C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
3697 commits 17 branches 66 tags 141 MiB
Commit graph

1046 commits

Author SHA1 Message Date
mlushpenko 8e95974930 Fix ports for kubeadm client and master configs for ha setups 2018-09-01 18:02:52 +02:00
Erwan Miran 059cd17b47 Fix target hosts generation when /etc/hosts does not contain 127.0.0.1 or ::1 2018-08-31 16:33:18 +02:00
Antoine Legrand 247b9e83d8 etcd arch-image 2018-08-31 13:45:08 +02:00
Antoine Legrand 9c2098b8fa fix kubelet_max_pod assert 2018-08-31 13:45:08 +02:00
Antoine Legrand 48c0c8d854 Update dir list 2018-08-31 13:45:08 +02:00
rongzhang 2609ec0dc3 Fix copy etcd-ssl-ca failed 2018-08-31 15:06:03 +08:00
rongzhang 16fc22a207 Fix ipvs by kubeadm v1alpha1 2018-08-30 23:04:57 +08:00
k8s-ci-robot d9ea937493
Merge pull request #3187 from mirwan/kubeadm-config_syntax 
Fix kubeadm-config for audit-log-path and feature-gates
 2018-08-30 06:55:43 -07:00
rongzhang 35e5adaf0a Fix kubeadm v1alpha1 configure 2018-08-30 17:44:00 +08:00
k8s-ci-robot 4feb62f6bf
Merge pull request #3193 from riverzhang/fix-lb-kubeadm 
Fix kubeadm lb
 2018-08-29 04:22:40 -07:00
k8s-ci-robot 3bfda55fca
Merge pull request #3061 from okamototk/crio 
cri-o support
 2018-08-29 03:48:40 -07:00
rongzhang 9eade647e6 Fix kubeadm lb 2018-08-29 18:29:24 +08:00
Phill Garrett 1babbcca85
Fix elif azure statement 2018-08-28 15:43:03 +01:00
Phill Garrett f325d13082 Add azure-container-registry-config for Azure 
Seperated out KUBELET_CLOUDPROVIDER env var assignment when cloud_provider equals azure
Appended azure-container-registry-config parameter
 2018-08-28 10:23:25 +00:00
Erwan Miran 52ab54eeea Fix missing quotes for audit-log-path and wrong placement of feature-gates 2018-08-28 09:05:57 +02:00
Takashi Okamoto d407a590a6 container_manager variable to specify runtime. 2018-08-28 06:23:38 +00:00
Takashi Okamoto 5eb805f098 Change timeout for kubeadm 600s. 
* kubeadm timeout is too short and it may interrupt by timeout.
 2018-08-28 04:51:38 +00:00
Takashi Okamoto 236f066635 kubeadm cri-o support. 2018-08-28 02:24:45 +00:00
Takashi Okamoto 5ab8a712d9 Add download_container flag to avoid docker pull when use cri-o. 2018-08-28 01:24:26 +00:00
Takashi Okamoto cf7b9cfeef Support crio in kubelet service. 2018-08-28 01:24:26 +00:00
Takashi Okamoto 6090af29e7 Add cri-o role. 2018-08-28 01:24:26 +00:00
Takashi Okamoto 359009bb05 Download etcd and hyperkube binary. 2018-08-28 01:24:26 +00:00
Takashi Okamoto bdbfa4d403 Add ipvs support for kubeadm 1.10 or later. 2018-08-28 01:24:26 +00:00
Takashi Okamoto 6849788ebc Fix copy ca cert and ca key for kubeadm. 2018-08-28 01:24:25 +00:00
Takashi Okamoto ac639b2a17 Change kubeadm config to run etcd by kubeadm. 2018-08-28 01:24:25 +00:00
Erwan Miran b395bb953f Fix wrong when condition that ends up with jinja error when the content of /etc/hosts contains parenthesis 2018-08-27 21:20:57 +02:00
k8s-ci-robot 7efe287c74
Merge pull request #2474 from mirwan/localhost_in_etc_hosts 
Localhost in hosts files should be updated (if necessary), not overriden
 2018-08-27 06:25:43 -07:00
k8s-ci-robot d43cd9a24c
Merge pull request #3104 from maxbrunet/hotfix/replace-local_actions 
Use delegate_to: localhost instead of local_action
 2018-08-27 02:50:42 -07:00
guenhter fff48d24ea Replace the raw rsync command with the synchronize module 2018-08-27 10:00:21 +02:00
Maxime Brunet 33135f2ada k8s/preinstall: Turn AND condition into a list 2018-08-25 14:33:31 -04:00
k8s-ci-robot f97515352b
Merge pull request #3161 from nutellinoit/kube_proxy_nodeport_addresses 
--nodeport-addresses added on kube-proxy.manifest.j2 and on k8s-cluster.yml
 2018-08-25 02:00:19 -07:00
Erwan Miran 1432e511a2 same work with less lines 2018-08-24 14:06:07 +02:00
Samuele Chiocca cb8be37f72 fix on v1alpha1 2018-08-24 11:19:06 +02:00
Samuele Chiocca e5dd4e1e70 added on v1alpha1 2018-08-24 10:59:06 +02:00
Antoine Legrand 4882531c29
Merge pull request #3115 from oracle/oracle_oci_controller 
Cloud provider support for OCI (Oracle Cloud Infrastructure)
 2018-08-23 18:22:45 +02:00
rongzhang 7b61a0eff0 Fix kubeadm LB configure 
1. join node add LB discoveryTokenAPIServers
2. kubeadm_config_api_fqdn support ipddress and domain_name
 2018-08-23 22:22:34 +08:00
Aivars Sterns 23fd3461bc calico upgrade to v3 (#3086) 
* calico upgrade to v3

* update calico_rr version

* add missing file

* change contents of main.yml as it was left old version

* enable network policy by default

* remove unneeded task

* Fix kubelet calico settings

* fix when statement

* switch back to node-kubeconfig.yaml
 2018-08-23 17:17:18 +03:00
Rong Zhang f453567cce
Merge pull request #3144 from riverzhang/fix-audit-log 
Fix install audit failed
 2018-08-23 14:41:37 +08:00
rongzhang 5a4352657d Fix install audit failed 
1.fix audit log not write
2.fix Parameter not recognized
3.delete kubedm futuregates auditing and use apiServerExtraArgs
 2018-08-23 01:47:15 +08:00
Samuele Chiocca f13bc796d9 added nodePortAddresses on kubeadm conf v1alpha2 (not present on v1alpha1) 2018-08-22 18:43:03 +02:00
Erwan Miran 80cfeea957 psp, roles and rbs for PodSecurityPolicy when podsecuritypolicy_enabled is true 2018-08-22 18:16:13 +02:00
Samuele Chiocca 5d9908c2c3 --nodeport-addresses added on kube-proxy.manifest.j2 
Changed author
 2018-08-22 15:32:07 +02:00
Erwan Miran a7b0c454db Localhost in hosts files should be updated (if necessary), not overriden 2018-08-22 12:10:49 +02:00
Jeff Bornemann 94df70be98 Cloud provider support for OCI (Oracle Cloud Infrastructure) 
Signed-off-by: Jeff Bornemann <jeff.bornemann@oracle.com>
 2018-08-21 17:36:42 -04:00
Mark Eisenblaetter 0c0a2138d9 allow '.' in hostnames 
we use FQDN as inventory_hostname
 2018-08-21 08:24:33 +02:00
Jonathan Craig 5bf152886b add support for openstack trust to cloud provider config 2018-08-20 12:51:25 -04:00
Andreas Krüger 497db69c9f
Merge pull request #3130 from riverzhang/add-control-plane 
Add kubeadm controlplaneEndpoint
 2018-08-20 10:43:50 +02:00
Andreas Krüger c7de737551
Merge pull request #3133 from mirwan/auditlog_to_stdout_w_kubeadm 
Audit log to stdout with kubeadm
 2018-08-20 10:43:22 +02:00
Erwan Miran fc38b6d0ca Ability to define custom audit polcy rules 2018-08-20 07:04:56 +02:00
Erwan Miran c34900e569 Define apiserver flags directly instead of relying on auditPolicy section in order to have the ability to redirect audit log to stdout with kubeadm 2018-08-20 07:00:53 +02:00
Rong Zhang 855f2a55cb
Merge pull request #3135 from ishitatsuyuki/patch-1 
Add bad hostname preflight check
 2018-08-20 12:08:02 +08:00
Rong Zhang fd16f77e20
Merge pull request #3017 from seungkyua/fix_kubeadm_client_conf 
Fix kubeadm client conf
 2018-08-20 10:51:02 +08:00
Tatsuyuki Ishi 3eef8dc8d0 Add bad hostname preflight check 
Hostname must be a valid DNS name, which is checked as https://github.com/kubernetes/apimachinery/blob/master/pkg/util/validation/validation.go#L115

The situation I have encountered is that my hostname contained underscore which is disallowed and apiserver refused to start.
 2018-08-20 09:09:00 +09:00
rongzhang 59176ebbb9 Add kubeadm controlplaneEndpoint 
Nginx LB(default)
Other LB by kubeadm controlplane
 2018-08-20 00:57:13 +08:00
rongzhang b421d0ed5b Fix install nss 2018-08-20 00:07:31 +08:00
Rong Zhang fb309ca446
Merge pull request #3128 from riverzhang/delete-kubeadm 
Remove unused configuration
 2018-08-19 10:01:33 +08:00
rongzhang 095ccef8bd Remove unused configuration 2018-08-19 01:23:20 +08:00
Rong Zhang 0df969ad19
Merge pull request #3117 from mirwan/audit_usecases 
Audit support improvement
 2018-08-19 01:13:22 +08:00
Antoine Legrand ac49bbb336
Merge pull request #2168 from xd007/docker_arm64 
fix docker opts incompatible running on aarch64 Redhat/Centos
 2018-08-17 16:24:07 +02:00
Antoine Legrand 7a0f0126f7
Merge pull request #1295 from xuhuilong/master 
fix curl get calico status error ( error in tls version, centos 7.3 1611)
 2018-08-17 14:29:01 +02:00
Seungkyu Ahn 29894293eb Fix kubeadm client conf 
Fix DiscoveryTokenCACertHashes key to discoveryTokenCACertHashes in kubeadm-client.conf
 2018-08-17 04:40:08 +00:00
Jonathan Craig 4d783fff0d resolve issues with new cacert feature 2018-08-16 23:31:21 -04:00
Antoine Legrand 58ee5f1cc9
Merge pull request #3089 from mattymo/cloudconfig 
Remove erroneous cloud-config task
 2018-08-16 16:17:01 +02:00
Erwan Miran 54548d3b95 kubeadm mounts the hostpaths itself 2018-08-16 13:17:30 +02:00
Erwan Miran 58d4d65fab minor variable fix and reuse + handle auditlog redirected to stdout 2018-08-16 12:51:09 +02:00
rongzhang 2ffc1afe40 Support audit 2018-08-16 14:38:07 +08:00
Maxime Brunet 70b28288a3 Use delegate_to: localhost instead of local_action 
Allow to use `ansible_become: true` (#2969)
And set it to `false` for `localhost` with an `host_var`
 2018-08-14 10:08:43 -04:00
Rong Zhang a11e1eba9e Upgrade kubernetes to V1.11.x (#3078) 
Upgrade Kubernetes to V1.11.2
The kubeadm configuration file version has been upgraded from v1alpha1 to v1alpha2
Add bootstrap kubeadm-config.yaml with external etcd
 2018-08-14 15:13:44 +03:00
Matthew Mosesohn 581a30fdec Remove erroneous cloud-config task 2018-08-10 15:59:18 +03:00
Andreas Krüger d8e77600e2
Merge pull request #3066 from luisyonaldo/fix-conditional 
fix bad conditional
 2018-08-10 10:38:52 +02:00
Luis Nuñez fd380615a0 fix bad conditional 2018-08-09 10:20:45 +02:00
Robert Everson 4eadf3228e Only add admission plugins if defined 2018-08-07 11:25:03 -07:00
Robert Everson 99c5aa5a02 Use k8s default plugin list 2018-08-07 11:25:03 -07:00
Robert Everson 6ed65d762b Separate out plugins into 2 variables 2018-08-07 11:25:03 -07:00
Robert Everson ac18f6cf8b Add support for admission controllers in 1.10 and above 2018-08-07 11:25:03 -07:00
Rong Zhang e71f261935
Merge pull request #3068 from riverzhang/swap 
Enable swap
 2018-08-07 21:29:41 +08:00
rongzhang b902602d16 Enable swap 2018-08-07 21:13:12 +08:00
Rong Zhang c288ffc55d
Merge pull request #2342 from southquist/add-ca-cert 
allow for setting the cacert on openstack cloud provider
 2018-08-07 17:46:01 +08:00
Rong Zhang 9075dbdd3c
Merge pull request #2875 from bradbeam/movault 
Adding cluster_name to api cert alt name for vault
 2018-08-07 17:36:04 +08:00
Rong Zhang 3d19e03294
Merge pull request #3015 from podnov/kube_proxy_healthz_bind_address 
Variablize kube_proxy_healthz_bind_address
 2018-08-07 17:10:33 +08:00
rongzhang ac644ed049 Fix yaml roles error 2018-08-05 18:48:07 +08:00
woosley.xu 72074f283b set local for growpart part 2 2018-07-31 06:56:09 +08:00
woosley.xu a5db3dbea9 set locale for growpart 2018-07-31 06:52:56 +08:00
Seungkyu Ahn 0366600b45 Remove double slash 
Even without this PR, the operation works well.
However, it is better to use a single slash rather than
a double slash in the path.
 2018-07-20 07:34:33 +00:00
Evan Zeimet 6a4ce96b7d Variablize kube_proxy_healthz_bind_address 
This fixes #3014
 2018-07-19 14:19:09 -05:00
Takashi Okamoto 37ccf7e405 Fixed kubectl path. 2018-07-13 15:32:08 +00:00
Matthew Mosesohn 97e0de7e29
Fix vault file owner issues and k8s apiserver cert creation (#2985) 
apiserver cert should be created only once
 2018-07-11 14:58:02 +03:00
Rong Zhang cf445fd4fe
Merge pull request #2930 from alvistack/ingress-nginx-0.16.1 
ingress-nginx: Upgrade to 0.16.2
 2018-07-10 14:42:37 +08:00
Aivars Sterns 72f053d9bb
Merge pull request #2972 from mattymo/force_cni_cp 
Force copy cni files
 2018-07-10 09:40:10 +03:00
Wong Hoi Sing Edison a0defefb3f ingress-nginx: Upgrade to 0.16.2 
ingress-nginx 0.16.2 (https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.16.2)

This patch simplify ingress-nginx deployment by default deploy on
master, with customizable options; on the other hand, remove the
additional Ansible group "kube-ingress" and its k8s node label
injection.

Reference to https://kubernetes.io/docs/concepts/services-networking/ingress/#prerequisites:

    GCE/Google Kubernetes Engine deploys an ingress controller on the master.

By changing `ingress_nginx_nodeselector` plus custom k8s node
label, user could customize the DaemonSet deployment target.

If `ingress_nginx_nodeselector` is empty, will deploy DaemonSet on
every k8s node.
 2018-07-10 12:26:06 +08:00
Dao Hoang Son d306c9708c Remove step that force disable kube_basic_auth. 
The referenced issue (https://github.com/kubernetes/kubeadm/issues/441) has already been fixed.
 2018-07-08 16:57:43 +07:00
Matthew Mosesohn 1a3b9dd864 Force copy cni files 2018-07-06 16:39:42 +03:00
Matthew Mosesohn 5c617c5a8b
Add tags to deploy components by --tags option (#2960) 
* Add tags for cert serial tasks

This will help facilitate tag-based deployment of specific components.

* fixup kubernetes node
 2018-07-06 09:12:13 +03:00
Aivars Sterns 4092f96dd8
Merge pull request #2946 from Miouge1/remove-pid-predicate 
CheckNodePIDPressure is not supported in v1.10
 2018-07-04 18:30:19 +03:00
Matthew Mosesohn c20196f9a0
Remove modprobe binary from kubelet rkt deployment (#2917) 2018-07-02 15:37:24 +03:00
Miouge1 2a279e30b0 CheckNodePIDPressure is not supported in v1.10 2018-06-28 20:10:38 +02:00
southquist c685dc493f allow for setting the cacert on openstack cloud provider 2018-06-28 16:00:13 +02:00
Yumo Yang 6c2f169ea2 update test-pr2 (#2911) 2018-06-22 13:22:26 +03:00
Rong Zhang 1aee6ec371
Merge pull request #2903 from riverzhang/swap 
Add manage swap on the worker node
 2018-06-21 22:20:23 +08:00
rongzhang 3232e2743e Add manage swap on the worker node 2018-06-21 08:15:01 +00:00