Anthony Haussmann
550bda951e
Change method to set use_hyperkube_cni var bool
...
The precedent method returb a string "True\n" or "False\n", it seems to be an Ansible bug.
New method return a boolean
2016-09-27 16:41:09 +02:00
Smaine Kahlouch
6b27508c93
Merge pull request #519 from bogdando/fix_containers_download
...
Fix containers download condition
2016-09-27 15:23:50 +02:00
Bogdan Dobrelya
5fd43b7cf0
Allow subdomains of dns_domain and fix kubelet restarts
...
* Add a var for ndots (default 5) and put it hosts' /etc/resolv.conf.
* Poke kube dns container image to v1.7
* In order to apply changes to kubelet, notify it to
be restarted on changes made to /etc/resolv.conf. Ignore errors as the kubelet
may yet to be present up to the moment of the notification being processed.
* Remove unnecessary kubelet restart for master role as the node role ensures
it is up and running. Notify master static pods waiters for apiserver,
scheduler, controller-manager instead.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-09-27 14:32:49 +02:00
Smana
336e2b8c84
use variable dns_domain instead of cluster_name for kubedns
2016-09-27 14:15:27 +02:00
Bogdan Dobrelya
ee69ac857e
Fix containers download condition
...
Save/push/load containers if only download.enabled and download.container
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-09-27 13:44:29 +02:00
Aleksandr Didenko
6caf5b0ac3
Fix delegate_to expression in download tasks
...
"else omit" is causing problems in this expression. Replacing
it with more strict "inventory_hostname" fixes the issue and
handles `download_run_once` as expected.
Closes issue #514
2016-09-27 11:25:24 +02:00
Smaine Kahlouch
0f461282c8
Merge pull request #507 from anthonyhaussman/KubeDNSCorrection
...
Correct nslookup command
2016-09-26 13:58:00 +02:00
Smaine Kahlouch
5046466dae
Merge pull request #509 from kubespray/cnicopyweave
...
Copy hyperkube CNI plugins when using weave
2016-09-26 13:54:02 +02:00
Matthew Mosesohn
e4a48cf53b
Add Docker 1.12.1 version
2016-09-26 12:16:16 +03:00
Matthew Mosesohn
a3fe1e78df
Copy hyperkube CNI plugins when using weave
2016-09-26 12:02:19 +03:00
Anthony Haussmann
5f2bb3319b
Correct nslookup command
...
Change nslookup command to check the right cluster_name
2016-09-23 17:44:09 +02:00
Bogdan Dobrelya
dfb9063b3f
Fix docs and dns servers placement order
...
- Update docs and a drawing to clarify DNS setup.
- Change order of nameservers placement to match
changes in https://github.com/kubespray/kargo/pull/501
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-09-23 16:16:00 +02:00
Bogdan Dobrelya
82ee60fe8b
Make dnsmasq daemon set optional
...
Change additional dnsmasq opts:
- Adjust caching size and TTL
- Disable resolve conf to not create loops
- Change dnsPolicy to default (similarly to kubedns's dnsmasq). The
ClusterFirst should not be used to not create loops
- Disable negative NXDOMAIN replies to be cached
- Make its very installation as optional step (enabled by default).
If you don't want more than 3 DNS servers, including 1 for K8s, disable
it.
- Add docs and a drawing to clarify DNS setup.
- Fix stdout logs for dnsmasq/kubedns app configs
- Add missed notifies to resolvconf -u handler
- Fix idempotency of resolvconf head file changes
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-09-23 12:59:06 +02:00
Matthew Mosesohn
d313be4420
Improve management of nameservers in resolv.conf
...
Changing nameservers now will clean up previous entries
2016-09-22 18:11:15 +03:00
Özgür Caner
123532d2a4
Changed ImagePullPolicy from Always to IfNotPresent to avoid download issue when DNS is not working
2016-09-20 10:34:44 +02:00
Matthew Mosesohn
a93639650f
Allow calico to configure pool if tree exists, but no pools defined
2016-09-19 15:27:47 +03:00
Smaine Kahlouch
71a230a4fa
Merge pull request #493 from ivan4th/fix-reverse-dns-lookups
...
Fix reverse DNS lookups of service IPs.
2016-09-19 14:20:15 +02:00
Smaine Kahlouch
0643ed968f
Merge pull request #494 from kubespray/etcd_proxy_fix
...
always bind etcd_proxy to localhost
2016-09-19 14:19:55 +02:00
Smaine Kahlouch
1572aaf6ca
Merge pull request #489 from lukaszo/patch-1
...
Add socat do required pkgs
2016-09-19 12:19:46 +02:00
Smaine Kahlouch
5803de1ac5
Merge pull request #486 from kubespray/etchosts
...
switch /etc/hosts to use blockinfile
2016-09-19 12:19:37 +02:00
Ivan Shvedunov
13874f4610
Fix reverse DNS lookups of service IPs.
...
This fixes "DNS should provide DNS for services [Conformance]"
e2e test in k8s.
2016-09-19 09:12:10 +03:00
Matthew Mosesohn
341ea5a6ea
always bind etcd_proxy to localhost
2016-09-18 19:58:15 +04:00
Bogdan Dobrelya
5ed3916f82
Fix use_hyperkube_cni logic
...
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-09-16 13:07:04 +02:00
Bogdan Dobrelya
390764c2b4
Add retry_stagger var for failed download/pushes.
...
* Add the retry_stagger var to tweak push and retry time strategies.
* Add large deployments related docs.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-09-15 16:43:58 +02:00
Bogdan Dobrelya
9926395e5b
Distribute downloaded artifacts
...
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-09-15 16:43:56 +02:00
Bogdan Dobrelya
422428908a
Download containers and save all
...
Move version/repo vars to download role.
Add container to download params, which overrides url/source_url,
if enabled.
Fix networking plugins download depending on kube_network_plugin.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-09-15 16:43:56 +02:00
Matthew Mosesohn
b69d5f6e6e
Fix logic handling for use_hyperkube_cni
2016-09-15 16:09:40 +03:00
Łukasz Oleś
0db441b28f
Add socat do required pkgs
...
It's required for port forwarding.
2016-09-14 21:27:33 +02:00
Matthew Mosesohn
e3ebabc3b0
switch /etc/hosts to use blockinfile
2016-09-14 19:43:33 +03:00
Smaine Kahlouch
b46458a18f
Merge pull request #483 from kubespray/fix_idempotency_kubedns
...
Fix kubedns idempotency
2016-09-14 13:02:02 +02:00
Smaine Kahlouch
125cb0aa64
Merge pull request #481 from bogdando/issue/479
...
Add retries for copying binaries from containers and packages
2016-09-14 10:04:32 +02:00
Bogdan Dobrelya
783871a253
Add retries for packages installation
...
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-09-13 18:12:07 +02:00
Matthew Mosesohn
ef43b21597
Fix kubedns idempotency
...
Removed api-version from kube.py because it is deprecated.
Updating both kube.py because dnsmasq one is actually used.
Fixed name back to kubedns for checking its resource.
2016-09-13 16:49:51 +03:00
Bogdan Dobrelya
6fdcaa1a63
Add retries for copying binaries from containers
...
Closes issue: https://github.com/kubespray/kargo/issues/479
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-09-13 15:09:34 +02:00
Anthony Haussmann
d47a2d03b4
Delete default variable use_hyperkube_cni
...
The variable is now set via a task depending of the version of kube
2016-09-13 14:59:50 +02:00
Anthony Haussmann
739cf59953
Determine hyperkube cni to use
...
Starting from version 1.3.4 of hyperkube, calico is "canalized" which requires flannel and hostonly cni plugins.So we let hyperkube ship necessary cni
2016-09-13 14:58:29 +02:00
Antoine Legrand
2e386dfbdc
Merge pull request #465 from kubespray/freeze_kpm_version
...
Multiple app deploy tools
2016-09-08 22:01:52 +02:00
Antoine Legrand
ccbb2ee3ae
App deployer plugins
2016-09-08 15:01:57 +02:00
Antoine Legrand
eb78ce4c4e
Merge pull request #473 from kubespray/bootsrap
...
Bootstrap
2016-09-08 14:54:08 +02:00
Antoine Legrand
6084e05a6b
Bootstrap os
2016-09-07 20:19:46 +02:00
Özgür Caner
da8a604c4c
Changed apt to apt-get
2016-09-07 20:13:15 +02:00
Özgür Caner
df2b2d7417
Added bootstrap script for Ubuntu 16.04 LTS and later
2016-09-07 20:13:05 +02:00
Brandon B. Jozsa
2606e8e1c8
combine bootstrap options, add xenial support
2016-09-06 10:04:41 -04:00
Matthew Mosesohn
b62de1dcb1
Reset replicacluster name of kube-dns-v19 back to kubedns
...
This broke upgraded clusters
2016-09-06 16:43:17 +03:00
Matthew Mosesohn
b58512bbda
Rename kube-dns back to kubedns
...
kubedns should stay named the same so that services which
depend on this name are not broken.
2016-09-02 15:09:49 +04:00
Spencer Smith
8b91a43576
remove dependency on kpm for kubedns
2016-09-01 10:01:15 -07:00
Bogdan Dobrelya
d240073f65
Fix updating resolvconf
...
Move updating resolvconf to the network restart handler to
ensure changes applied to the /etc/resolv.conf.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-09-01 11:10:26 +02:00
Smaine Kahlouch
69f09e0f18
Merge pull request #461 from kubespray/issue-369
...
Issue 369
2016-08-31 15:09:33 +02:00
Smaine Kahlouch
cca26ae3d7
Merge pull request #458 from kubespray/issue456
...
Remove search and nameserver entries from resolvconf base
2016-08-31 13:15:30 +02:00
Matthew Mosesohn
26a0406669
Disable calicoctl from creating a default pool
...
Sometimes invoking calicoctl to create a pool also
creates a default pool, which causes errors in deploy.
2016-08-31 12:54:05 +03:00
Spencer Smith
a746d63177
ensure docker.service.d exists
2016-08-30 09:34:34 -07:00
Spencer Smith
0fc5e70c18
incorrect file name
2016-08-30 09:26:14 -07:00
Spencer Smith
b74c2f89f0
lay down a systemd dropin instead of the /run/flannel_docker_opts.env symlink
2016-08-30 09:17:41 -07:00
Matthew Mosesohn
33c8d0a1a7
Remove search and nameserver entries from resolvconf base
...
These items conflict when they are provided also in head file
Fixes : #456
2016-08-30 13:14:44 +03:00
Smana
28fbfbbbe7
fix etcd checksum
2016-08-29 19:09:08 +02:00
Smaine Kahlouch
18cdab3671
Merge pull request #449 from kubespray/fixapiserverplugins
...
Remove SecurityContextDeny API plugin
2016-08-29 18:58:53 +02:00
Smaine Kahlouch
311baeed5d
Merge pull request #448 from kubespray/etcdnosync
...
Add --no-sync to etcdctl member list
2016-08-29 18:58:14 +02:00
Matthew Mosesohn
256a4e1f29
Rebase etcd to v3.0.6
...
Fixes #450
2016-08-29 15:31:05 +03:00
Matthew Mosesohn
c50c6672f3
Remove SecurityContextDeny API plugin
...
This is no longer recommended for use since K8s 1.2:
http://kubernetes.io/docs/admin/admission-controllers/#is-there-a-recommended-set-of-plug-ins-to-use
2016-08-29 14:20:28 +03:00
Matthew Mosesohn
1345dd07f7
Add --no-sync to etcdctl member list
...
Fixes #447
2016-08-29 12:51:43 +03:00
Smaine Kahlouch
e83010b739
Merge pull request #445 from kubespray/caliconodechoice
...
Enable customization of calico-node docker image
2016-08-28 09:36:06 +02:00
Smana
d4193bbd22
upgrade weave version to 1.6.1
2016-08-27 16:04:06 +02:00
Matthew Mosesohn
b92404fd0a
Enable customization of calico-node docker image
...
New vars: calico_node_image_repo and claico_node_image_tag
Defaults: calico/node and {{ calico_version }}, respectively
2016-08-27 16:25:39 +04:00
Spencer Smith
82076f90a3
ensure bin dir for coreos before anything else
2016-08-26 13:24:47 -04:00
Bogdan Dobrelya
8168689caa
Refactor roles and hosts
...
Shorten deployment time with:
- Remove redundand roles if duplicated by a dependency and vice versa
- When a member of k8s-cluster, always install docker as a dependency
of the etcd role and drop the docker role from cluster.yaml.
- Drop etcd and node role dependencies from master role as they are
covered by the node role in k8s-cluster group as well. Copy defaults
for master from node role.
- Decouple master, node, secrets roles handlers and vars to be used w/o
cross references.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-08-25 13:27:57 +02:00
Smaine Kahlouch
c71b078c8e
Merge pull request #437 from kubespray/issues/429
...
Fix handler triggering for kubelet restart
2016-08-25 11:33:50 +02:00
Bogdan Dobrelya
caa8efbf86
Fix handler triggering for kubelet restart
...
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-08-25 09:12:25 +02:00
Smaine Kahlouch
bcec5553c5
Merge pull request #434 from kubespray/issue-426
...
Check only for AWS, wrote some docs on actually using AWS
2016-08-24 21:55:57 +02:00
Spencer Smith
4e76bced53
merge with current master, update typos in doc
2016-08-24 09:56:42 -04:00
Spencer Smith
60f263b629
updated to no longer handle gce as cloud-provider. provided aws setup doc
2016-08-24 09:48:32 -04:00
Bogdan Dobrelya
ea57ce7514
Fix resolv.conf search/nameserver
...
* Ensure additional nameserver/search, if defined as vars.
* Don't backup changed dhclient hooks as they are going to be
executed by dhclient as well, which is not what we want.
* For debian OS family only:
- Rename nodnsupdate hook the resolvconf hook to be sourced always
before it.
- Ensure dhclient restarted via network restart to apply the
nodnsupdate hook.
* For rhel OS family, the fix TBD, it doesn't work the same way.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-08-24 15:31:57 +02:00
Smana
346eca5748
Revert "pass cloud provider flag in all cases, not just openstack"
...
This reverts commit f35e5e864f
.
2016-08-24 14:32:54 +02:00
Smana
643b28f9d3
Revert "Fix resolv.conf search/nameserver"
...
This reverts commit 977f82c32c
.
2016-08-24 12:36:25 +02:00
Smaine Kahlouch
1938c96239
Merge pull request #420 from bogdando/collect_info
...
Adjust collect-info playbook
2016-08-24 10:06:30 +02:00
Spencer Smith
f35e5e864f
pass cloud provider flag in all cases, not just openstack
2016-08-23 13:57:32 -04:00
Bogdan Dobrelya
47b4242613
Adjust collect-info playbook
...
Cleanup collected artifacts,
drop unrelated files/commands.
Always install gitinfos script to binaries for external
use.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-08-23 11:28:27 +02:00
Smaine Kahlouch
92c4428cfd
Merge pull request #422 from kubespray/issue-421
...
remove host ca-certs, as they aren't necessary
2016-08-23 10:17:38 +02:00
Bogdan Dobrelya
f61071312a
Fix gen-gitinfos.sh
...
Fix the error gen-gitinfos.sh: 57: [: foo: unexpected operator
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-08-23 10:15:30 +02:00
Spencer Smith
234608433e
remove host ca-certs, as they aren't necessary
2016-08-22 16:09:33 -04:00
Smaine Kahlouch
36b6ae9a3c
Merge pull request #419 from bogdando/fix_322
...
Fix resolv.conf search/nameserver
2016-08-22 13:48:35 +02:00
Bogdan Dobrelya
977f82c32c
Fix resolv.conf search/nameserver
...
Rename nodnsupdate hook the resolvconf hook to be sourced always
before it.
Ensure dhclient restarted via network restart to apply the
nodnsupdate hook.
Ensure additional nameserver/search, if defined as vars.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-08-22 11:53:44 +02:00
Matthew Mosesohn
6f07da9f41
Restart kubelet if launcher changed
...
Fixes #409
2016-08-18 19:00:05 +03:00
Smaine Kahlouch
c6f2102073
Merge pull request #412 from kubespray/optionalkubeletcni
...
Copy hyperkube cni plugins optionally for calico deployment
2016-08-16 14:00:27 +02:00
Matthew Mosesohn
0c953101ff
Fix init scripts for etcd. Fixes #383
...
Fixes Ubuntu 14.04 deployment of etcd.
2016-08-15 14:09:42 +03:00
dis
0fa90ec9e8
Fix resolvconf executable discovery
...
If resolvconf was installed and then removed, the file
/etc/resolvconf/resolv.conf.d/head remains in the filesystem
- change discovery of 'resolvconf' executable to check if it
can be located with 'which resolvconf' command or not.
2016-08-10 17:22:33 +03:00
Matthew Mosesohn
f073ee91ea
Copy hyperkube cni plugins optionally for calico deployment
...
Hyperkube from CoreOS now ships with all binaries required for
calico and flannel (but not weave). It simplifies deployment for
some network plugin scenarios to not download CNI images.
TODO: Optionally disable downloading calico to /opt/cni/bin
2016-08-10 15:35:53 +03:00
Smaine Kahlouch
677c4c4cb6
Merge pull request #404 from bogdando/fix_sunit
...
Fix calico-node service unit
2016-08-08 16:41:28 +02:00
Matthew Mosesohn
e727bd52f1
Add option to disable ipv6 dns lookup
...
New variable disable_ipv6_dns in kubernetes/preinstall.
2016-08-08 13:59:20 +03:00
Bogdan Dobrelya
d2c57142d3
Fix calico-node service unit
...
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-08-08 12:06:32 +02:00
Matthew Mosesohn
acae5d4286
Check dnsmasq on first kube-node
...
kube-masters without kube-node role will not run
kube-proxy, and therefore can't check if dnsmasq
is running.
Fixes #368
2016-08-05 16:55:48 +04:00
Smaine Kahlouch
15aec7cd87
Merge pull request #398 from mattymo/rework_systemd_wait_master
...
Improve systemd handling and stabilize docker
2016-08-03 11:30:14 +02:00
Matthew Mosesohn
e38258381f
Wait for static pods when setting up
...
Fixes #390
2016-08-02 17:56:31 +03:00
Matthew Mosesohn
e8a1c7a53f
Move docker systemd unit creation to docker role
...
Creating the unit using default settings early on
and then changing it during network_plugin section
leads to too many docker restarts and duplicated code.
Reversed Wants= dependence on docker.service so it does not
restart docker when reloading systemd
Consolidated all docker restart handlers.
2016-08-02 17:56:24 +03:00
Matthew Mosesohn
5bf9b5345e
Add future docker versions
...
Default version is still unchanged, but added docker versions 1.11 and 1.12
2016-08-02 12:35:05 +03:00
Bogdan Dobrelya
2af71f31b4
Rework systemd service units
...
* Add for docker system units:
ExecReload=/bin/kill -s HUP $MAINPID
Delegate=yes
KillMode=process.
* Add missed DOCKER_OPTIONS for calico/weave docker systemd unit.
* Change Requires= to a less strict and non-faily Wants=, add missing
Wants= for After=.
* Align wants/after in a wat if Wants=foo, After= has foo as well.
* Make wants/after docker.service to ask for the docker.socket as well.
* Move "docker rm -f" commands from ExecStartPre= to ExecStopPost=.
hooks to ensure non-destructive start attempts issued by Wants=.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-08-02 10:55:42 +02:00
Matthew Mosesohn
c7fef6cb76
Fix weave deployment task names
2016-07-30 23:12:41 +04:00
Antoine Legrand
6a7308d5c7
Merge pull request #372 from adidenko/calico-ipip-support
...
Support --ipip option for calico pool
2016-07-29 08:05:00 -07:00
Antoine Legrand
4419662fa0
Merge pull request #330 from jonbec/master
...
Add settable flannel image tag & image repo
2016-07-29 08:02:18 -07:00
Matthew Mosesohn
5668e5f767
Fix etcd restart and handler systemd tasks
...
Changed Wants=docker.service to docker.socket
Renamed handlers for reloading systemd to contain role in task name.
2016-07-29 16:32:35 +03:00
Aleksandr Didenko
c52c5f5056
Add run_once to define calico pool task name
2016-07-27 15:55:41 +02:00
Matthew Mosesohn
90fc407420
Fix etcd user for etcd-proxy service
...
Only affects sys V OSes (Ubuntu 14.04)
Fixes ##383
2016-07-27 11:54:47 +03:00
Antoine Legrand
9fb391fed5
Merge pull request #381 from kubespray/fixetcdstandalone
...
Fix etcd standalone deployment
2016-07-26 16:04:26 -07:00
Antoine Legrand
fbc55da2bf
Merge pull request #378 from bogdando/issues/26
...
Add HA/LB endpoints for kube-apiserver
2016-07-26 16:03:31 -07:00
Matthew Mosesohn
1b1f5f22d4
Fix etcd standalone deployment
...
etcd facts are generated in kubernetes/preinstall, so etcd nodes need
to be evaluated first before the rest of the deployment.
Moved several directory facts from kubernetes/node to
kubernetes/preinstall because they are not backward dependent.
2016-07-26 18:15:06 +03:00
Bogdan Dobrelya
731d32afda
Add HA/LB endpoints for kube-apiserver
...
* Add HA docs for API server.
* Add auto-evaluated internal endpoints and clarify the loadbalancer_apiserver
vars and usecases.
* Use facts for kube_apiserver to not repeat code and enable LB endpoints use.
* Use /healthz check for the wait-for apiserver.
* Use the single endpoint for kubelet instead of the list of apiservers
* Specify kube_apiserver_count to for HA layout
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-07-25 17:25:45 +02:00
Matthew Mosesohn
b4688701ea
Copy kubectl from docker container
...
Nearly the last stage of source all components to containers.
Kubectl will be called from hyperkube image.
Remaining tasks:
* Move kube_version variable to kubernetes/preinstall
* Drop placeholder download.nothing requirement
2016-07-25 18:17:59 +03:00
Matthew Mosesohn
d0a1e15ef3
Deploy kubelet and kube-apiserver as containers
...
kubelet via docker
kube-apiserver as a static pod
Fixed etcd service start to be more tolerant of slow start.
Workaround for kube_version to stay in download role, but not
download an files by creating a new "nothing" download entry.
2016-07-22 16:42:34 +03:00
Matthew Mosesohn
7f212ca9cb
Revert "Add HA/LB endpoints for kube-apiserver"
...
This reverts commit a70c3b661e
.
2016-07-22 13:54:38 +03:00
Antoine Legrand
296eccd238
Merge pull request #361 from bogdando/issue/26_p2
...
Add HA/LB endpoints for kube-apiserver
2016-07-21 14:43:53 +02:00
Aleksandr Didenko
f94eb0b997
Support --ipip option for calico pool
...
Adds new boolean configuration variable for calico network plugin
`ipip`. When it's enabled calico pool is created with '--ipip'
option (IP-over-IP encapsulation across hosts).
Also refactor pool creation tasks to simplify logic and make tasks
more readable.
2016-07-21 13:05:40 +02:00
Bogdan Dobrelya
a70c3b661e
Add HA/LB endpoints for kube-apiserver
...
* Add auto-evaluated internal endpoints and clarify the loadbalancer_apiserver
vars and usecases.
* Add loadbalancer_apiserver_localhost (default false). If enabled, override
the external LB and expect localhost:443/8080 to be new internal only frontends.
* Add kube_apiserver_multiaccess to ignore loadbalancers, and make clients
to access the apiservers as a comma-separated list of access_ip/ip/ansible ip
(a default mode). When disabled, allow clients to use the given loadbalancers.
* Define connections security mode for kube controllers, schedulers, proxies.
It is insecure be default, which is the current deployment choice.
* Rework the groups['kube-master'][0] hardcode defining the apiserver
endpoints.
* Improve grouping of vars and add facts for kube_apiserver.
* Define kube_apiserver_insecure_bind_address as a fact, add more
facts for ease of use.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-07-21 11:05:03 +02:00
mattymo
8141b72d5e
Merge branch 'master' into etcddockerdefault
2016-07-20 19:16:47 +03:00
Antoine Legrand
277c5d74cc
Merge pull request #367 from bogdando/set_facts
...
Fix set_facts visibility
2016-07-20 18:00:15 +02:00
Matthew Mosesohn
7a86b6c73e
Set default etcd deployment to docker
...
Improved docker reload command to wait for etcd to be
up before proceeding. Switched reload to run restart
because it can't reload if it is not guaranteed to be
in running state.
2016-07-20 18:26:16 +03:00
Bogdan Dobrelya
a76e5dbb11
Fix set_facts visibility
...
Move set_facts to the preinstall scope, so every role
may see it. For example, network plugins to see the etcd_endpoint.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-07-20 11:41:09 +02:00
Matthew Mosesohn
c3e5aac18e
Add variable kube_resolv_conf
...
Allow configuration of a custom /etc/resolv.conf for kubelet.
2016-07-20 11:57:47 +03:00
Bogdan Dobrelya
32cd6e99b2
Add etcd proxy support
...
* Enforce a etcd-proxy role to a k8s-cluster group members. This
provides an HA layout for all of the k8s cluster internal clients.
* Proxies to be run on each node in the group as a separate etcd
instances with a readwrite proxy mode and listen the given endpoint,
which is either the access_ip:2379 or the localhost:2379.
* A notion for the 'kube_etcd_multiaccess' is: ignore endpoints and
loadbalancers and use the etcd members IPs as a comma-separated
list. Otherwise, clients shall use the local endpoint provided by a
etcd-proxy instances on each etcd node. A Netwroking plugins always
use that access mode.
* Fix apiserver's etcd servers args to use the etcd_access_endpoint.
* Fix networking plugins flannel/calico to use the etcd_endpoint.
* Fix name env var for non masters to be set as well.
* Fix etcd_client_url was not used anywhere and other etcd_* facts
evaluation was duplicated in a few places.
* Define proxy modes only in the env file, if not a master. Del
an automatic proxy mode decisions for etcd nodes in init/unit scripts.
* Use Wants= instead of Requires= as "This is the recommended way to
hook start-up of one unit to the start-up of another unit"
* Make apiserver/calico Wants= etcd-proxy to keep it always up
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
Co-authored-by: Matthew Mosesohn <mmosesohn@mirantis.com>
2016-07-19 14:09:40 +02:00
Bogdan Dobrelya
0b874e8db2
Fix systemd service unit for etcd
...
See https://github.com/coreos/etcd/issues/4308
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-07-15 16:22:17 +02:00
Smaine Kahlouch
192136df20
Merge pull request #359 from kubespray/fix_351
...
deployment idempotent
2016-07-14 21:34:21 +02:00
Smana
ab8fdba484
deployment idempotent
2016-07-14 21:33:24 +02:00
Smana
dfe7bfd127
use hyperkube coreos image
2016-07-14 21:20:41 +02:00
Smana
a709cd9aa1
use iptables as default proxy mode
2016-07-12 10:20:43 +02:00
Jonathan Beckman
d4dfdf68a6
Add settable flannel image tag & image repo
...
New settings with defaults:
flannel_server_helper_image_repo: "gcr.io/google_containers/"
flannel_server_helper_image_tag: "0.1"
flannel_image_repo: "quay.io/coreos/flannel"
flannel_image_tag: "0.5.5"
2016-07-11 13:18:20 +08:00
Smaine Kahlouch
a5c21ab2e8
Merge pull request #346 from bogdando/issues/345
...
Add hostpath dynamic provisioner for PetSets
2016-07-09 22:43:09 +02:00
Spencer Smith
c9cff5c845
updated admission controllers for >1.2 Kubernetes
2016-07-08 10:04:14 -07:00
Bogdan Dobrelya
da20d9eda4
Add hostpath dynamic provisioner for PetSets
...
Defaults to false. Use with v1.3 only.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-07-08 16:52:39 +02:00
Smaine Kahlouch
83da5d7657
Merge pull request #335 from mattymo/calicoctl
...
Change calicoctl deployment to use container
2016-07-07 21:47:40 +02:00
Matthew Mosesohn
b3282cd0bb
Add optional deployment mode for Docker etcd_deployment_type
...
Running etcd in Docker reduces the number of individual file
downloads and services running on the host.
Note: etcd container v3.0.1 moves bindir to /usr/local/bin
Fixes : #298
2016-07-07 19:31:28 +03:00
Smaine Kahlouch
bcd912e854
Merge pull request #337 from blasphemy/add-kubelet-ip
...
Add kubelet ip
2016-07-07 08:05:03 +02:00
Alexandre Bourget
3b7eaf66b6
flanneld: don't redirect logs to an unreadable location, let docker/k8s see
...
and aggregate them.
2016-07-06 16:25:11 -04:00
Daniel Leining
1d148e9755
fix kubelet ip with quotes
2016-07-05 17:23:08 -04:00
Daniel Leining
d84ed1b4b3
make kubelet use "ip" as bind address
2016-07-05 17:14:12 -04:00
Matthew Mosesohn
baf80b7d7e
Change calicoctl deployment to use container
...
Improves upgradability of calicoctl by leveraging docker tags.
2016-07-05 13:49:03 +03:00
Matthew Mosesohn
d2151500b6
Fix kube-apiserver log level syntax
2016-07-05 13:11:45 +03:00
Matthew Mosesohn
b847a43c61
Set hyperkube version to kube_version
2016-07-05 12:43:27 +03:00
Smana
f1ba247844
upgrade to k8s v1.3.0
2016-07-03 14:14:09 +02:00
Smaine Kahlouch
2fa7ee0cf9
Merge pull request #326 from kubespray/upgrade_etcd_v3
...
upgrade to etcd v3.0.1
2016-07-02 14:26:13 +02:00
Smana
40fbb3691d
uprade to etcd v3.0.1
2016-07-02 14:14:32 +02:00
Daniel Leining
72ab34f210
Add --bind-address to kube-apiserver
2016-07-01 18:33:59 -04:00
Smana
85fa3efc06
upgrade kubernetes to v1.2.5
2016-06-29 15:38:33 +02:00
Smana
c4beee38f6
include variables from a distinct file
2016-06-29 14:08:14 +02:00
Smana
247a1a6e6e
change hyperkube repository
2016-06-29 14:07:05 +02:00
Smana
a4396cfca0
use python script to update sha256 sum in the vars
2016-06-29 14:07:01 +02:00
Smana
536454b079
upgrade etcd version to 2.3.7
2016-06-28 12:31:57 +02:00
mattymo
708d2fbd61
Add KUBE_API_INSECURE_BIND to systemd unit file
...
This was missing from commit c4c312c2e6
2016-06-27 13:01:22 +04:00
Matthew Mosesohn
c4c312c2e6
Add configurable option for kube_apiserver_insecure_bind_address
2016-06-24 18:10:01 +03:00
Chris Bell
9e59c74c24
Maintain backwards compatibility with EL6
2016-06-22 09:51:49 -04:00
Chris Bell
d94253ff6a
Modify calico docker.service
2016-06-22 09:44:31 -04:00
Smana
094c2c75f3
upgrade pypy version
2016-06-21 12:11:10 +02:00
Matthew Mosesohn
33d897bcb6
Force install of specified docker version, fixes #295
...
This allows Ubuntu/Debian to downgrade Docker version if
a newer version is installed, instead of failing.
2016-06-17 12:31:55 +03:00
Matthew Mosesohn
153b82a803
Add docker_options to calico networking
2016-06-14 19:33:44 +03:00
Smana
922c6897d1
Install python-pip on first master
2016-06-12 20:44:12 +02:00
ant31
eb6025a184
Add kubedns as default package to install
2016-06-12 18:08:53 +02:00
ant31
c43f9bc705
Add variables to kpm module
2016-06-12 18:02:44 +02:00
ant31
cd2847c1b9
Add kpm role
2016-06-12 18:02:44 +02:00
Smana
8281b98e19
install kpm in order to deploy addons
2016-06-11 21:08:05 +02:00
Smana
7c7adc7198
upgrade calico to v0.20 and calico-cni to v1.3.1
2016-06-09 19:55:12 +02:00
Smana
4a7d8c6fea
clean conditions into docker templates
2016-06-02 21:01:41 +02:00
Smaine Kahlouch
722aacb633
Merge pull request #272 from rustyrobot/fix-etcd-scale-up
...
Add scale-up for etcd cluster
2016-06-01 17:20:04 +02:00
mattymo
68808534b3
Fix order in restart kubelet to fix systemd reload
...
Systemd reload before reload kubelet was failing because its definition was before "restart kubelet". Its definition should be after the notify hook.
2016-05-31 20:09:49 +04:00
Evgeny L
0500f27db8
Scale-up functionality for etcd cluster
...
* Set ETCD_INITIAL_CLUSTER_STATE from `new` to `existing`,
because parameter `new` makes sense only on cluster assembly
stage.
* If cluster exists and current node is not a part
of the cluster, add it with command `etcdctl add member name url`.
Closes kubespray/kargo/#270
2016-05-31 18:23:46 +03:00
Smaine Kahlouch
96a2439c38
Merge pull request #264 from rsmitty/issue-255
...
resolves coreos nodes not setting up docker proxies
2016-05-26 21:55:53 +02:00
Spencer Smith
87757d4fcf
provides initial docker options support
2016-05-25 12:56:45 -04:00
Spencer Smith
492218a3e1
resolves coreos nodes not setting up docker proxies
2016-05-24 12:11:24 -04:00
Spencer Smith
a740e521d2
removed os restriction for coreos
2016-05-24 12:03:16 -04:00
Smaine Kahlouch
bdc183114a
Merge pull request #261 from paulczar/meta_roles_yo
...
turn adduser/download roles into meta roles
2016-05-23 17:29:37 +02:00
Paul Czarkowski
7de87d958e
turn adduser/download roles into meta roles
...
This should make things a little more composable,
by making these roles meta roles that perform no
actions by default we allow each role to own its own
resources.
2016-05-22 17:25:52 -05:00
Paul Czarkowski
c226b4e5cb
fixes issue #258
...
Kubernetes API server has an option:
```
--advertise-address=<nil>: The IP address on which to advertise the apiserver to members of the cluster. This address must be reachable by the rest of the cluster. If blank, the --bind-address will be used. If --bind-address is unspecified, the host's default interface will be used.
```
kargo does not set --bind-address, thus it binds to eth0, in vagrant and similar
environments this causes issues because nodes cannot talk to eachother over eth0.
This sets `--advertise-address` to `ip` if its set, otherwise the default behavior
of is persisted by using `ansible_default_ipv4.address`.
2016-05-22 13:48:16 -05:00
Paul Czarkowski
ba615ff94e
race condition in download role under vagrant
...
using a shared folder can cause race conditions for the download
role as it tries to download files on all the nodes to the same
shared path. This adds a flag to run the tasks in the download
role on just one node.
2016-05-20 17:04:38 -05:00
Paul Czarkowski
d8bebcd201
Fix issue with check_certs playbook
...
check_certs task "Check_certs | Set 'sync_certs' to true" was failing
due to the dict not existing, this sets defaults that allows the
correct behavior of the conditionals.
2016-05-15 17:15:59 -05:00
Smaine Kahlouch
f576d70b3c
Merge pull request #245 from kubespray/fix_flannel_deploy_213
...
fix flannel deployment, remove docker bridge before restarting
2016-05-13 19:54:07 +02:00
Smana
ae5ff890d4
fix flannel deployment, remove docker bridge before restarting
2016-05-13 18:10:00 +02:00
Spencer Smith
f949bfd46c
remove need for baking image to get writeable /opt/bin
2016-05-13 02:48:13 -07:00
Spencer Smith
66d9a6ebbc
updated to use handlers
2016-05-12 12:18:38 -07:00
Spencer Smith
9b8a757526
missed a name update :)
2016-05-12 09:30:11 -07:00
Spencer Smith
a894a8c7bc
Merge branch 'master' into issue-229
2016-05-12 09:10:57 -07:00
Spencer Smith
962155e463
updated names and removed checks for rhel, as we already know we have systemd inside that play
2016-05-12 09:06:31 -07:00
Spencer Smith
c90c981bb2
updated to support all OSes using systemd
2016-05-12 09:03:11 -07:00
Smana
608e7dfab2
upgrade k8s vers, and add a script for future upgrades
2016-05-12 15:56:30 +02:00
Smana
1884d89d3b
fixes the certs issue when masters or not in the kube-node group
2016-05-12 10:07:34 +02:00
Smaine Kahlouch
ed95f9ab81
Merge pull request #232 from rsmitty/issue-231
...
Issue 231: ensure ca.pem makes it to multi-masters
2016-05-11 21:24:04 +02:00
Spencer Smith
9f8466a186
ensure ALL certs are synced between masters
2016-05-11 10:09:13 -07:00
Spencer Smith
743ad0eb5c
s/sync_certs/sync_tokens
2016-05-11 09:38:26 -07:00
Spencer Smith
5253b3ec13
ensure ca.pem makes it to multi-masters
2016-05-11 09:06:08 -07:00
Spencer Smith
ebf8231c9a
only run if proxy variables are added
2016-05-10 15:53:32 -07:00
Spencer Smith
adceaf60e1
support proxies with docker on rhel
2016-05-10 15:49:27 -07:00
Smaine Kahlouch
96c63cc0b6
Merge pull request #227 from paulczar/vagrant
...
Add native Vagrant support
2016-05-09 11:47:07 +02:00
Paul Czarkowski
5f2fa6d76f
revert .gitignore for secrets
2016-05-08 23:46:35 -05:00
Paul Czarkowski
bd064e8094
fix flannel's cross vm networking for vagrant
...
* set flannel backend type to `host-gw`
* set flannel interface to be eth1 ip
2016-05-08 23:42:42 -05:00
Paul Czarkowski
8f4e879ca7
Add native Vagrant support
...
This allows you to simply run `vagrant up` to get a 3 node HA cluster.
* Creates a dynamic inventory and uses the inventory/group_vars/all.yml
* commented lines in inventory.example so that ansible doesn't try to use it.
* added requirements.txt to give easy way to install ansible/ipaddr
* added gitignore files to stop attempts to save unwated files
* changed `Check if kube-system exists` to `failed_when: false` instead of
`ignore_errors`
2016-05-08 10:17:11 -05:00
Smana
4f627baf71
generate secrets on first master
2016-05-07 21:08:29 +02:00
David Reuss
180f2d1fde
Pull correct variable for etcd initial variable
...
This shouldn't use the `inventory_hostname` variable, as that will just yield the same variable, but rather use the `host` which we're looping over.
2016-04-29 14:37:01 +02:00
Antoine Legrand
391b155a98
Merge pull request #216 from cmluciano/cml/fixubuntu
...
Fix ansible dict error on Ubuntu 14.04
2016-04-25 14:54:17 +02:00
Christopher M Luciano
47982ea21c
Use ansible array format instead of dot-notation.
...
This fixes the ansible error ```'dict object' has no attribute
'ansible_default_ipv4'"}```. Closes #215
2016-04-25 08:45:58 -04:00
Smana
97de82bbcc
upgrade weave to v1.5.0 with cni
2016-04-20 17:09:09 +02:00
Smana
928bbeaf0f
upgrade calico v0.19.0, calico-cni v1.2.1
2016-04-19 18:28:45 +02:00
Rob Hirschfeld
107da007b1
Merge branch 'master' into flagfixes12
2016-04-12 18:44:06 -07:00
Rob Hirschfeld
fb980e4542
missed tick in message
...
cosmetic
2016-04-12 18:43:31 -07:00
Rob Hirschfeld
f12ad6a56f
consolidate EPEL change into a single task
...
as per @smana request
2016-04-12 18:41:46 -07:00
Smaine Kahlouch
5691086ba2
Merge pull request #164 from oneswig/master
...
Provide a non-default hostname for CoreOS systems.
2016-04-12 17:18:33 +02:00
Rob Hirschfeld
831a54e9b7
add code to detect if epel is already installed and skip it if it is
...
add option for generic
2016-04-11 16:44:56 -05:00
Smana
3cd89bed45
Kubernetes upgrade to 1.2.2
2016-04-11 12:19:09 +02:00
Smana
48a85ce8f8
use docker repository to install on CentOS
2016-04-11 11:17:14 +02:00
Smana
936927a54f
Fix docker install on rhel7
2016-04-10 22:08:13 +02:00
Smana
5c22133492
fix add nodes to the cluster
2016-04-08 07:45:39 +02:00
Smana
b03093be73
update kubectl bash completion
...
change hyperkube image repository
2016-04-05 15:27:06 +02:00
Smana
bc44d5deb3
upgrade to kubernetes v1.2.1
2016-04-05 12:59:18 +02:00
Smana
850b7466cd
remove deprecation warns and update doc
2016-04-04 10:14:56 +02:00
Stig Telfer
bf96b92def
Merge branch 'master' into coreos-fixes
2016-04-02 21:01:28 +01:00
Stig Telfer
ab21f4d169
Define empty default objects for docker package management.
...
On CoreOS where there is no package management, perform zero-trip
loops instead of throwing an exception for iterating over a member
of an undefined variable.
2016-04-02 20:55:17 +01:00
Stig Telfer
64a39fdb86
Use var for bin dir instead of assuming /usr/local/bin
...
On CoreOS the binaries are not installed in /usr/local/bin.
2016-04-02 20:53:33 +01:00
ant31
7237a925eb
Add kubernetes.default.svc in certs dns
2016-04-01 12:40:01 +02:00
teuto.net Netzdienste GmbH
8cbdf73eba
Changed path to hosts ssl certs from /usr/share/ca-certificates to /etc/ssl/certs/ which fixes https problems in kube-controller-manager and kube-apiserver ( #189 ) caused by the lack of certificates on debian and redhat based systems.
2016-04-01 09:34:28 +02:00
teuto.net Netzdienste GmbH
624a964cda
Implemented Dynamic Provisioning of PersistentVolumes with cinder
...
When kubespray is deployed on OpenStack, the kube-controller-manager is now aware of the cluster and can create new cinder volumes automatically if the PersistentVolumeClaims are annotated accordingly.
Note that this is an alpha feature of kubernetes 1.2
2016-03-31 14:38:46 +02:00
Smaine Kahlouch
a14dfe74e1
Merge pull request #188 from teutostack/warnings-removal
...
Fixing deprecation warnings regarding bare variables and apt
2016-03-30 11:57:57 +02:00
teuto.net Netzdienste GmbH
a192111e6a
Reverted deletion of "changed_when: False" for Task "Install python-dnf for latest RedHat versions". Deleted "changed_when: False" on Task "Install latest version of python-apt for Debian distribs" to get notified when kubespray has installed a new package version.
2016-03-30 11:21:36 +02:00
teuto.net Netzdienste GmbH
4271dd6645
using apt module instead of command module to install python-apt
2016-03-30 10:39:33 +02:00
teuto.net Netzdienste GmbH
457ed11b49
fixed deprecation warnings regarding bare variables
2016-03-30 10:23:43 +02:00
teuto.net Netzdienste GmbH
9f8da6c225
Implemented cloud-provider integration for OpenStack.
...
Currently kubespray does not install kubernetes in a way that allows cinder volumes to be used. This commit provides the necessary cloud configuration file and configures kubelet and kube-apiserver to use it.
2016-03-29 15:17:22 +02:00
Smaine Kahlouch
68fafd030d
choose between gce and aws cloud providers
2016-03-23 17:27:06 +01:00
Smaine Kahlouch
e8aec5f4f0
Don't call the apiserver when the server is master only
2016-03-22 13:25:41 +01:00
Smaine Kahlouch
c51ed4bbb7
use master election option instead of podmaster
2016-03-21 22:25:09 +01:00
Smaine Kahlouch
ba4ad51c26
add aufs-tools package for debian
2016-03-21 17:25:14 +01:00
Antoine Legrand
785b84fd43
Upgrade to docker 1.10.3
2016-03-21 16:54:14 +01:00
Antoine Legrand
15ce66b2f5
Kubernetes 1.2.0
2016-03-21 16:54:14 +01:00
Smaine Kahlouch
7e6d7caf4b
Dnsmasq runs on all nodes
2016-03-21 11:37:35 +01:00
ant31
6297e5ea93
Use dnsmasq inside pods
2016-03-19 23:41:27 +01:00
Antoine Legrand
72807965a8
Upload files to a separate storage
2016-03-04 17:39:02 +01:00
Antoine Legrand
611c7744a1
Remove submodules
2016-03-04 16:14:01 +01:00
Smana
ede3aad2ab
flannel backend type option
2016-03-04 14:55:04 +01:00
Smana
62218c1497
upgrade calicoctl to v0.17.0
2016-03-02 10:42:31 +01:00
Smana
cb3cc6f523
adding option --proxy-mode for kubeproxy
2016-02-29 11:41:08 +01:00
Smaine Kahlouch
87fd8415da
Merge pull request #163 from Smana/upgrade_kube_v1.1.8
...
Upgrade kuberenetes to v1.1.8
2016-02-26 23:25:00 +01:00
Stig Telfer
edcd5bf67f
Provide a non-default hostname for CoreOS systems.
...
A freshly-installed CoreOS system does not always have a hostname configured.
This causes problems for etcd and BGP mesh configuration for Calico.
Assign the Ansible inventory name as hostname as part of CoreOS bootstrap,
if the hostname is the default ("localhost").
2016-02-26 13:43:07 +00:00
Smana
9528caa1d7
Upgrade kuberenetes to v1.1.8
2016-02-25 17:35:38 +01:00
Smaine Kahlouch
3f32e5973f
Merge pull request #158 from Smana/calico_nat_outgoing_opt
...
calico: enabling nat outgoing by default
2016-02-24 12:11:34 +01:00
Stig Telfer
ff03c82151
On CoreOS, /etc/hosts does not always exist.
2016-02-23 12:04:58 +00:00
Smana
152c409022
calico: enabling nat outgoing by default
2016-02-21 17:11:49 +01:00
Smana
fca384e24c
first version of CoreOS on GCE
...
Please enter the commit message for your changes. Lines starting
2016-02-21 00:06:36 +01:00
Spencer Smith
20adb604cc
confirmed working change to mktemp command
2016-02-18 15:56:10 -05:00
Smana
39caf94790
update hyperkube version
2016-02-18 16:38:25 +01:00
Smana
b013b125bc
Upgrade Calico and etcd
2016-02-15 12:41:27 +01:00
Smana
01397678df
upgrade kubernetes to 1.1.7
2016-02-15 10:57:45 +01:00
Smana
c3a8f379e8
rollback to docker 1.9
2016-02-13 15:38:42 +01:00
Smana
c0cf506fb4
install epel-release on RHEL7
2016-02-13 13:15:08 +01:00
Smana
a649aa8b7e
use ansible_service_mgr to detect init system
2016-02-13 11:46:53 +01:00
Smana
91fca69aa0
generate secrets on deployment machine
...
test travis with sudo=true instead of required
2016-02-13 06:51:54 +01:00
Antoine Legrand
3fef552978
Docker 1.10.1
2016-02-13 06:19:47 +01:00
ntfrnzn
a4e32c748a
pin docker version actually
2016-02-12 14:45:09 -08:00
ntfrnzn
c48bc34a34
pin docker versions to 1.9 or earlier
2016-02-12 14:40:13 -08:00
ant31
4ee3699933
Add weave to tests
2016-02-11 10:57:54 +01:00
Smaine Kahlouch
05c8a29688
Merge branch 'master' into weave_network_plugin
2016-02-10 18:33:48 +01:00
Smana
793d665db4
specify weave version
2016-02-10 18:19:03 +01:00
Greg Althaus
6f1fe0cda2
Force kube-proxy to bind to local address
2016-02-10 10:53:22 -06:00
Smana
ab007e4ab8
weave network plugin
2016-02-09 17:55:12 +01:00
Smaine Kahlouch
4f92417a5d
split network plugins into distinct roles
2016-02-09 11:42:00 +01:00
Smana
b2d6626363
fix some issues with fedora 23 and dnf
2016-02-03 21:26:49 +01:00
Smaine Kahlouch
779299de15
calico uses --ip option
2016-02-01 15:53:23 +01:00
Antoine Legrand
7e94d31c8b
Merge branch 'master' into increase_timeout
2016-02-01 14:32:25 +01:00
ant31
21b0a3649d
Increase liveness timeout
2016-02-01 13:41:49 +01:00
Smaine Kahlouch
3bb6066558
add option '--nat-outgoing' for calico on clouds
2016-02-01 10:47:34 +01:00
Smaine Kahlouch
64be24dd20
Merge pull request #123 from Smana/install_epel_rhel
...
install epel release for rhel
2016-02-01 10:46:10 +01:00
Smaine Kahlouch
4d3f6c6533
install epel release for rhel
...
install required packages before common
roles/kubernetes/preinstall/tasks/main.yml
2016-01-31 22:12:34 +01:00
Greg Althaus
6163fe166e
Update docker for CentOS issues in AWS and general
...
variables.
1. AWS has issues with ext4 (use xfs instead for CentOS only)
2. Make sure all the centos config files are include in the systemd config
3. Make sure that network options are set in the correct file by os family
This allows downstream items like opencontrail and others change variables
in expected locations.
2016-01-30 21:46:32 -06:00
Smaine Kahlouch
6358cf788f
etcd initd startup command fix
2016-01-30 22:31:41 +01:00
Antoine Legrand
b33713da4a
Change calico condition --ipip
2016-01-29 14:07:21 +01:00
Antoine Legrand
83c1bd516d
Update calico.yml
2016-01-29 12:23:29 +01:00
Antoine Legrand
5d24cabc83
Merge pull request #116 from ansibl8s/calico_on_cloud
...
Add --ipip to calico if on cloud_proivder
2016-01-28 20:28:15 +01:00
Antoine Legrand
7127e6de54
Add --ipip to calico if on cloud_proivder
2016-01-28 20:13:50 +01:00
Greg Althaus
bedcca922c
Add variables and defaults for multiple types of ip addresses.
...
Each node can have 3 IPs.
1. ansible_default_ip4 - whatever ansible things is the first IPv4 address
usually with the default gw.
2. ip - An address to use on the local node to bind listeners and do local
communication. For example, Vagrant boxes have a first address that is the
NAT bridge and is common for all nodes. The second address/interface should
be used.
3. access_ip - An address to use for node-to-node access. This is assumed to
be used by other nodes to access the node and may not be actually assigned
on the node. For example, AWS public ip that is not assigned to node.
This updates the places addresses are used to use either ip or access_ip and walk
up the list to find an address.
2016-01-27 16:05:39 -06:00
Smaine Kahlouch
a323335d36
use 'kube_pods_subnet' var for flannel conf
2016-01-27 22:00:12 +01:00
Smaine Kahlouch
8d71d56809
update submodules and documentation
2016-01-27 17:02:41 +01:00
Antoine Legrand
cf472a6b4c
Merge pull request #107 from ansibl8s/race_condition_api_master
...
Slowdown apimaster restart
2016-01-26 18:00:47 +01:00
ant31
fd6ac61afc
Use local etcd/etcdproxy for calico
2016-01-26 17:28:30 +01:00
Antoine Legrand
4566d60e6f
Slowdown apimaster restart
2016-01-26 15:23:16 +01:00
Antoine Legrand
49a7278563
Set perms on unarchive
2016-01-26 12:17:33 +01:00
Antoine Legrand
b9781fa7c2
Symlink dnsmasq conf
2016-01-26 00:30:29 +01:00
Smaine Kahlouch
90ffb8489a
fix some handlers
2016-01-25 22:49:24 +01:00
Greg Althaus
e7d5b7af67
Force owner and permissions for get_url retrieved
...
files. get_url doesn't honor owner and mode is spotty.
2016-01-25 13:30:48 -06:00
Greg Althaus
c7bd2a2a1e
Need to use separate stanzas for each repo because the
...
args are different. Sigh.
2016-01-25 11:16:56 -06:00
Smaine Kahlouch
baaa6efc2b
workaround_ha_apiserver
2016-01-25 12:07:32 +01:00
ant31
56b92812fa
Fix systemd reload and calico unit
2016-01-25 10:54:07 +01:00
ant31
f5508b1794
Use update_cache when possible
2016-01-25 02:06:34 +01:00
Greg Althaus
bcd6ecb7fb
Add flannel vars to enable vagrant and amazon environments
2016-01-24 16:18:35 +01:00
Antoine Legrand
b4734c280a
Merge branch 'master' into add_users_role
2016-01-24 15:58:10 +01:00
Antoine Legrand
dd61f685b8
AddUser Role
2016-01-24 11:54:34 +01:00
Smaine Kahlouch
4984b57aa2
use rsync instead of command
2016-01-23 18:26:07 +01:00
Smaine Kahlouch
283c4169ac
run apiserver as a service
...
reorder master handlers
typo for sysvinit
2016-01-23 14:21:04 +01:00
Smaine Kahlouch
5edc81c627
moving kube-cert group into group_vars
2016-01-22 17:18:45 +01:00
Smaine Kahlouch
391413f7e7
missing commits for the PR #86
2016-01-22 17:10:31 +01:00
Smaine Kahlouch
87b42e34e0
create kube-cert group task
2016-01-22 16:51:54 +01:00
Smaine Kahlouch
be0bec9eab
add kube-cert group
2016-01-22 16:46:06 +01:00
Smaine Kahlouch
cb59559835
use command instead of synchronize
2016-01-22 16:37:07 +01:00
Antoine Legrand
078b67c50f
Remove downloader host
2016-01-22 09:59:39 +01:00
Greg Althaus
32877bdc7b
Merge branch 'master' into etcd-sync
2016-01-21 13:13:58 -06:00
Greg Althaus
ec1073def8
Test for a systemd service that should be up.
2016-01-21 11:35:15 -06:00
Greg Althaus
28e530e005
Fix etcd synchronize to other nodes from the downloader
2016-01-21 11:21:25 -06:00
Smaine Kahlouch
de038530ef
don't run gitinfos by default
2016-01-21 13:41:01 +01:00
Smaine Kahlouch
337977e868
script which gives info about the deployment state
...
fix script location
2016-01-21 13:41:01 +01:00
Smaine Kahlouch
9715962356
etcd directly in host
...
fix etcd configuration for nodes
fix wrong calico checksums
using a var name etcd_bin_dir
fix etcd handlers for sysvinit
using a var name etcd_bin_dir
sysvinit script
review etcd configuration
2016-01-21 11:36:11 +01:00
Smaine Kahlouch
a5094f2a6a
move /etc/hosts configuration in 'preinstall' role
2016-01-20 17:37:23 +01:00
Greg Althaus
fe5ec398bf
Use IP is specified, otherwise use the ansible discovered address.
...
This fixes cases for use in Vagrant environments.
2016-01-20 08:34:39 -06:00
Antoine Legrand
859f6322a0
Merge branch 'master' into add_set_remote_user
2016-01-19 21:08:52 +01:00
Greg Althaus
10b2466d82
run_once only works if master[0] is first in inventory list
...
of all nodes.
2016-01-19 13:10:54 -06:00
Antoine Legrand
f68d8f3757
Add seT_remote_user in synchronize
2016-01-19 14:20:05 +01:00
Antoine Legrand
9b083b62cf
Rename tasks
2016-01-19 14:20:05 +01:00
Smaine Kahlouch
b54af6b42f
reduce dns timeout
2016-01-19 13:49:33 +01:00
Smaine Kahlouch
7cab7e5fef
restarting kubelet is sometimes required after docker restart
2016-01-19 13:47:07 +01:00
Smaine Kahlouch
4c5735cef8
configure dnsmasq to listen on localhost only
2016-01-19 13:34:30 +01:00
Smaine Kahlouch
58e1db6aae
update kubedns submodule
2016-01-19 13:32:53 +01:00
Smaine Kahlouch
63ae6ba5b5
dnsmasq runs on all nodes
2016-01-19 10:31:47 +01:00
Smaine Kahlouch
f58b4d3dd6
dnsmasq listens on localhost
2016-01-19 10:29:33 +01:00
Smaine Kahlouch
d3a8584212
add timeout options to resolv.conf
2016-01-19 10:18:53 +01:00
ant31
4271126bae
Change hyperkube repo
2016-01-18 17:17:08 +01:00
Smaine Kahlouch
049f5015c1
upgrade hyperkube image version
2016-01-18 16:55:57 +01:00
Smaine Kahlouch
6ab671c88b
update memcached submodule
2016-01-18 16:25:01 +01:00
Smaine Kahlouch
d73ac90acf
udpate k8s-pgbouncer submodule
2016-01-18 11:58:12 +01:00
Smaine Kahlouch
adf6e2f7b1
update postgres submodule
2016-01-18 11:44:33 +01:00
Smaine Kahlouch
806834a6e9
upgrade kubernetes to 1.1.4 and calico to 0.14.0
2016-01-17 21:30:11 +01:00
Smaine Kahlouch
8415634016
use google hyperkube image
2016-01-16 22:55:49 +01:00
Smaine Kahlouch
8127e8f8e8
Flannel running as pod
2016-01-15 13:03:27 +01:00
Smaine Kahlouch
51a0996087
fix regexp for resolv.conf
2016-01-15 12:18:03 +01:00
ant31
5d61b5e813
Fix namespace
2016-01-14 16:22:37 +01:00
ant31
b769636435
Ansible 2.0
2016-01-13 16:40:24 +01:00
Smaine Kahlouch
eab2cec0ad
fix kubectl perms
2016-01-08 16:02:40 +01:00
Smaine Kahlouch
0b17a4c00f
Merge pull request #45 from jcsirot/fix-calico-systemd
...
Fix calico with systemd
2016-01-08 11:34:58 +01:00
ant31
f49aa90bf7
fix synchronize pull mode
2016-01-08 11:32:06 +01:00
Jean-Christophe Sirot
6f9148e994
Fix calico with systemd
2016-01-08 10:32:43 +01:00
Antoine Legrand
7913d62749
Merge pull request #44 from ansibl8s/travis
...
Travis tests
2016-01-07 23:46:02 +01:00
Smaine Kahlouch
d5320961e9
enforce user root when sudo is used
2016-01-05 15:33:23 +01:00
ant31
9c461e1018
Use inline update for resolv.conf
2016-01-05 12:31:49 +01:00
ant31
9a03249446
Add travis tests
2016-01-05 12:31:49 +01:00
ant31
8fa0110e28
Remove local dep. downloader
2016-01-04 16:10:29 +01:00
Smaine Kahlouch
99d16913d3
use bin_dir var in init scripts
2016-01-04 14:35:01 +01:00
Smaine Kahlouch
d172457504
sysvinit scripts
2016-01-04 14:30:37 +01:00
Smaine Kahlouch
6103d673b7
New calico's configuration
2016-01-04 14:30:37 +01:00
Smaine Kahlouch
29bf90a858
review handlers for sysvinit
2016-01-04 14:30:37 +01:00
ant31
e3cdb3574a
Rework download role
2015-12-31 16:12:16 +01:00
Smaine Kahlouch
15cd1bfc56
rename env file
2015-12-31 14:55:06 +01:00
Smaine Kahlouch
be5fe9af54
never report changed for init system detection
2015-12-31 14:54:15 +01:00
Smaine Kahlouch
7006d56ab8
split role download and preinstall
2015-12-31 14:07:02 +01:00
Smaine Kahlouch
1695682d85
handle sysvinit
2015-12-31 14:05:55 +01:00
Smaine Kahlouch
1d1d8b9c28
add nodnsupdate hook for RedHat
2015-12-31 14:04:08 +01:00
Smaine Kahlouch
98fe2c02b2
review local tasks
2015-12-31 10:28:47 +01:00
Smaine Kahlouch
92c2a9457e
rename role common to kubernetes/preinstall
2015-12-31 10:03:22 +01:00
Smaine Kahlouch
dbb6f4934e
common role in order to support other linux distribs
2015-12-30 22:26:45 +01:00
Smaine Kahlouch
9f07f2a951
install docker on a largest number of linux distribution (based on https://github.com/marklee77/ansible-role-docker )
2015-12-30 22:26:45 +01:00
Smaine Kahlouch
b72e220126
remove carriage return
2015-12-30 14:02:22 +01:00
Smaine Kahlouch
e0f460d9b5
copy template dnsmasq pod and remove handlers
2015-12-30 14:02:22 +01:00
Smaine Kahlouch
2bd6b83656
increase etcd timeout value again
2015-12-30 14:02:22 +01:00
ant31
2df70d6a3d
Docker dnsmasq
2015-12-30 14:02:22 +01:00
Smaine Kahlouch
6f4f170a88
remove useless etcd download, runs into docker containers
2015-12-30 09:50:02 +01:00
Smaine Kahlouch
3f3b03bc99
increase timeout value for etcd wait_for
2015-12-29 21:37:17 +01:00
Smaine Kahlouch
c9d9ccf025
move network-environment template into node role, required by kubelet
2015-12-29 21:36:51 +01:00
ant31
e378f4fb14
Install calico-plugin before running calico
2015-12-28 22:04:39 +01:00
Antoine Legrand
5c15d14f12
Run etcd as pod
2015-12-28 22:04:39 +01:00
Antoine Legrand
b45747ec86
Merge pull request #37 from ansibl8s/apiserver_https
...
Apiserver https
2015-12-28 13:00:46 +01:00
ant31
d597f707f1
use backup file
2015-12-24 19:23:21 +01:00
Smaine Kahlouch
595e93e6da
Peer with router configuration is made on the first etcd node
2015-12-24 13:56:53 +01:00
Smaine Kahlouch
5f4e01cec5
new version of logstash submodule
2015-12-22 16:38:40 +01:00
Smaine Kahlouch
7c9c609ac4
calico uses loadbalancer address for apiserver
2015-12-22 08:45:14 +01:00
Smaine Kahlouch
680864f95c
don't sync certs on masters, already done in another task
2015-12-21 14:24:57 +01:00
Smaine Kahlouch
7315d33e3c
use ip for etcd proxies even when hostnames are used in the inventory
2015-12-21 14:24:10 +01:00
Smaine Kahlouch
b2afbfd4fb
don't touch if the file exists
2015-12-21 14:23:33 +01:00
Smaine Kahlouch
ab694ee291
Install python-httplib2 required packaged
2015-12-21 12:00:42 +01:00
Smaine Kahlouch
bba3525cd8
use loadbalancer when that's possible
2015-12-21 09:13:48 +01:00
Smaine Kahlouch
2c816f66a3
Check calico network pool
2015-12-20 16:51:14 +01:00
Smaine Kahlouch
d585ceaf3b
set permissions on network-environment file
2015-12-19 12:32:06 +01:00
Smaine Kahlouch
fec1dc9041
A single file for tokens tasks
2015-12-19 11:00:22 +01:00
Smaine Kahlouch
e7e03bae9f
calico talks to apiserver with https
2015-12-18 22:22:52 +01:00
Smaine Kahlouch
c6d65cb535
remove temporary workaround due to node reboot issue with calico 2
2015-12-18 13:25:46 +01:00
Smaine Kahlouch
a0746a3efd
remove temporary workaround due to node reboot issue with calico
2015-12-18 13:22:32 +01:00
Smaine Kahlouch
970aab70e1
Upgrade calico version to v0.13.0, fixes the node reboot issue
2015-12-18 13:10:26 +01:00
Smaine Kahlouch
4561dd327b
remove deprecated var CALICOCTL_PATH
2015-12-18 13:09:42 +01:00
Smaine Kahlouch
b155e8cc7b
Fix error in ETCD_INITIAL_CLUSTER loop
2015-12-18 11:22:56 +01:00
Smaine Kahlouch
9046b7b1bf
Configure calico pool on an etcd server
2015-12-18 10:16:03 +01:00
Antoine Legrand
3c450191ea
User etcd node ip in initial cluster
2015-12-17 22:47:19 +01:00
Antoine Legrand
184bb8c94d
Use 0755 mode for binaries
2015-12-17 22:46:50 +01:00
Smaine Kahlouch
9914229484
using ip address instead of inventory_hostname for kube-proxy
2015-12-17 10:43:06 +01:00
Smaine Kahlouch
b3841659d7
Review role order, use master ip even when fqdn are used in the inventory
2015-12-16 23:49:01 +01:00
Smaine Kahlouch
3a349b8519
Using var file for etcd service
2015-12-16 21:43:29 +01:00
ant31
44ac355aa7
Update depedencies
2015-12-16 18:01:52 +01:00
ant31
958c770bef
Update ports
2015-12-16 17:43:26 +01:00
ant31
6012230110
Merge branch 'ha_master' of https://github.com/ansibl8s/setup-kubernetes into ha
2015-12-15 17:42:01 +01:00
Smaine Kahlouch
c91a3183d3
manage undefined vars for loadbalancing
2015-12-15 16:51:55 +01:00
ant31
693230ace9
Merge branch 'ha_master' of https://github.com/ansibl8s/setup-kubernetes into ha
2015-12-15 16:28:49 +01:00
ant31
f21f660cc5
Use kube_apiserver_port
2015-12-15 16:27:12 +01:00
Smaine Kahlouch
953f482585
kube-proxy loadbalancing, need an external loadbalancer
2015-12-15 15:20:08 +01:00
Smaine Kahlouch
4055980ce6
ha apiservers for kubelet
2015-12-15 13:14:27 +01:00
Smaine Kahlouch
e2984b4fdb
ha etcd with calico
2015-12-15 11:49:11 +01:00
Smaine Kahlouch
2fc8b46996
etcd can run on a distinct cluster
2015-12-14 10:39:13 +01:00
Smaine Kahlouch
5efc09710b
Renaming hyperkube image vars
2015-12-14 09:54:58 +01:00
Smaine Kahlouch
9862afb097
Upgrade kubernetes to v1.1.3
2015-12-13 16:41:18 +01:00
Smaine Kahlouch
59994a6df1
Quickstart documentation
2015-12-12 19:37:08 +01:00
Smaine Kahlouch
0a1b92f348
cluster log level variable 'kube_log_level'
2015-12-12 19:37:08 +01:00
Smaine Kahlouch
af9b945874
add the loadbalancer address to ssl certs
2015-12-12 19:37:08 +01:00
Smaine Kahlouch
3cbcd6f189
Calico uses the loadbalancer to reach etcd if 'loadbalancer_address' is defined. The loadbalancer has to be configured first
2015-12-12 19:37:08 +01:00
Smaine Kahlouch
1568cbe8e9
optionnal api runtime extensions
2015-12-12 19:37:08 +01:00
Smaine Kahlouch
eb4dd5f19d
update kubectl bash completion
2015-12-12 19:37:08 +01:00
Smaine Kahlouch
f49620517e
running kubernetes master processes as pods
2015-12-12 19:37:08 +01:00