Commit graph

1855 commits

Author SHA1 Message Date
Aivars Sterns
4b4786f75d
Merge pull request #2381 from vikas027/inventory_fixes
Replaced ansible_ssh_host with ansible_host in sample inventory file and fixed usage of bastion
2018-04-16 10:06:19 +03:00
Matthew Mosesohn
02cd5418c2
Weave limits (#2660)
* Raise limits for weave

* Adjust weave limits
2018-04-15 18:32:49 +03:00
Matthew Mosesohn
49e3665d96
Remove prometheus operator from Kubespray (#2658)
Kubespray should not install any helm charts. This is a task
that a user should do on his/her own through ansible or another
tool. It opens the door to wrapping installation of any helm
chart.
2018-04-13 18:53:39 +03:00
Matthew Mosesohn
e95ba800ea
Define local volume provisioner dirs in defaults (#2656) 2018-04-13 17:23:10 +03:00
Aivars Sterns
5d9bb300d7
Merge pull request #2646 from Atoms/fix-sync-container
move when condition to main.yml
2018-04-13 09:10:21 +03:00
Matthew Mosesohn
f73717ea35
Mount local volume provisioner dirs for containerized kubelet (#2648) 2018-04-12 22:55:13 +03:00
Aivars Sterns
1967963702
Merge pull request #2380 from hwoarang/add-opensuse-support
Add openSUSE support
2018-04-12 20:28:50 +03:00
Chad Swenson
d87b6fd9f3 Use dedicated front-proxy-ca for front-proxy-client 2018-04-12 11:03:22 -05:00
Chad Swenson
a6a47dbc96
Merge pull request #2617 from bradbeam/savaultcert
Adding missing service-account certificate for vault
2018-04-12 11:02:24 -05:00
Matthew Mosesohn
61791bbb3d Remove condition for docker pull when using download delegate 2018-04-12 19:01:13 +03:00
Aivars Sterns
298c6cb790
Merge pull request #2633 from grebois/patch-3
Enabling MutatingAdmissionWebhook for Istio Automatic sidecar injection
2018-04-12 11:53:58 +03:00
Matthew Mosesohn
3fa7468d54 Copy ca-key.pem to etcd and kube-masters accordingly 2018-04-12 10:17:54 +03:00
Markos Chandras
02bf742e15 roles: rkt: Add support for SUSE distributions
The RPM file that's provided by upstream can be used for SUSE
distributions as well. Moreover we simplify the playbook to use
the 'package' module to install packages across different distros.

Link: https://github.com/rkt/rkt/pull/3904
2018-04-11 20:55:20 +01:00
Markos Chandras
d07f75b389 roles: kubernetes: secrets: Add SUSE support
Add path for certificate location for SUSE distributions. Also make sure
the 'update-ca-certificates' command is executed on SUSE hosts as well.
2018-04-11 20:55:02 +01:00
Markos Chandras
2d34781259 roles: etcd: Add support for SUSE distributions
Add path for certificate location for SUSE distributions. Also make sure
the 'update-ca-certificates' command is executed on SUSE hosts as well.
2018-04-11 20:53:43 +01:00
Markos Chandras
cdb63a8c49 roles: docker: Ensure service is started if docker is already installed
If the 'docker' package is already installed, then the handlers will not
run and the service will not be (re-)started. As such, lets make sure
that the service is started even if the packages are already installed.
2018-04-11 17:46:14 +01:00
Markos Chandras
44a0626fc8 roles: docker: Add support for SUSE distributions
Add support for installing Docker on SUSE distributions. The Docker
repository at https://yum.dockerproject.org/repo/main/ does not support
recent openSUSE distributions so the only alternative is to use the
packages from the distro repositories. This however renders the
'docker_version' Ansible variable useless on SUSE.
2018-04-11 17:46:14 +01:00
Nirmoy Das
45eac53ec7 roles: kubernetes: preinstall: Install openssl-1.1.0 on Tumbleweed
The openssl package on Tumbleweed is actually a virtual package covering
openssl-1.0.0 and openssl-1.1.0 implementations. It defaults to 1.1.0 so
when trying to install it and openssl-1.0.0 is installed, zypper fails
with conflicts. As such, lets explicitly pull the package that we need
which also updates the virtual one.

Co-authored-by: Markos Chandras <mchandras@suse.de>
2018-04-11 17:46:14 +01:00
Markos Chandras
e42203a13e roles: kubernetes: preinstall: Add SUSE support
Add support for installing package dependencies and refreshing metadata
on SUSE distributions

Co-authored-by: Nirmoy Das <ndas@suse.de>
2018-04-11 17:46:14 +01:00
Nirmoy Das
4ba25326ed roles: bootstrap-os: Use 'hostname' command on Tumbleweed
openSUSE Tumbleweed is having the same problems with CoreOS when it
comes to using the hostname ansible module (#1588, #1600) so we need
to apply a similar workaround.

Co-authored-by: Markos Chandras <mchandras@suse.de>
Link: http://bugzilla.opensuse.org/show_bug.cgi?id=997614
2018-04-11 17:46:14 +01:00
Markos Chandras
dca4777347 roles: bootstrap-os: Add support for SUSE distributions
Install some required packages when running on SUSE distributions.
2018-04-11 17:46:14 +01:00
Atoms
6c954df636 move when condition to main.yml 2018-04-11 12:05:33 +03:00
Marcelo Grebois
88765f62e6
Updating order
https://kubernetes.io/docs/admin/admission-controllers/#is-there-a-recommended-set-of-admission-controllers-to-use
2018-04-10 17:17:39 +02:00
Robin Skahjem-Eriksen
0f35e17e23 Fix new envvar for setting openstack_tenant_id (#2641)
Changed from OS_PROJECT_ID to OS_PROJECT_NAME.
2018-04-10 17:23:31 +03:00
Brad Beam
77b3f9bb97 Removing default for volume-plugins mountpoint (#2618)
All checks test if this is defined meaning there is no way to undefine it.
2018-04-10 17:19:25 +03:00
Matthew Mosesohn
45f15bf753
Revert "Fix new envvar for setting openstack_tenant_id" (#2640) 2018-04-10 14:37:24 +03:00
Aivars Sterns
913cc5a9af
Merge pull request #2639 from ironhouzi/openstack_tenant_id_fix
Fix new envvar for setting openstack_tenant_id
2018-04-10 14:35:28 +03:00
Aivars Sterns
a46acfcdd8
Merge pull request #2627 from mattymo/no_more_do_do
Remove jinja2 dependency of do
2018-04-10 14:32:29 +03:00
Robin Skahjem-Eriksen
0c0f6b755d Fix new envvar for setting openstack_tenant_id
Changed from OS_PROJECT_ID to OS_PROJECT_NAME.
2018-04-10 13:30:48 +02:00
Vikas Kumar
94eb18b3d9 Replaced ansible_ssh_host with ansible_host in sample inventory file as the former is deprecated since Ansible v2.0
Fixed the reference of ansible_user in kubespray-defaults role

References:
 - http://docs.ansible.com/ansible/latest/intro_inventory.html
2018-04-10 15:21:40 +10:00
Marcelo Grebois
4c12b273ac
Enabling MutatingAdmissionWebhook for Istio Automatic sidecar injection
https://istio.io/docs/setup/kubernetes/sidecar-injection.html#automatic-sidecar-injection
2018-04-09 12:49:05 +02:00
Atoms
b68854f79d fix kubectl download location and kubectl.sh helper owner/group remove 2018-04-09 13:19:26 +03:00
Matthew Mosesohn
f954bc0a5a Remove jinja2 dependency of do
While `do` looks cleaner, forcing this extra option in ansible.cfg
seems to be more invasive. It would be better to keep the traditional
approach of `set dummy = ` instead.
2018-04-09 12:27:53 +03:00
rongzhang
66b61866cd Fix check docker error for atomic
Fix issues #2611
2018-04-08 17:53:16 +08:00
Brad Beam
dfc46f02d7 Adding missing service-account certificate for vault
Missed in #2554
2018-04-06 15:29:52 -05:00
Daniel Hoherd
ca40d51bc6 Fix typos (no logic changes) 2018-04-05 15:54:58 -07:00
Chen Hong
973e7372b4 content: | 2018-04-04 23:05:27 +08:00
Chen Hong
b54e091886 Persist ip_vs modules 2018-04-04 18:18:51 +08:00
Andreas Krüger
6c220e4e4b
Merge pull request #2495 from holmsten/rotate-provisioner-token
Rotate local-volume-provisioner token
2018-04-04 10:21:12 +02:00
Andreas Krüger
2511e14289
Merge pull request #2346 from Miouge1/kube-scheduler-mode
Use legacy policy config to apply the scheduler policy
2018-04-04 10:20:51 +02:00
Andreas Krüger
0f5ea5474c
Merge pull request #2593 from vterdunov/fix-check-vsphere_cloud_provider
Properly check vsphere_cloud_provider.rc
2018-04-03 20:35:59 +02:00
Andreas Krüger
6567b8e012
Merge pull request #2590 from hswong3i/istio-download
istio: container download related things should defined in the download role
2018-04-03 13:57:43 +02:00
Wong Hoi Sing Edison
428a554ddb istio: container download related things should defined in the download role 2018-04-03 14:29:50 +08:00
Xiaoxi He
32f4194cf8 Bump ingress-nginx-controller to version 0.12.0 2018-04-03 10:39:17 +08:00
georgejdli
76bb5f8d75 check if dedicated service account token signing key exists 2018-04-02 10:57:24 -05:00
vterdunov
4b98537f79
Properly check vsphere_cloud_provider.rc 2018-04-02 18:45:42 +03:00
Andreas Krüger
cac2196ad5
Merge pull request #2575 from hswong3i/local-volume-provisioner-download
local-volume-provisioner: container download related things should defined in the download role
2018-04-02 10:32:43 +02:00
Andreas Krüger
ba24fe3226
Merge pull request #2570 from avoidik/transfer-cloud-configs
Move cloud config configurations to proper location
2018-04-02 10:31:38 +02:00
Matthew Mosesohn
3004791c64
Add pre-upgrade task for moving credentials file (#2394)
* Add pre-upgrade task for moving credentials file

This reverts commit 7ef9f4dfdd.

* add python interpreter workaround for localhost
2018-04-02 11:19:23 +03:00
Wong Hoi Sing Edison
b1a7889ff5 local-volume-provisioner: container download related things should defined in the download role 2018-04-02 13:50:11 +08:00