
2019-06-05 03:17:55 -07:00
Toni Pokki
54416cabfd
prefer_udp for upstream dns servers ( #4810 )
2019-06-04 23:27:55 -07:00
Andreas Krüger
7423932510
Add ready plugin for CoreDNS ( #4817 )
2019-05-28 06:47:56 -07:00
André R. de Miranda
0ef3a7914c
Added pod psp in Rancher Local Path Provisioner ( #4385 )
...
* Added pod psp in Rancher Local Path Provisioner
Added pod security policy (psp) in Rancher Local Path Provisioner.
Signed-off-by: André R. de Miranda <andre@miranda.work>
* Apply psp for Rancher Local Path Provisioner only when local_path_provisioner_namespace is not kube-system and also reorganized the templates
2019-05-22 00:16:08 -07:00
André R. de Miranda
4bc204925a
Error in nginx when starting registry-proxy ( #4785 )
...
Error starting nginx because in requiredDropCapabilities is dropped all capabilities.
The nginx requires the following capabilities:
- CHOWN
- SETGID
- SETUID
Signed-off-by: André R. de Miranda <andre@miranda.work>
2019-05-20 11:27:15 -07:00
MarkusTeufelberger
73c2ff17dd
Fix Ansible-lint error [E502] ( #4743 )
2019-05-16 00:27:43 -07:00
Aleksey Kasatkin
14749df6f3
Fix "netchecker-server" ClusterRole ( #4730 )
...
* Add sha256 hashes for calicoctl v3.6.1
Hashes are added to calicoctl_binary_checksums for both adm and arm platforms.
* Add rules for "network-checker.ext" resource to "netchecker-server" ClusterRole
So that it could access the resource after it is created.
Corresponding issues:
https://github.com/Mirantis/k8s-netchecker-server/issues/125
https://github.com/kubernetes-sigs/kubespray/issues/3281
2019-05-09 01:30:49 -07:00
Andreas Krüger
8a5eae94ea
Minor cleanups of CoreDNS issues and CI job ( #4719 )
...
* Minor cleanups
* Add comment in docs that nodelocaldns cache is enabled by default
2019-05-07 13:20:36 -07:00
MarkusTeufelberger
e67f848abc
ansible-lint: add spaces around variables [E206] ( #4699 )
2019-05-02 14:24:21 -07:00
Youngchul Bang
fbba259933
ingress-nginx: enable --report-node-internal-ip-address flag ( #4114 )
...
Close #4113
2019-04-29 01:44:22 -07:00
Matthew Mosesohn
741de6051c
Fix nodeselectors for contiv and nginx-ingress ( #4662 )
...
* Fix nodeselectors for contiv and nginx-ingress
Change-Id: Ib3eb6bd87193c69a90ee944c9164a0b6792c79ba
* Set kube proxy mode to iptables for addons task
Change-Id: Iff71a71f672405c74b4708c71db15ddc4391a53a
2019-04-28 23:36:19 -07:00
MarkusTeufelberger
88d919337e
ansible-lint: don't compare to empty string [E602] ( #4665 )
2019-04-28 23:00:20 -07:00
Andreas Krüger
3722acee85
Fix broken metrics-server deployment not starting ( #4651 )
...
* Fix metrics-server deployment
* Make metrics server work
* Fix sample inventory
2019-04-26 00:44:26 -07:00
grialeyur
82119ca923
Add support calico kubernetes datastore and typha. ( #4498 )
...
* Add support calico kubernetes datastore and typha.
* Add typha_enabled to kubespray-defaults.
2019-04-25 05:00:48 -07:00
Matthew Mosesohn
fc072300ea
Purge legacy cleanup tasks from older than 1 year ( #4450 )
...
We don't need to support upgrades from 2 year old installs,
just from the last major version.
Also changed most retried tasks to 1s delay instead of longer.
2019-04-24 00:08:05 -07:00
MarkusTeufelberger
424e59805f
ansible-lint: Fix commands that are also available as module ( #4619 )
2019-04-23 22:18:00 -07:00
Andreas Krüger
d588532c9b
Update probe timeouts, delays etc. ( #4612 )
...
* Fix merge conflict
* Add check delay
* Add more liveness and readiness options to metrics-server
2019-04-23 14:46:02 -07:00
Matthew Mosesohn
d89ecb8308
disable metrics server and fix terraform ( #4617 )
...
* disable metrics server in centos7-flannel-addons job
Change-Id: I1d87923547584896f64dda9ea8feb5581ad48cbe
* Fix tf facility->facilities syntax
Change-Id: I434bfe53f47e8e4a546890e0b62d24bde6e6d6a7
* Update Terraform CI for facilities
* Fix undefined variable error
2019-04-23 12:06:03 -07:00
Maxime Guyot
50751bb610
Revert "Optimize kube resources creation ( #4572 )" ( #4621 )
...
This reverts commit f8fdc0cd93
.
2019-04-23 20:37:23 +03:00
andreyshestakov
f8fdc0cd93
Optimize kube resources creation ( #4572 )
2019-04-22 23:34:10 -07:00
Andreas Krüger
656633f784
YAMLLint everything ( #4576 )
2019-04-18 23:59:54 -07:00
Victor Morales
c6586829de
Ensure /etc/bash_completion.d/ folder exists ( #4543 )
...
The Stateless ClearLinux feature[1] requires the creation of folders
in /etc folder. This change ensure the existence of the
/etc/bash_completion.d/ folder for ClearLinux Distribution.
[1] https://clearlinux.org/features/stateless
2019-04-18 02:24:10 -07:00
Maxime Guyot
37eac010c8
ansible-lint: Don’t compare to literal True/False ( #4499 )
2019-04-17 08:42:03 -07:00
Maxime Guyot
ec3daedf9e
Revert "Fix for unknown 'kubernetes.io' or 'k8s.io' labels specified with --node-labels ( #4320 )" ( #4553 )
...
This reverts commit 586ad89d50
.
2019-04-17 07:58:06 -07:00
Jugwan Eom
d83181a2be
add RBD Provisioner Addon ( #3667 ) ( #3668 )
...
Based on the CephFS Provisioner Addon, the following changes have been made:
- Upstream v2.1.1-k8s1.11
- Configurable Provisioner replicas
2019-04-16 23:14:02 -07:00
Maxime Guyot
46ba6a4154
ansible-lint: when lines should not include Jinja2 variables ( #4496 )
2019-04-11 03:06:10 -07:00
Andreas Krüger
15597aa493
Do not force TCP connections to upstreams. ( #4492 )
2019-04-10 12:40:09 -07:00
Neven Miculinic
a30ad1e5a5
Added generic CNI network plugin ( #4322 )
...
* Added generic CNI network plugin
* Added CNI network plugin documentation
* added necessary fix
2019-04-10 04:16:15 -07:00
Robert Neumann
586ad89d50
Fix for unknown 'kubernetes.io' or 'k8s.io' labels specified with --node-labels ( #4320 )
...
* Fix the file path for all.yml and k8s-cluster.yml
* Fix --node-labels namespace error "unknown labels specified"
* Update templates and configs kubelet node-labels
2019-04-10 04:14:12 -07:00
Sidharth Anupkrishnan
6caa639243
Update CoreDNS label as specified in the kubernetes coredns repository ( #3920 )
2019-04-10 04:12:13 -07:00
Andreas Krüger
4d39c1856e
Fix jinja filters ( #4470 )
2019-04-09 02:19:06 -07:00
Xinghong Fang
d711a0c83f
[nodelocaldns] expand tolerations on the daemonset ( #4451 )
2019-04-08 02:24:26 -07:00
Victor Morales
7e4f4a96fc
Replace iteritems() to items() in Jinja2 templates ( #4437 )
...
The iteritems() dictionary's method has been removed in Python3. Using
this method in Jinja2 templates limits the execution to Python2 which
will be deprecated in 2020[1]. This change replaces that method for
the items() method as it's suggested in the official website[2].
[1] https://pythonclock.org/
[2] https://docs.ansible.com/ansible/latest/user_guide/playbooks_python_version.html#dict-iteritems
2019-04-08 00:32:26 -07:00
Xavi
20b12751af
add Cinder allowVolumeExpansion option ( #4415 )
2019-04-04 02:36:50 -07:00
Andreas Krüger
7a72e567d5
Update CoreDNS to 1.4.0 ( #4422 )
...
* Update CoreDNS to 1.4.0
* Update readme to reflect CoreDNS update
2019-04-04 00:40:50 -07:00
Andreas Krüger
3c050be0b0
Update nodelocaldns cache settings ( #4423 )
2019-04-04 00:38:51 -07:00
Andreas Krüger
41e684eb5a
Update DNS Autoscaler to 1.4.0 ( #4425 )
...
* Update DNS Autoscaler
* Update downloads too
* Fix yamllint
* Fix yamllint
2019-04-04 00:36:51 -07:00
Matthew Mosesohn
5f12b7aedf
Remove kubedns and dnsmasq. Move dns_late phase after apps ( #4406 )
...
Both kubedns and dnsmasq modes are long not maintained.
We should run dns_late steps at the end because sshd
makes DNS lookups during Ansible run and has 2s timeouts
for each failed lookup trying to connect to coredns before
it is ready.
2019-04-01 12:32:34 -07:00
Stefan Prietl
2fb27c8521
Use static files in KubeDNS templating task ( #4379 )
...
This commit adapts the "Lay Down KubeDNS Template" task to use the static
files moved by pull request [1]
[1] https://github.com/kubernetes-sigs/kubespray/pull/4341
2019-03-28 06:26:43 -07:00
Matthew Mosesohn
6d7f3c4405
Reduce jinja2 filters in coredns templates ( #4390 )
2019-03-26 11:09:17 -07:00
Matthew Mosesohn
b7fd462944
Fix support for ansible 2.7.9 ( #4375 )
2019-03-20 11:29:42 -07:00
Matthew Mosesohn
150a969cf4
Forcefully delete pods when necessary ( #4328 )
...
Pods on down/unresponsive nodes can't be deleted without
--force --grace-period=0.
Fixes #4314
2019-03-14 07:45:46 -07:00
Manuel Cintron
3c4cbf133e
Adding ability to override dashboard replica count ( #4344 )
2019-03-13 13:58:25 -07:00
Matthew Mosesohn
fd2c47b56a
Move most coredns templates to static files ( #4341 )
...
* Move most coredns templates to static files
This should speed up the task slightly
* yaml lint fixes
2019-03-12 21:17:31 -07:00
Matthew Mosesohn
4fe61968cf
Set default value for local_path_provisioner_enabled in role ( #4309 )
2019-02-28 05:36:08 -08:00
Peter Metz
26ca58419f
feat(external-provisioner): adds support for local-path-provisioner ( #4232 )
...
* feat(external-provisioner/local-path-provisioner): adds support for local path provisioner
Helpful for local development but also in production workloads (once the
permission model is worked out) where you have redundancy built into the
software uses the PVCs (e.g. database cluster with synchronous
replication)
* feat(local-path-provisioner): adds debug flag, image tag group var
* fix(local-path-provisioner): moves image repo/tag to download role
* test(gce_centos7-flannel): enables local-path-provisioner in test case
* fix(addons): add image repo/tag to commented default values
* fix(local-path-provisioner): typo in jinja template for local path provisioner
* style(local-path-provisioner): debug flag condition re-formatted
* fix(local-path-provisioner): adds missing default value for debug flag
* fix(local-path-provisioner): syntax fix for debug if condition end
* fix(local-path-provisioner): jinja template syntax: if condition white space
2019-02-25 22:45:30 -08:00
hikoz
3d25b4dfc1
30MiB for gpu-device-plugin ( #4227 )
...
* 30MiB for gpu-device-plugin
* use vars for easier configuration
2019-02-25 20:03:53 -08:00
Vasilis Remmas
81801ce23b
Add master toleration flag in dashboard deployment ( #4290 )
2019-02-25 19:34:47 -08:00
Matthew Mosesohn
4638acfe81
Retry applying podsecurity policies ( #4279 )
2019-02-24 22:50:55 -08:00