Commit graph

4353 commits

Author SHA1 Message Date
Łukasz Oleś
0db441b28f Add socat do required pkgs
It's required for port forwarding.
2016-09-14 21:27:33 +02:00
Matthew Mosesohn
e3ebabc3b0 switch /etc/hosts to use blockinfile 2016-09-14 19:43:33 +03:00
Smaine Kahlouch
b46458a18f Merge pull request #483 from kubespray/fix_idempotency_kubedns
Fix kubedns idempotency
2016-09-14 13:02:02 +02:00
Smaine Kahlouch
125cb0aa64 Merge pull request #481 from bogdando/issue/479
Add retries for copying binaries from containers and packages
2016-09-14 10:04:32 +02:00
Bogdan Dobrelya
783871a253 Add retries for packages installation
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-09-13 18:12:07 +02:00
Matthew Mosesohn
ef43b21597 Fix kubedns idempotency
Removed api-version from kube.py because it is deprecated.
Updating both kube.py because dnsmasq one is actually used.
Fixed name back to kubedns for checking its resource.
2016-09-13 16:49:51 +03:00
Bogdan Dobrelya
6fdcaa1a63 Add retries for copying binaries from containers
Closes issue: https://github.com/kubespray/kargo/issues/479

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-09-13 15:09:34 +02:00
Anthony Haussmann
d47a2d03b4 Delete default variable use_hyperkube_cni
The variable is now set via a task depending of the version of kube
2016-09-13 14:59:50 +02:00
Anthony Haussmann
739cf59953 Determine hyperkube cni to use
Starting from version 1.3.4 of hyperkube, calico is "canalized" which requires flannel and hostonly cni plugins.So we let hyperkube ship necessary cni
2016-09-13 14:58:29 +02:00
Antoine Legrand
2e386dfbdc Merge pull request #465 from kubespray/freeze_kpm_version
Multiple app deploy tools
2016-09-08 22:01:52 +02:00
Antoine Legrand
ccbb2ee3ae App deployer plugins 2016-09-08 15:01:57 +02:00
Antoine Legrand
eb78ce4c4e Merge pull request #473 from kubespray/bootsrap
Bootstrap
2016-09-08 14:54:08 +02:00
Antoine Legrand
6084e05a6b Bootstrap os 2016-09-07 20:19:46 +02:00
Özgür Caner
da8a604c4c Changed apt to apt-get 2016-09-07 20:13:15 +02:00
Özgür Caner
df2b2d7417 Added bootstrap script for Ubuntu 16.04 LTS and later 2016-09-07 20:13:05 +02:00
Brandon B. Jozsa
2606e8e1c8 combine bootstrap options, add xenial support 2016-09-06 10:04:41 -04:00
Matthew Mosesohn
b62de1dcb1 Reset replicacluster name of kube-dns-v19 back to kubedns
This broke upgraded clusters
2016-09-06 16:43:17 +03:00
Matthew Mosesohn
b58512bbda Rename kube-dns back to kubedns
kubedns should stay named the same so that services which
depend on this name are not broken.
2016-09-02 15:09:49 +04:00
Spencer Smith
8b91a43576 remove dependency on kpm for kubedns 2016-09-01 10:01:15 -07:00
Bogdan Dobrelya
d240073f65 Fix updating resolvconf
Move updating resolvconf to the network restart handler to
ensure changes applied to the /etc/resolv.conf.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-09-01 11:10:26 +02:00
Smaine Kahlouch
69f09e0f18 Merge pull request #461 from kubespray/issue-369
Issue 369
2016-08-31 15:09:33 +02:00
Smaine Kahlouch
cca26ae3d7 Merge pull request #458 from kubespray/issue456
Remove search and nameserver entries from resolvconf base
2016-08-31 13:15:30 +02:00
Matthew Mosesohn
26a0406669 Disable calicoctl from creating a default pool
Sometimes invoking calicoctl to create a pool also
creates a default pool, which causes errors in deploy.
2016-08-31 12:54:05 +03:00
Spencer Smith
a746d63177 ensure docker.service.d exists 2016-08-30 09:34:34 -07:00
Spencer Smith
0fc5e70c18 incorrect file name 2016-08-30 09:26:14 -07:00
Spencer Smith
b74c2f89f0 lay down a systemd dropin instead of the /run/flannel_docker_opts.env symlink 2016-08-30 09:17:41 -07:00
Matthew Mosesohn
33c8d0a1a7 Remove search and nameserver entries from resolvconf base
These items conflict when they are provided also in head file
Fixes: #456
2016-08-30 13:14:44 +03:00
Smana
28fbfbbbe7 fix etcd checksum 2016-08-29 19:09:08 +02:00
Smaine Kahlouch
18cdab3671 Merge pull request #449 from kubespray/fixapiserverplugins
Remove SecurityContextDeny API plugin
2016-08-29 18:58:53 +02:00
Smaine Kahlouch
311baeed5d Merge pull request #448 from kubespray/etcdnosync
Add --no-sync to etcdctl member list
2016-08-29 18:58:14 +02:00
Matthew Mosesohn
256a4e1f29 Rebase etcd to v3.0.6
Fixes #450
2016-08-29 15:31:05 +03:00
Matthew Mosesohn
c50c6672f3 Remove SecurityContextDeny API plugin
This is no longer recommended for use since K8s 1.2:
http://kubernetes.io/docs/admin/admission-controllers/#is-there-a-recommended-set-of-plug-ins-to-use
2016-08-29 14:20:28 +03:00
Matthew Mosesohn
1345dd07f7 Add --no-sync to etcdctl member list
Fixes #447
2016-08-29 12:51:43 +03:00
Smaine Kahlouch
e83010b739 Merge pull request #445 from kubespray/caliconodechoice
Enable customization of calico-node docker image
2016-08-28 09:36:06 +02:00
Smana
d4193bbd22 upgrade weave version to 1.6.1 2016-08-27 16:04:06 +02:00
Matthew Mosesohn
b92404fd0a Enable customization of calico-node docker image
New vars: calico_node_image_repo and claico_node_image_tag
Defaults: calico/node and {{ calico_version }}, respectively
2016-08-27 16:25:39 +04:00
Spencer Smith
82076f90a3 ensure bin dir for coreos before anything else 2016-08-26 13:24:47 -04:00
Bogdan Dobrelya
8168689caa Refactor roles and hosts
Shorten deployment time with:
- Remove redundand roles if duplicated by a dependency and vice versa
- When a member of k8s-cluster, always install docker as a dependency
  of the etcd role and drop the docker role from cluster.yaml.
- Drop etcd and node role dependencies from master role as they are
  covered by the node role in k8s-cluster group as well. Copy defaults
  for master from node role.
- Decouple master, node, secrets roles handlers and vars to be used w/o
  cross references.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-08-25 13:27:57 +02:00
Smaine Kahlouch
c71b078c8e Merge pull request #437 from kubespray/issues/429
Fix handler triggering for kubelet restart
2016-08-25 11:33:50 +02:00
Bogdan Dobrelya
caa8efbf86 Fix handler triggering for kubelet restart
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-08-25 09:12:25 +02:00
Smaine Kahlouch
bcec5553c5 Merge pull request #434 from kubespray/issue-426
Check only for AWS, wrote some docs on actually using AWS
2016-08-24 21:55:57 +02:00
Spencer Smith
4e76bced53 merge with current master, update typos in doc 2016-08-24 09:56:42 -04:00
Spencer Smith
60f263b629 updated to no longer handle gce as cloud-provider. provided aws setup doc 2016-08-24 09:48:32 -04:00
Bogdan Dobrelya
ea57ce7514 Fix resolv.conf search/nameserver
* Ensure additional nameserver/search, if defined as vars.
* Don't backup changed dhclient hooks as they are going to be
  executed by dhclient as well, which is not what we want.
* For debian OS family only:
- Rename nodnsupdate hook the resolvconf hook to be sourced always
before it.
- Ensure dhclient restarted via network restart to apply the
nodnsupdate hook.
* For rhel OS family, the fix TBD, it doesn't work the same way.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-08-24 15:31:57 +02:00
Smana
346eca5748 Revert "pass cloud provider flag in all cases, not just openstack"
This reverts commit f35e5e864f.
2016-08-24 14:32:54 +02:00
Smana
643b28f9d3 Revert "Fix resolv.conf search/nameserver"
This reverts commit 977f82c32c.
2016-08-24 12:36:25 +02:00
Smaine Kahlouch
1938c96239 Merge pull request #420 from bogdando/collect_info
Adjust collect-info playbook
2016-08-24 10:06:30 +02:00
Spencer Smith
f35e5e864f pass cloud provider flag in all cases, not just openstack 2016-08-23 13:57:32 -04:00
Bogdan Dobrelya
47b4242613 Adjust collect-info playbook
Cleanup collected artifacts,
drop unrelated files/commands.
Always install gitinfos script to binaries for external
use.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-08-23 11:28:27 +02:00
Smaine Kahlouch
92c4428cfd Merge pull request #422 from kubespray/issue-421
remove host ca-certs, as they aren't necessary
2016-08-23 10:17:38 +02:00
Bogdan Dobrelya
f61071312a Fix gen-gitinfos.sh
Fix the error gen-gitinfos.sh: 57: [: foo: unexpected operator

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-08-23 10:15:30 +02:00
Spencer Smith
234608433e remove host ca-certs, as they aren't necessary 2016-08-22 16:09:33 -04:00
Smaine Kahlouch
36b6ae9a3c Merge pull request #419 from bogdando/fix_322
Fix resolv.conf search/nameserver
2016-08-22 13:48:35 +02:00
Bogdan Dobrelya
977f82c32c Fix resolv.conf search/nameserver
Rename nodnsupdate hook the resolvconf hook to be sourced always
before it.
Ensure dhclient restarted via network restart to apply the
nodnsupdate hook.
Ensure additional nameserver/search, if defined as vars.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-08-22 11:53:44 +02:00
Matthew Mosesohn
6f07da9f41 Restart kubelet if launcher changed
Fixes #409
2016-08-18 19:00:05 +03:00
Smaine Kahlouch
c6f2102073 Merge pull request #412 from kubespray/optionalkubeletcni
Copy hyperkube cni plugins optionally for calico deployment
2016-08-16 14:00:27 +02:00
Matthew Mosesohn
0c953101ff Fix init scripts for etcd. Fixes #383
Fixes Ubuntu 14.04 deployment of etcd.
2016-08-15 14:09:42 +03:00
dis
0fa90ec9e8 Fix resolvconf executable discovery
If resolvconf was installed and then removed, the file
/etc/resolvconf/resolv.conf.d/head remains in the filesystem

- change discovery of 'resolvconf' executable to check if it
  can be located with 'which resolvconf' command or not.
2016-08-10 17:22:33 +03:00
Matthew Mosesohn
f073ee91ea Copy hyperkube cni plugins optionally for calico deployment
Hyperkube from CoreOS now ships with all binaries required for
calico and flannel (but not weave). It simplifies deployment for
some network plugin scenarios to not download CNI images.

TODO: Optionally disable downloading calico to /opt/cni/bin
2016-08-10 15:35:53 +03:00
Smaine Kahlouch
677c4c4cb6 Merge pull request #404 from bogdando/fix_sunit
Fix calico-node service unit
2016-08-08 16:41:28 +02:00
Matthew Mosesohn
e727bd52f1 Add option to disable ipv6 dns lookup
New variable disable_ipv6_dns in kubernetes/preinstall.
2016-08-08 13:59:20 +03:00
Bogdan Dobrelya
d2c57142d3 Fix calico-node service unit
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-08-08 12:06:32 +02:00
Matthew Mosesohn
acae5d4286 Check dnsmasq on first kube-node
kube-masters without kube-node role will not run
kube-proxy, and therefore can't check if dnsmasq
is running.

Fixes #368
2016-08-05 16:55:48 +04:00
Smaine Kahlouch
15aec7cd87 Merge pull request #398 from mattymo/rework_systemd_wait_master
Improve systemd handling and stabilize docker
2016-08-03 11:30:14 +02:00
Matthew Mosesohn
e38258381f Wait for static pods when setting up
Fixes #390
2016-08-02 17:56:31 +03:00
Matthew Mosesohn
e8a1c7a53f Move docker systemd unit creation to docker role
Creating the unit using default settings early on
and then changing it during network_plugin section
leads to too many docker restarts and duplicated code.

Reversed Wants= dependence on docker.service so it does not
restart docker when reloading systemd

Consolidated all docker restart handlers.
2016-08-02 17:56:24 +03:00
Matthew Mosesohn
5bf9b5345e Add future docker versions
Default version is still unchanged, but added docker versions 1.11 and 1.12
2016-08-02 12:35:05 +03:00
Bogdan Dobrelya
2af71f31b4 Rework systemd service units
* Add for docker system units:
    ExecReload=/bin/kill -s HUP $MAINPID
    Delegate=yes
    KillMode=process.
* Add missed DOCKER_OPTIONS for calico/weave docker systemd unit.
* Change Requires= to a less strict and non-faily Wants=, add missing
  Wants= for After=.
* Align wants/after in a wat if Wants=foo, After= has foo as well.
* Make wants/after docker.service to ask for the docker.socket as well.
* Move "docker rm -f" commands from ExecStartPre= to ExecStopPost=.
  hooks to ensure non-destructive start attempts issued by Wants=.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-08-02 10:55:42 +02:00
Matthew Mosesohn
c7fef6cb76 Fix weave deployment task names 2016-07-30 23:12:41 +04:00
Antoine Legrand
6a7308d5c7 Merge pull request #372 from adidenko/calico-ipip-support
Support --ipip option for calico pool
2016-07-29 08:05:00 -07:00
Antoine Legrand
4419662fa0 Merge pull request #330 from jonbec/master
Add settable flannel image tag & image repo
2016-07-29 08:02:18 -07:00
Matthew Mosesohn
5668e5f767 Fix etcd restart and handler systemd tasks
Changed Wants=docker.service to docker.socket

Renamed handlers for reloading systemd to contain role in task name.
2016-07-29 16:32:35 +03:00
Aleksandr Didenko
c52c5f5056 Add run_once to define calico pool task name 2016-07-27 15:55:41 +02:00
Matthew Mosesohn
90fc407420 Fix etcd user for etcd-proxy service
Only affects sys V OSes (Ubuntu 14.04)

Fixes ##383
2016-07-27 11:54:47 +03:00
Antoine Legrand
9fb391fed5 Merge pull request #381 from kubespray/fixetcdstandalone
Fix etcd standalone deployment
2016-07-26 16:04:26 -07:00
Antoine Legrand
fbc55da2bf Merge pull request #378 from bogdando/issues/26
Add HA/LB endpoints for kube-apiserver
2016-07-26 16:03:31 -07:00
Matthew Mosesohn
1b1f5f22d4 Fix etcd standalone deployment
etcd facts are generated in kubernetes/preinstall, so etcd nodes need
to be evaluated first before the rest of the deployment.

Moved several directory facts from kubernetes/node to
kubernetes/preinstall because they are not backward dependent.
2016-07-26 18:15:06 +03:00
Bogdan Dobrelya
731d32afda Add HA/LB endpoints for kube-apiserver
* Add HA docs for API server.
* Add auto-evaluated internal endpoints and clarify the loadbalancer_apiserver
vars and usecases.
* Use facts for kube_apiserver to not repeat code and enable LB endpoints use.
* Use /healthz check for the wait-for apiserver.
* Use the single endpoint for kubelet instead of the list of apiservers
* Specify kube_apiserver_count to for HA layout

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-07-25 17:25:45 +02:00
Matthew Mosesohn
b4688701ea Copy kubectl from docker container
Nearly the last stage of source all components to containers.
Kubectl will be called from hyperkube image.

Remaining tasks:
 * Move kube_version variable to kubernetes/preinstall
 * Drop placeholder download.nothing requirement
2016-07-25 18:17:59 +03:00
Matthew Mosesohn
d0a1e15ef3 Deploy kubelet and kube-apiserver as containers
kubelet via docker
kube-apiserver as a static pod

Fixed etcd service start to be more tolerant of slow start.

Workaround for kube_version to stay in download role, but not
download an files by creating a new "nothing" download entry.
2016-07-22 16:42:34 +03:00
Matthew Mosesohn
7f212ca9cb Revert "Add HA/LB endpoints for kube-apiserver"
This reverts commit a70c3b661e.
2016-07-22 13:54:38 +03:00
Antoine Legrand
296eccd238 Merge pull request #361 from bogdando/issue/26_p2
Add HA/LB endpoints for kube-apiserver
2016-07-21 14:43:53 +02:00
Aleksandr Didenko
f94eb0b997 Support --ipip option for calico pool
Adds new boolean configuration variable for calico network plugin
`ipip`. When it's enabled calico pool is created with '--ipip'
option (IP-over-IP encapsulation across hosts).

Also refactor pool creation tasks to simplify logic and make tasks
more readable.
2016-07-21 13:05:40 +02:00
Bogdan Dobrelya
a70c3b661e Add HA/LB endpoints for kube-apiserver
* Add auto-evaluated internal endpoints and clarify the loadbalancer_apiserver
vars and usecases.
* Add loadbalancer_apiserver_localhost (default false). If enabled, override
the external LB and expect localhost:443/8080 to be new internal only frontends.
* Add kube_apiserver_multiaccess to ignore loadbalancers, and make clients
to access the apiservers as a comma-separated list of access_ip/ip/ansible ip
(a default mode). When disabled, allow clients to use the given loadbalancers.
* Define connections security mode for kube controllers, schedulers, proxies.
It is insecure be default, which is the current deployment choice.
* Rework the groups['kube-master'][0] hardcode defining the apiserver
endpoints.
* Improve grouping of vars and add facts for kube_apiserver.
* Define kube_apiserver_insecure_bind_address as a fact, add more
facts for ease of use.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-07-21 11:05:03 +02:00
mattymo
8141b72d5e Merge branch 'master' into etcddockerdefault 2016-07-20 19:16:47 +03:00
Antoine Legrand
277c5d74cc Merge pull request #367 from bogdando/set_facts
Fix set_facts visibility
2016-07-20 18:00:15 +02:00
Matthew Mosesohn
7a86b6c73e Set default etcd deployment to docker
Improved docker reload command to wait for etcd to be
up before proceeding. Switched reload to run restart
because it can't reload if it is not guaranteed to be
in running state.
2016-07-20 18:26:16 +03:00
Bogdan Dobrelya
a76e5dbb11 Fix set_facts visibility
Move set_facts to the preinstall scope, so every role
may see it. For example, network plugins to see the etcd_endpoint.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-07-20 11:41:09 +02:00
Matthew Mosesohn
c3e5aac18e Add variable kube_resolv_conf
Allow configuration of a custom /etc/resolv.conf for kubelet.
2016-07-20 11:57:47 +03:00
Bogdan Dobrelya
32cd6e99b2 Add etcd proxy support
* Enforce a etcd-proxy role to a k8s-cluster group members. This
provides an HA layout for all of the k8s cluster internal clients.
* Proxies to be run on each node in the group as a separate etcd
instances with a readwrite proxy mode and listen the given endpoint,
which is either the access_ip:2379 or the localhost:2379.
* A notion for the 'kube_etcd_multiaccess' is: ignore endpoints and
loadbalancers and use the etcd members IPs as a comma-separated
list. Otherwise, clients shall use the local endpoint provided by a
etcd-proxy instances on each etcd node. A Netwroking plugins always
use that access mode.
* Fix apiserver's etcd servers args to use the etcd_access_endpoint.
* Fix networking plugins flannel/calico to use the etcd_endpoint.
* Fix name env var for non masters to be set as well.
* Fix etcd_client_url was not used anywhere and other etcd_* facts
evaluation was duplicated in a few places.
* Define proxy modes only in the env file, if not a master. Del
an automatic proxy mode decisions for etcd nodes in init/unit scripts.
* Use Wants= instead of Requires= as "This is the recommended way to
hook start-up of one unit to the start-up of another unit"
* Make apiserver/calico Wants= etcd-proxy to keep it always up

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
Co-authored-by: Matthew Mosesohn <mmosesohn@mirantis.com>
2016-07-19 14:09:40 +02:00
Bogdan Dobrelya
0b874e8db2 Fix systemd service unit for etcd
See https://github.com/coreos/etcd/issues/4308

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-07-15 16:22:17 +02:00
Smaine Kahlouch
192136df20 Merge pull request #359 from kubespray/fix_351
deployment idempotent
2016-07-14 21:34:21 +02:00
Smana
ab8fdba484 deployment idempotent 2016-07-14 21:33:24 +02:00
Smana
dfe7bfd127 use hyperkube coreos image 2016-07-14 21:20:41 +02:00
Smana
a709cd9aa1 use iptables as default proxy mode 2016-07-12 10:20:43 +02:00
Jonathan Beckman
d4dfdf68a6 Add settable flannel image tag & image repo
New settings with defaults:
flannel_server_helper_image_repo: "gcr.io/google_containers/"
flannel_server_helper_image_tag: "0.1"
flannel_image_repo: "quay.io/coreos/flannel"
flannel_image_tag: "0.5.5"
2016-07-11 13:18:20 +08:00
Smaine Kahlouch
a5c21ab2e8 Merge pull request #346 from bogdando/issues/345
Add hostpath dynamic provisioner for PetSets
2016-07-09 22:43:09 +02:00
Spencer Smith
c9cff5c845 updated admission controllers for >1.2 Kubernetes 2016-07-08 10:04:14 -07:00
Bogdan Dobrelya
da20d9eda4 Add hostpath dynamic provisioner for PetSets
Defaults to false. Use with v1.3 only.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-07-08 16:52:39 +02:00
Smaine Kahlouch
83da5d7657 Merge pull request #335 from mattymo/calicoctl
Change calicoctl deployment to use container
2016-07-07 21:47:40 +02:00
Matthew Mosesohn
b3282cd0bb Add optional deployment mode for Docker etcd_deployment_type
Running etcd in Docker reduces the number of individual file
downloads and services running on the host.

Note: etcd container v3.0.1 moves bindir to /usr/local/bin

Fixes: #298
2016-07-07 19:31:28 +03:00
Smaine Kahlouch
bcd912e854 Merge pull request #337 from blasphemy/add-kubelet-ip
Add kubelet ip
2016-07-07 08:05:03 +02:00
Alexandre Bourget
3b7eaf66b6 flanneld: don't redirect logs to an unreadable location, let docker/k8s see
and aggregate them.
2016-07-06 16:25:11 -04:00
Daniel Leining
1d148e9755 fix kubelet ip with quotes 2016-07-05 17:23:08 -04:00
Daniel Leining
d84ed1b4b3 make kubelet use "ip" as bind address 2016-07-05 17:14:12 -04:00
Matthew Mosesohn
baf80b7d7e Change calicoctl deployment to use container
Improves upgradability of calicoctl by leveraging docker tags.
2016-07-05 13:49:03 +03:00
Matthew Mosesohn
d2151500b6 Fix kube-apiserver log level syntax 2016-07-05 13:11:45 +03:00
Matthew Mosesohn
b847a43c61 Set hyperkube version to kube_version 2016-07-05 12:43:27 +03:00
Smana
f1ba247844 upgrade to k8s v1.3.0 2016-07-03 14:14:09 +02:00
Smaine Kahlouch
2fa7ee0cf9 Merge pull request #326 from kubespray/upgrade_etcd_v3
upgrade to etcd v3.0.1
2016-07-02 14:26:13 +02:00
Smana
40fbb3691d uprade to etcd v3.0.1 2016-07-02 14:14:32 +02:00
Daniel Leining
72ab34f210 Add --bind-address to kube-apiserver 2016-07-01 18:33:59 -04:00
Smana
85fa3efc06 upgrade kubernetes to v1.2.5 2016-06-29 15:38:33 +02:00
Smana
c4beee38f6 include variables from a distinct file 2016-06-29 14:08:14 +02:00
Smana
247a1a6e6e change hyperkube repository 2016-06-29 14:07:05 +02:00
Smana
a4396cfca0 use python script to update sha256 sum in the vars 2016-06-29 14:07:01 +02:00
Smana
536454b079 upgrade etcd version to 2.3.7 2016-06-28 12:31:57 +02:00
mattymo
708d2fbd61 Add KUBE_API_INSECURE_BIND to systemd unit file
This was missing from commit c4c312c2e6
2016-06-27 13:01:22 +04:00
Matthew Mosesohn
c4c312c2e6 Add configurable option for kube_apiserver_insecure_bind_address 2016-06-24 18:10:01 +03:00
Chris Bell
9e59c74c24 Maintain backwards compatibility with EL6 2016-06-22 09:51:49 -04:00
Chris Bell
d94253ff6a Modify calico docker.service 2016-06-22 09:44:31 -04:00
Smana
094c2c75f3 upgrade pypy version 2016-06-21 12:11:10 +02:00
Matthew Mosesohn
33d897bcb6 Force install of specified docker version, fixes #295
This allows Ubuntu/Debian to downgrade Docker version if
a newer version is installed, instead of failing.
2016-06-17 12:31:55 +03:00
Matthew Mosesohn
153b82a803 Add docker_options to calico networking 2016-06-14 19:33:44 +03:00
Smana
922c6897d1 Install python-pip on first master 2016-06-12 20:44:12 +02:00
ant31
eb6025a184 Add kubedns as default package to install 2016-06-12 18:08:53 +02:00
ant31
c43f9bc705 Add variables to kpm module 2016-06-12 18:02:44 +02:00
ant31
cd2847c1b9 Add kpm role 2016-06-12 18:02:44 +02:00
Smana
8281b98e19 install kpm in order to deploy addons 2016-06-11 21:08:05 +02:00
Smana
7c7adc7198 upgrade calico to v0.20 and calico-cni to v1.3.1 2016-06-09 19:55:12 +02:00
Smana
4a7d8c6fea clean conditions into docker templates 2016-06-02 21:01:41 +02:00
Smaine Kahlouch
722aacb633 Merge pull request #272 from rustyrobot/fix-etcd-scale-up
Add scale-up for etcd cluster
2016-06-01 17:20:04 +02:00
mattymo
68808534b3 Fix order in restart kubelet to fix systemd reload
Systemd reload before reload kubelet was failing because its definition was before "restart kubelet". Its definition should be after the notify hook.
2016-05-31 20:09:49 +04:00
Evgeny L
0500f27db8 Scale-up functionality for etcd cluster
* Set ETCD_INITIAL_CLUSTER_STATE from `new` to `existing`,
because parameter `new` makes sense only on cluster assembly
stage.
* If cluster exists and current node is not a part
of the cluster, add it with command `etcdctl add member name url`.

Closes kubespray/kargo/#270
2016-05-31 18:23:46 +03:00
Smaine Kahlouch
96a2439c38 Merge pull request #264 from rsmitty/issue-255
resolves coreos nodes not setting up docker proxies
2016-05-26 21:55:53 +02:00
Spencer Smith
87757d4fcf provides initial docker options support 2016-05-25 12:56:45 -04:00
Spencer Smith
492218a3e1 resolves coreos nodes not setting up docker proxies 2016-05-24 12:11:24 -04:00
Spencer Smith
a740e521d2 removed os restriction for coreos 2016-05-24 12:03:16 -04:00
Smaine Kahlouch
bdc183114a Merge pull request #261 from paulczar/meta_roles_yo
turn adduser/download roles into meta roles
2016-05-23 17:29:37 +02:00
Paul Czarkowski
7de87d958e turn adduser/download roles into meta roles
This should make things a little more composable,
by making these roles meta roles that perform no
actions by default we allow each role to own its own
resources.
2016-05-22 17:25:52 -05:00
Paul Czarkowski
c226b4e5cb fixes issue #258
Kubernetes API server has an option:

```
--advertise-address=<nil>: The IP address on which to advertise the apiserver to members of the cluster. This address must be reachable by the rest of the cluster. If blank, the --bind-address will be used. If --bind-address is unspecified, the host's default interface will be used.
```

kargo does not set --bind-address, thus it binds to eth0, in vagrant and similar
environments this causes issues because nodes cannot talk to eachother over eth0.

This sets `--advertise-address` to `ip` if its set, otherwise the default behavior
of is persisted by using `ansible_default_ipv4.address`.
2016-05-22 13:48:16 -05:00
Paul Czarkowski
ba615ff94e race condition in download role under vagrant
using a shared folder can cause race conditions for the download
role as it tries to download files on all the nodes to the same
shared path.  This adds a flag to run the tasks in the download
role on just one node.
2016-05-20 17:04:38 -05:00
Paul Czarkowski
d8bebcd201 Fix issue with check_certs playbook
check_certs task "Check_certs | Set 'sync_certs' to true" was failing
due to the dict not existing, this sets defaults that allows the
correct behavior of the conditionals.
2016-05-15 17:15:59 -05:00
Smaine Kahlouch
f576d70b3c Merge pull request #245 from kubespray/fix_flannel_deploy_213
fix flannel deployment, remove docker bridge before restarting
2016-05-13 19:54:07 +02:00
Smana
ae5ff890d4 fix flannel deployment, remove docker bridge before restarting 2016-05-13 18:10:00 +02:00
Spencer Smith
f949bfd46c remove need for baking image to get writeable /opt/bin 2016-05-13 02:48:13 -07:00
Spencer Smith
66d9a6ebbc updated to use handlers 2016-05-12 12:18:38 -07:00
Spencer Smith
9b8a757526 missed a name update :) 2016-05-12 09:30:11 -07:00
Spencer Smith
a894a8c7bc Merge branch 'master' into issue-229 2016-05-12 09:10:57 -07:00
Spencer Smith
962155e463 updated names and removed checks for rhel, as we already know we have systemd inside that play 2016-05-12 09:06:31 -07:00
Spencer Smith
c90c981bb2 updated to support all OSes using systemd 2016-05-12 09:03:11 -07:00
Smana
608e7dfab2 upgrade k8s vers, and add a script for future upgrades 2016-05-12 15:56:30 +02:00
Smana
1884d89d3b fixes the certs issue when masters or not in the kube-node group 2016-05-12 10:07:34 +02:00
Smaine Kahlouch
ed95f9ab81 Merge pull request #232 from rsmitty/issue-231
Issue 231: ensure ca.pem makes it to multi-masters
2016-05-11 21:24:04 +02:00
Spencer Smith
9f8466a186 ensure ALL certs are synced between masters 2016-05-11 10:09:13 -07:00
Spencer Smith
743ad0eb5c s/sync_certs/sync_tokens 2016-05-11 09:38:26 -07:00
Spencer Smith
5253b3ec13 ensure ca.pem makes it to multi-masters 2016-05-11 09:06:08 -07:00
Spencer Smith
ebf8231c9a only run if proxy variables are added 2016-05-10 15:53:32 -07:00
Spencer Smith
adceaf60e1 support proxies with docker on rhel 2016-05-10 15:49:27 -07:00
Smaine Kahlouch
96c63cc0b6 Merge pull request #227 from paulczar/vagrant
Add native Vagrant support
2016-05-09 11:47:07 +02:00
Paul Czarkowski
5f2fa6d76f revert .gitignore for secrets 2016-05-08 23:46:35 -05:00
Paul Czarkowski
bd064e8094 fix flannel's cross vm networking for vagrant
* set flannel backend type to `host-gw`
* set flannel interface to be eth1 ip
2016-05-08 23:42:42 -05:00
Paul Czarkowski
8f4e879ca7 Add native Vagrant support
This allows you to simply run `vagrant up` to get a 3 node HA cluster.

* Creates a dynamic inventory and uses the inventory/group_vars/all.yml
* commented lines in inventory.example so that ansible doesn't try to use it.
* added requirements.txt to give easy way to install ansible/ipaddr
* added gitignore files to stop attempts to save unwated files
* changed `Check if kube-system exists` to `failed_when: false` instead of
`ignore_errors`
2016-05-08 10:17:11 -05:00
Smana
4f627baf71 generate secrets on first master 2016-05-07 21:08:29 +02:00
David Reuss
180f2d1fde Pull correct variable for etcd initial variable
This shouldn't use the `inventory_hostname` variable, as that will just yield the same variable, but rather use the `host` which we're looping over.
2016-04-29 14:37:01 +02:00
Antoine Legrand
391b155a98 Merge pull request #216 from cmluciano/cml/fixubuntu
Fix ansible dict error on Ubuntu 14.04
2016-04-25 14:54:17 +02:00
Christopher M Luciano
47982ea21c Use ansible array format instead of dot-notation.
This fixes the ansible error ```'dict object' has no attribute
'ansible_default_ipv4'"}```. Closes #215
2016-04-25 08:45:58 -04:00
Smana
97de82bbcc upgrade weave to v1.5.0 with cni 2016-04-20 17:09:09 +02:00
Smana
928bbeaf0f upgrade calico v0.19.0, calico-cni v1.2.1 2016-04-19 18:28:45 +02:00
Rob Hirschfeld
107da007b1 Merge branch 'master' into flagfixes12 2016-04-12 18:44:06 -07:00
Rob Hirschfeld
fb980e4542 missed tick in message
cosmetic
2016-04-12 18:43:31 -07:00
Rob Hirschfeld
f12ad6a56f consolidate EPEL change into a single task
as per @smana request
2016-04-12 18:41:46 -07:00
Smaine Kahlouch
5691086ba2 Merge pull request #164 from oneswig/master
Provide a non-default hostname for CoreOS systems.
2016-04-12 17:18:33 +02:00
Rob Hirschfeld
831a54e9b7 add code to detect if epel is already installed and skip it if it is
add option for generic
2016-04-11 16:44:56 -05:00
Smana
3cd89bed45 Kubernetes upgrade to 1.2.2 2016-04-11 12:19:09 +02:00
Smana
48a85ce8f8 use docker repository to install on CentOS 2016-04-11 11:17:14 +02:00
Smana
936927a54f Fix docker install on rhel7 2016-04-10 22:08:13 +02:00
Smana
5c22133492 fix add nodes to the cluster 2016-04-08 07:45:39 +02:00
Smana
b03093be73 update kubectl bash completion
change hyperkube image repository
2016-04-05 15:27:06 +02:00
Smana
bc44d5deb3 upgrade to kubernetes v1.2.1 2016-04-05 12:59:18 +02:00
Smana
850b7466cd remove deprecation warns and update doc 2016-04-04 10:14:56 +02:00
Stig Telfer
bf96b92def Merge branch 'master' into coreos-fixes 2016-04-02 21:01:28 +01:00
Stig Telfer
ab21f4d169 Define empty default objects for docker package management.
On CoreOS where there is no package management, perform zero-trip
loops instead of throwing an exception for iterating over a member
of an undefined variable.
2016-04-02 20:55:17 +01:00
Stig Telfer
64a39fdb86 Use var for bin dir instead of assuming /usr/local/bin
On CoreOS the binaries are not installed in /usr/local/bin.
2016-04-02 20:53:33 +01:00
ant31
7237a925eb Add kubernetes.default.svc in certs dns 2016-04-01 12:40:01 +02:00
teuto.net Netzdienste GmbH
8cbdf73eba Changed path to hosts ssl certs from /usr/share/ca-certificates to /etc/ssl/certs/ which fixes https problems in kube-controller-manager and kube-apiserver (#189) caused by the lack of certificates on debian and redhat based systems. 2016-04-01 09:34:28 +02:00
teuto.net Netzdienste GmbH
624a964cda Implemented Dynamic Provisioning of PersistentVolumes with cinder
When kubespray is deployed on OpenStack, the kube-controller-manager is now aware of the cluster and can create new cinder volumes automatically if the PersistentVolumeClaims are annotated accordingly.
Note that this is an alpha feature of kubernetes 1.2
2016-03-31 14:38:46 +02:00
Smaine Kahlouch
a14dfe74e1 Merge pull request #188 from teutostack/warnings-removal
Fixing deprecation warnings regarding bare variables and apt
2016-03-30 11:57:57 +02:00
teuto.net Netzdienste GmbH
a192111e6a Reverted deletion of "changed_when: False" for Task "Install python-dnf for latest RedHat versions". Deleted "changed_when: False" on Task "Install latest version of python-apt for Debian distribs" to get notified when kubespray has installed a new package version. 2016-03-30 11:21:36 +02:00
teuto.net Netzdienste GmbH
4271dd6645 using apt module instead of command module to install python-apt 2016-03-30 10:39:33 +02:00
teuto.net Netzdienste GmbH
457ed11b49 fixed deprecation warnings regarding bare variables 2016-03-30 10:23:43 +02:00
teuto.net Netzdienste GmbH
9f8da6c225 Implemented cloud-provider integration for OpenStack.
Currently kubespray does not install kubernetes in a way that allows cinder volumes to be used. This commit provides the necessary cloud configuration file and configures kubelet and kube-apiserver to use it.
2016-03-29 15:17:22 +02:00
Smaine Kahlouch
68fafd030d choose between gce and aws cloud providers 2016-03-23 17:27:06 +01:00
Smaine Kahlouch
e8aec5f4f0 Don't call the apiserver when the server is master only 2016-03-22 13:25:41 +01:00
Smaine Kahlouch
c51ed4bbb7 use master election option instead of podmaster 2016-03-21 22:25:09 +01:00
Smaine Kahlouch
ba4ad51c26 add aufs-tools package for debian 2016-03-21 17:25:14 +01:00
Antoine Legrand
785b84fd43 Upgrade to docker 1.10.3 2016-03-21 16:54:14 +01:00
Antoine Legrand
15ce66b2f5 Kubernetes 1.2.0 2016-03-21 16:54:14 +01:00
Smaine Kahlouch
7e6d7caf4b Dnsmasq runs on all nodes 2016-03-21 11:37:35 +01:00
ant31
6297e5ea93 Use dnsmasq inside pods 2016-03-19 23:41:27 +01:00
Antoine Legrand
72807965a8 Upload files to a separate storage 2016-03-04 17:39:02 +01:00
Antoine Legrand
611c7744a1 Remove submodules 2016-03-04 16:14:01 +01:00
Smana
ede3aad2ab flannel backend type option 2016-03-04 14:55:04 +01:00
Smana
62218c1497 upgrade calicoctl to v0.17.0 2016-03-02 10:42:31 +01:00
Smana
cb3cc6f523 adding option --proxy-mode for kubeproxy 2016-02-29 11:41:08 +01:00
Smaine Kahlouch
87fd8415da Merge pull request #163 from Smana/upgrade_kube_v1.1.8
Upgrade kuberenetes to v1.1.8
2016-02-26 23:25:00 +01:00
Stig Telfer
edcd5bf67f Provide a non-default hostname for CoreOS systems.
A freshly-installed CoreOS system does not always have a hostname configured.
This causes problems for etcd and BGP mesh configuration for Calico.
Assign the Ansible inventory name as hostname as part of CoreOS bootstrap,
if the hostname is the default ("localhost").
2016-02-26 13:43:07 +00:00
Smana
9528caa1d7 Upgrade kuberenetes to v1.1.8 2016-02-25 17:35:38 +01:00
Smaine Kahlouch
3f32e5973f Merge pull request #158 from Smana/calico_nat_outgoing_opt
calico: enabling nat outgoing by default
2016-02-24 12:11:34 +01:00
Stig Telfer
ff03c82151 On CoreOS, /etc/hosts does not always exist. 2016-02-23 12:04:58 +00:00
Smana
152c409022 calico: enabling nat outgoing by default 2016-02-21 17:11:49 +01:00
Smana
fca384e24c first version of CoreOS on GCE
Please enter the commit message for your changes. Lines starting
2016-02-21 00:06:36 +01:00
Spencer Smith
20adb604cc confirmed working change to mktemp command 2016-02-18 15:56:10 -05:00
Smana
39caf94790 update hyperkube version 2016-02-18 16:38:25 +01:00
Smana
b013b125bc Upgrade Calico and etcd 2016-02-15 12:41:27 +01:00
Smana
01397678df upgrade kubernetes to 1.1.7 2016-02-15 10:57:45 +01:00
Smana
c3a8f379e8 rollback to docker 1.9 2016-02-13 15:38:42 +01:00
Smana
c0cf506fb4 install epel-release on RHEL7 2016-02-13 13:15:08 +01:00
Smana
a649aa8b7e use ansible_service_mgr to detect init system 2016-02-13 11:46:53 +01:00
Smana
91fca69aa0 generate secrets on deployment machine
test travis with sudo=true instead of required
2016-02-13 06:51:54 +01:00
Antoine Legrand
3fef552978 Docker 1.10.1 2016-02-13 06:19:47 +01:00
ntfrnzn
a4e32c748a pin docker version actually 2016-02-12 14:45:09 -08:00
ntfrnzn
c48bc34a34 pin docker versions to 1.9 or earlier 2016-02-12 14:40:13 -08:00
ant31
4ee3699933 Add weave to tests 2016-02-11 10:57:54 +01:00
Smaine Kahlouch
05c8a29688 Merge branch 'master' into weave_network_plugin 2016-02-10 18:33:48 +01:00
Smana
793d665db4 specify weave version 2016-02-10 18:19:03 +01:00
Greg Althaus
6f1fe0cda2 Force kube-proxy to bind to local address 2016-02-10 10:53:22 -06:00
Smana
ab007e4ab8 weave network plugin 2016-02-09 17:55:12 +01:00
Smaine Kahlouch
4f92417a5d split network plugins into distinct roles 2016-02-09 11:42:00 +01:00
Smana
b2d6626363 fix some issues with fedora 23 and dnf 2016-02-03 21:26:49 +01:00
Smaine Kahlouch
779299de15 calico uses --ip option 2016-02-01 15:53:23 +01:00
Antoine Legrand
7e94d31c8b Merge branch 'master' into increase_timeout 2016-02-01 14:32:25 +01:00
ant31
21b0a3649d Increase liveness timeout 2016-02-01 13:41:49 +01:00
Smaine Kahlouch
3bb6066558 add option '--nat-outgoing' for calico on clouds 2016-02-01 10:47:34 +01:00
Smaine Kahlouch
64be24dd20 Merge pull request #123 from Smana/install_epel_rhel
install epel release for rhel
2016-02-01 10:46:10 +01:00
Smaine Kahlouch
4d3f6c6533 install epel release for rhel
install required packages before common

roles/kubernetes/preinstall/tasks/main.yml
2016-01-31 22:12:34 +01:00
Greg Althaus
6163fe166e Update docker for CentOS issues in AWS and general
variables.

1. AWS has issues with ext4 (use xfs instead for CentOS only)
2. Make sure all the centos config files are include in the systemd config
3. Make sure that network options are set in the correct file by os family

This allows downstream items like opencontrail and others change variables
in expected locations.
2016-01-30 21:46:32 -06:00
Smaine Kahlouch
6358cf788f etcd initd startup command fix 2016-01-30 22:31:41 +01:00
Antoine Legrand
b33713da4a Change calico condition --ipip 2016-01-29 14:07:21 +01:00
Antoine Legrand
83c1bd516d Update calico.yml 2016-01-29 12:23:29 +01:00
Antoine Legrand
5d24cabc83 Merge pull request #116 from ansibl8s/calico_on_cloud
Add --ipip to calico if on cloud_proivder
2016-01-28 20:28:15 +01:00
Antoine Legrand
7127e6de54 Add --ipip to calico if on cloud_proivder 2016-01-28 20:13:50 +01:00
Greg Althaus
bedcca922c Add variables and defaults for multiple types of ip addresses.
Each node can have 3 IPs.
1. ansible_default_ip4 - whatever ansible things is the first IPv4 address
   usually with the default gw.
2. ip - An address to use on the local node to bind listeners and do local
   communication.  For example, Vagrant boxes have a first address that is the
   NAT bridge and is common for all nodes.  The second address/interface should
   be used.
3. access_ip - An address to use for node-to-node access.  This is assumed to
   be used by other nodes to access the node and may not be actually assigned
   on the node.  For example, AWS public ip that is not assigned to node.

This updates the places addresses are used to use either ip or access_ip and walk
up the list to find an address.
2016-01-27 16:05:39 -06:00
Smaine Kahlouch
a323335d36 use 'kube_pods_subnet' var for flannel conf 2016-01-27 22:00:12 +01:00
Smaine Kahlouch
8d71d56809 update submodules and documentation 2016-01-27 17:02:41 +01:00
Antoine Legrand
cf472a6b4c Merge pull request #107 from ansibl8s/race_condition_api_master
Slowdown apimaster restart
2016-01-26 18:00:47 +01:00
ant31
fd6ac61afc Use local etcd/etcdproxy for calico 2016-01-26 17:28:30 +01:00
Antoine Legrand
4566d60e6f Slowdown apimaster restart 2016-01-26 15:23:16 +01:00
Antoine Legrand
49a7278563 Set perms on unarchive 2016-01-26 12:17:33 +01:00
Antoine Legrand
b9781fa7c2 Symlink dnsmasq conf 2016-01-26 00:30:29 +01:00
Smaine Kahlouch
90ffb8489a fix some handlers 2016-01-25 22:49:24 +01:00
Greg Althaus
e7d5b7af67 Force owner and permissions for get_url retrieved
files.  get_url doesn't honor owner and mode is spotty.
2016-01-25 13:30:48 -06:00
Greg Althaus
c7bd2a2a1e Need to use separate stanzas for each repo because the
args are different.  Sigh.
2016-01-25 11:16:56 -06:00
Smaine Kahlouch
baaa6efc2b workaround_ha_apiserver 2016-01-25 12:07:32 +01:00
ant31
56b92812fa Fix systemd reload and calico unit 2016-01-25 10:54:07 +01:00
ant31
f5508b1794 Use update_cache when possible 2016-01-25 02:06:34 +01:00
Greg Althaus
bcd6ecb7fb Add flannel vars to enable vagrant and amazon environments 2016-01-24 16:18:35 +01:00
Antoine Legrand
b4734c280a Merge branch 'master' into add_users_role 2016-01-24 15:58:10 +01:00
Antoine Legrand
dd61f685b8 AddUser Role 2016-01-24 11:54:34 +01:00
Smaine Kahlouch
4984b57aa2 use rsync instead of command 2016-01-23 18:26:07 +01:00
Smaine Kahlouch
283c4169ac run apiserver as a service
reorder master handlers

typo for sysvinit
2016-01-23 14:21:04 +01:00
Smaine Kahlouch
5edc81c627 moving kube-cert group into group_vars 2016-01-22 17:18:45 +01:00
Smaine Kahlouch
391413f7e7 missing commits for the PR #86 2016-01-22 17:10:31 +01:00
Smaine Kahlouch
87b42e34e0 create kube-cert group task 2016-01-22 16:51:54 +01:00
Smaine Kahlouch
be0bec9eab add kube-cert group 2016-01-22 16:46:06 +01:00
Smaine Kahlouch
cb59559835 use command instead of synchronize 2016-01-22 16:37:07 +01:00
Antoine Legrand
078b67c50f Remove downloader host 2016-01-22 09:59:39 +01:00
Greg Althaus
32877bdc7b Merge branch 'master' into etcd-sync 2016-01-21 13:13:58 -06:00
Greg Althaus
ec1073def8 Test for a systemd service that should be up. 2016-01-21 11:35:15 -06:00
Greg Althaus
28e530e005 Fix etcd synchronize to other nodes from the downloader 2016-01-21 11:21:25 -06:00
Smaine Kahlouch
de038530ef don't run gitinfos by default 2016-01-21 13:41:01 +01:00
Smaine Kahlouch
337977e868 script which gives info about the deployment state
fix script location
2016-01-21 13:41:01 +01:00
Smaine Kahlouch
9715962356 etcd directly in host
fix etcd configuration for nodes

fix wrong calico checksums

using a var name etcd_bin_dir

fix etcd handlers for sysvinit

using a var name etcd_bin_dir

sysvinit script

review etcd configuration
2016-01-21 11:36:11 +01:00
Smaine Kahlouch
a5094f2a6a move /etc/hosts configuration in 'preinstall' role 2016-01-20 17:37:23 +01:00
Greg Althaus
fe5ec398bf Use IP is specified, otherwise use the ansible discovered address.
This fixes cases for use in Vagrant environments.
2016-01-20 08:34:39 -06:00
Antoine Legrand
859f6322a0 Merge branch 'master' into add_set_remote_user 2016-01-19 21:08:52 +01:00
Greg Althaus
10b2466d82 run_once only works if master[0] is first in inventory list
of all nodes.
2016-01-19 13:10:54 -06:00
Antoine Legrand
f68d8f3757 Add seT_remote_user in synchronize 2016-01-19 14:20:05 +01:00
Antoine Legrand
9b083b62cf Rename tasks 2016-01-19 14:20:05 +01:00
Smaine Kahlouch
b54af6b42f reduce dns timeout 2016-01-19 13:49:33 +01:00
Smaine Kahlouch
7cab7e5fef restarting kubelet is sometimes required after docker restart 2016-01-19 13:47:07 +01:00
Smaine Kahlouch
4c5735cef8 configure dnsmasq to listen on localhost only 2016-01-19 13:34:30 +01:00
Smaine Kahlouch
58e1db6aae update kubedns submodule 2016-01-19 13:32:53 +01:00
Smaine Kahlouch
63ae6ba5b5 dnsmasq runs on all nodes 2016-01-19 10:31:47 +01:00
Smaine Kahlouch
f58b4d3dd6 dnsmasq listens on localhost 2016-01-19 10:29:33 +01:00
Smaine Kahlouch
d3a8584212 add timeout options to resolv.conf 2016-01-19 10:18:53 +01:00
ant31
4271126bae Change hyperkube repo 2016-01-18 17:17:08 +01:00
Smaine Kahlouch
049f5015c1 upgrade hyperkube image version 2016-01-18 16:55:57 +01:00
Smaine Kahlouch
6ab671c88b update memcached submodule 2016-01-18 16:25:01 +01:00
Smaine Kahlouch
d73ac90acf udpate k8s-pgbouncer submodule 2016-01-18 11:58:12 +01:00
Smaine Kahlouch
adf6e2f7b1 update postgres submodule 2016-01-18 11:44:33 +01:00
Smaine Kahlouch
806834a6e9 upgrade kubernetes to 1.1.4 and calico to 0.14.0 2016-01-17 21:30:11 +01:00
Smaine Kahlouch
8415634016 use google hyperkube image 2016-01-16 22:55:49 +01:00
Smaine Kahlouch
8127e8f8e8 Flannel running as pod 2016-01-15 13:03:27 +01:00
Smaine Kahlouch
51a0996087 fix regexp for resolv.conf 2016-01-15 12:18:03 +01:00
ant31
5d61b5e813 Fix namespace 2016-01-14 16:22:37 +01:00
ant31
b769636435 Ansible 2.0 2016-01-13 16:40:24 +01:00
Smaine Kahlouch
eab2cec0ad fix kubectl perms 2016-01-08 16:02:40 +01:00
Smaine Kahlouch
0b17a4c00f Merge pull request #45 from jcsirot/fix-calico-systemd
Fix calico with systemd
2016-01-08 11:34:58 +01:00
ant31
f49aa90bf7 fix synchronize pull mode 2016-01-08 11:32:06 +01:00
Jean-Christophe Sirot
6f9148e994 Fix calico with systemd 2016-01-08 10:32:43 +01:00
Antoine Legrand
7913d62749 Merge pull request #44 from ansibl8s/travis
Travis  tests
2016-01-07 23:46:02 +01:00
Smaine Kahlouch
d5320961e9 enforce user root when sudo is used 2016-01-05 15:33:23 +01:00
ant31
9c461e1018 Use inline update for resolv.conf 2016-01-05 12:31:49 +01:00
ant31
9a03249446 Add travis tests 2016-01-05 12:31:49 +01:00
ant31
8fa0110e28 Remove local dep. downloader 2016-01-04 16:10:29 +01:00
Smaine Kahlouch
99d16913d3 use bin_dir var in init scripts 2016-01-04 14:35:01 +01:00
Smaine Kahlouch
d172457504 sysvinit scripts 2016-01-04 14:30:37 +01:00
Smaine Kahlouch
6103d673b7 New calico's configuration 2016-01-04 14:30:37 +01:00
Smaine Kahlouch
29bf90a858 review handlers for sysvinit 2016-01-04 14:30:37 +01:00
ant31
e3cdb3574a Rework download role 2015-12-31 16:12:16 +01:00
Smaine Kahlouch
15cd1bfc56 rename env file 2015-12-31 14:55:06 +01:00
Smaine Kahlouch
be5fe9af54 never report changed for init system detection 2015-12-31 14:54:15 +01:00
Smaine Kahlouch
7006d56ab8 split role download and preinstall 2015-12-31 14:07:02 +01:00
Smaine Kahlouch
1695682d85 handle sysvinit 2015-12-31 14:05:55 +01:00
Smaine Kahlouch
1d1d8b9c28 add nodnsupdate hook for RedHat 2015-12-31 14:04:08 +01:00
Smaine Kahlouch
98fe2c02b2 review local tasks 2015-12-31 10:28:47 +01:00
Smaine Kahlouch
92c2a9457e rename role common to kubernetes/preinstall 2015-12-31 10:03:22 +01:00
Smaine Kahlouch
dbb6f4934e common role in order to support other linux distribs 2015-12-30 22:26:45 +01:00
Smaine Kahlouch
9f07f2a951 install docker on a largest number of linux distribution (based on https://github.com/marklee77/ansible-role-docker) 2015-12-30 22:26:45 +01:00
Smaine Kahlouch
b72e220126 remove carriage return 2015-12-30 14:02:22 +01:00
Smaine Kahlouch
e0f460d9b5 copy template dnsmasq pod and remove handlers 2015-12-30 14:02:22 +01:00
Smaine Kahlouch
2bd6b83656 increase etcd timeout value again 2015-12-30 14:02:22 +01:00
ant31
2df70d6a3d Docker dnsmasq 2015-12-30 14:02:22 +01:00
Smaine Kahlouch
6f4f170a88 remove useless etcd download, runs into docker containers 2015-12-30 09:50:02 +01:00
Smaine Kahlouch
3f3b03bc99 increase timeout value for etcd wait_for 2015-12-29 21:37:17 +01:00
Smaine Kahlouch
c9d9ccf025 move network-environment template into node role, required by kubelet 2015-12-29 21:36:51 +01:00
ant31
e378f4fb14 Install calico-plugin before running calico 2015-12-28 22:04:39 +01:00
Antoine Legrand
5c15d14f12 Run etcd as pod 2015-12-28 22:04:39 +01:00
Antoine Legrand
b45747ec86 Merge pull request #37 from ansibl8s/apiserver_https
Apiserver https
2015-12-28 13:00:46 +01:00
ant31
d597f707f1 use backup file 2015-12-24 19:23:21 +01:00
Smaine Kahlouch
595e93e6da Peer with router configuration is made on the first etcd node 2015-12-24 13:56:53 +01:00
Smaine Kahlouch
5f4e01cec5 new version of logstash submodule 2015-12-22 16:38:40 +01:00
Smaine Kahlouch
7c9c609ac4 calico uses loadbalancer address for apiserver 2015-12-22 08:45:14 +01:00
Smaine Kahlouch
680864f95c don't sync certs on masters, already done in another task 2015-12-21 14:24:57 +01:00
Smaine Kahlouch
7315d33e3c use ip for etcd proxies even when hostnames are used in the inventory 2015-12-21 14:24:10 +01:00
Smaine Kahlouch
b2afbfd4fb don't touch if the file exists 2015-12-21 14:23:33 +01:00
Smaine Kahlouch
ab694ee291 Install python-httplib2 required packaged 2015-12-21 12:00:42 +01:00
Smaine Kahlouch
bba3525cd8 use loadbalancer when that's possible 2015-12-21 09:13:48 +01:00
Smaine Kahlouch
2c816f66a3 Check calico network pool 2015-12-20 16:51:14 +01:00
Smaine Kahlouch
d585ceaf3b set permissions on network-environment file 2015-12-19 12:32:06 +01:00
Smaine Kahlouch
fec1dc9041 A single file for tokens tasks 2015-12-19 11:00:22 +01:00
Smaine Kahlouch
e7e03bae9f calico talks to apiserver with https 2015-12-18 22:22:52 +01:00
Smaine Kahlouch
c6d65cb535 remove temporary workaround due to node reboot issue with calico 2 2015-12-18 13:25:46 +01:00
Smaine Kahlouch
a0746a3efd remove temporary workaround due to node reboot issue with calico 2015-12-18 13:22:32 +01:00
Smaine Kahlouch
970aab70e1 Upgrade calico version to v0.13.0, fixes the node reboot issue 2015-12-18 13:10:26 +01:00
Smaine Kahlouch
4561dd327b remove deprecated var CALICOCTL_PATH 2015-12-18 13:09:42 +01:00
Smaine Kahlouch
b155e8cc7b Fix error in ETCD_INITIAL_CLUSTER loop 2015-12-18 11:22:56 +01:00
Smaine Kahlouch
9046b7b1bf Configure calico pool on an etcd server 2015-12-18 10:16:03 +01:00
Antoine Legrand
3c450191ea User etcd node ip in initial cluster 2015-12-17 22:47:19 +01:00
Antoine Legrand
184bb8c94d Use 0755 mode for binaries 2015-12-17 22:46:50 +01:00
Smaine Kahlouch
9914229484 using ip address instead of inventory_hostname for kube-proxy 2015-12-17 10:43:06 +01:00
Smaine Kahlouch
b3841659d7 Review role order, use master ip even when fqdn are used in the inventory 2015-12-16 23:49:01 +01:00
Smaine Kahlouch
3a349b8519 Using var file for etcd service 2015-12-16 21:43:29 +01:00
ant31
44ac355aa7 Update depedencies 2015-12-16 18:01:52 +01:00
ant31
958c770bef Update ports 2015-12-16 17:43:26 +01:00
ant31
6012230110 Merge branch 'ha_master' of https://github.com/ansibl8s/setup-kubernetes into ha 2015-12-15 17:42:01 +01:00
Smaine Kahlouch
c91a3183d3 manage undefined vars for loadbalancing 2015-12-15 16:51:55 +01:00
ant31
693230ace9 Merge branch 'ha_master' of https://github.com/ansibl8s/setup-kubernetes into ha 2015-12-15 16:28:49 +01:00
ant31
f21f660cc5 Use kube_apiserver_port 2015-12-15 16:27:12 +01:00
Smaine Kahlouch
953f482585 kube-proxy loadbalancing, need an external loadbalancer 2015-12-15 15:20:08 +01:00
Smaine Kahlouch
4055980ce6 ha apiservers for kubelet 2015-12-15 13:14:27 +01:00
Smaine Kahlouch
e2984b4fdb ha etcd with calico 2015-12-15 11:49:11 +01:00
Smaine Kahlouch
2fc8b46996 etcd can run on a distinct cluster 2015-12-14 10:39:13 +01:00
Smaine Kahlouch
5efc09710b Renaming hyperkube image vars 2015-12-14 09:54:58 +01:00
Smaine Kahlouch
9862afb097 Upgrade kubernetes to v1.1.3 2015-12-13 16:41:18 +01:00
Smaine Kahlouch
59994a6df1 Quickstart documentation 2015-12-12 19:37:08 +01:00
Smaine Kahlouch
0a1b92f348 cluster log level variable 'kube_log_level' 2015-12-12 19:37:08 +01:00
Smaine Kahlouch
af9b945874 add the loadbalancer address to ssl certs 2015-12-12 19:37:08 +01:00
Smaine Kahlouch
3cbcd6f189 Calico uses the loadbalancer to reach etcd if 'loadbalancer_address' is defined. The loadbalancer has to be configured first 2015-12-12 19:37:08 +01:00
Smaine Kahlouch
1568cbe8e9 optionnal api runtime extensions 2015-12-12 19:37:08 +01:00
Smaine Kahlouch
eb4dd5f19d update kubectl bash completion 2015-12-12 19:37:08 +01:00
Smaine Kahlouch
f49620517e running kubernetes master processes as pods 2015-12-12 19:37:08 +01:00
Smaine Kahlouch
ef8a46b8c5 Doesn't manage firewall, note: has to be disabled before running the playbook 2015-12-12 19:37:08 +01:00
Smaine Kahlouch
47c211f9c1 upgrading docker version 2015-12-12 19:37:08 +01:00
Smaine Kahlouch
b23b8aa3de dnsmasq with multi master arch 2015-12-12 19:37:08 +01:00
Smaine Kahlouch
3981b73924 download only required kubernetes binaries 2015-12-12 19:37:08 +01:00
Smaine Kahlouch
b66cc67b6f Configure network-environment with a single template 2015-12-12 19:37:08 +01:00
Smaine Kahlouch
83c1105192 Configuring calico pool once, before starting calico-node 2015-12-12 19:37:08 +01:00
Smaine Kahlouch
d1e19563b0 Master and nodes will run the 'node' role, kube-proxy is run under a container, new script for ssl certs 2015-12-12 19:37:08 +01:00
Smaine Kahlouch
3014dfef24 Clustering etcd for ha masters 2015-12-12 19:37:08 +01:00
ant31
b92fa01e05 Remove etcd dir 2015-12-10 23:17:12 +01:00
ant31
625efc85af Merge branch 'master' of https://github.com/ansibl8s/setup-kubernetes 2015-12-10 20:47:15 +01:00
ant31
d30474d305 Add k8s-etcd 2015-12-10 20:46:33 +01:00
Smaine Kahlouch
9cecc30b6d changing proxy mode to default 'userspace', issues with 'iptables' 2015-12-09 15:03:57 +01:00
Smaine Kahlouch
563be70728 disable bgp for master 2015-12-03 15:38:44 +01:00
Smaine Kahlouch
a03f3739dc Add kubectl bash completion, missing script 2015-12-01 15:45:31 +01:00
Smaine Kahlouch
bfe78848fa Add kubectl bash completion 2015-12-01 12:13:22 +01:00
Smaine Kahlouch
126d4e36c8 Fix kube-proxy on master 2015-11-30 16:41:22 +01:00
Smaine Kahlouch
97c4edc028 Add api runtime config option, review kubernetes handlers 2015-11-27 12:32:31 +01:00
Smaine Kahlouch
f74c195d47 updated submodule postgres 2015-11-26 14:16:49 +01:00
Smaine Kahlouch
b9e56dd435 Update postgres submodule 2015-11-26 09:34:37 +01:00
ant31
ede5f9592a Add kube-logstash submodule 2015-11-25 14:49:20 +01:00
Smaine Kahlouch
895a02e274 change calico pool configuration order 2015-11-22 22:32:45 +01:00
Smaine Kahlouch
4a9a82ca86 include kubernetes config 2015-11-22 18:04:50 +01:00
Smaine Kahlouch
4c2f757fe8 Add kubedash and monitoring submodule 2015-11-22 18:01:25 +01:00
Smaine Kahlouch
5762d8f301 upgrade flannel and etcd version 2015-11-22 13:35:00 +01:00
Smaine Kahlouch
d3f35e12a2 Simplify docker role, cbr0 for calico isn't required anymore 2015-11-22 13:33:13 +01:00
Smaine Kahlouch
d7b7db34fa move task service kube-api to the end of role master 2015-11-21 17:01:43 +01:00
Antoine Legrand
7f73bb5522 Keep workaround 2015-11-21 14:04:42 +01:00
Smaine Kahlouch
795ce8468d Calico systemd unit improvement (status, stop) 2015-11-21 13:20:39 +01:00
ant31
fb6dd60f52 Rollback 1.8.3 docker 2015-11-20 16:49:02 +01:00
Smaine Kahlouch
e427591545 upgrade kubernetes version to 1.1.2 2015-11-20 16:48:50 +01:00
ant31
323155b0e1 Fix docker 2015-11-20 14:04:13 +01:00
ant31
f368faf66b Remove --kube-plugin-version 2015-11-20 11:56:16 +01:00
ant31
8fa7811b63 Remove workaround 2015-11-20 11:36:32 +01:00
ant31
c352df6fc8 Add Backup 2015-11-20 11:18:37 +01:00
Antoine Legrand
57e1831f78 Update calico to 0.11.0 2015-11-20 10:38:39 +01:00
Smaine Kahlouch
3f411bffe4 include config file into systemd unit file 2015-11-16 22:22:19 +01:00
Smaine Kahlouch
5cc29b77aa add option proxy mode iptables for better performances 2015-11-16 22:21:17 +01:00
Smaine Kahlouch
70aa68b9c7 move task network-environment 2015-11-16 22:20:41 +01:00
Smaine Kahlouch
7efaf30d36 update calico-node command line for version 0.10.0 2015-11-16 22:19:19 +01:00
Smaine Kahlouch
0b164bec02 add option proxy mode iptables for better performances 2015-11-16 22:17:21 +01:00
Smaine Kahlouch
3f8f0f550b remove duplicate task 2015-11-16 22:16:36 +01:00
Smaine Kahlouch
d6a790ec46 default docker template condition 2015-11-16 22:15:43 +01:00
Smaine Kahlouch
8eef0db3ec upgrade binaries version 2015-11-16 22:15:12 +01:00
Smaine Kahlouch
2b3543d0ee Merge branch 'master' of https://github.com/ansibl8s/setup-kubernetes 2015-11-02 13:46:23 +01:00
Smaine Kahlouch
c997860e1c move vars for api socket into group_vars 2015-11-02 13:46:08 +01:00
Smaine Kahlouch
27b0980622 Merge pull request #11 from ansibl8s/replace_default_ipv4_by_var
Add IP var
2015-11-02 13:41:55 +01:00
Smaine Kahlouch
3fb9101e40 default value for 'peer_with_router' 2015-11-02 13:41:03 +01:00
ant31
3bf74530ce Add IP var 2015-11-01 11:12:12 +01:00
Smaine Kahlouch
f6e4cc530c manage default value for 'peer_with_router' var 2015-10-30 16:18:39 +01:00
Smaine Kahlouch
f0eb963f5e Tag v1.0 of redis 2015-10-28 10:44:38 +01:00
Smaine Kahlouch
f216302f95 Calico is not a network overlay 2015-10-27 15:49:07 +01:00
Smaine Kahlouch
b98227e9a4 update submodules postgres and kubedns with changes 2015-10-23 16:39:15 +02:00
Smaine Kahlouch
8e585cfdfe agencing vars into submodules 2015-10-23 09:54:44 +02:00
Smaine Kahlouch
73e240c644 Running apps after cluster setup 2015-10-21 14:03:39 +02:00
Smaine Kahlouch
6381e75769 move k8s-postgres tag 2015-10-19 11:11:40 +02:00
Smaine Kahlouch
3427119577 adding submodules again 2015-10-18 22:10:30 +02:00
Smaine Kahlouch
73084a8377 remove apps directories 2015-10-18 21:41:19 +02:00
Smaine Kahlouch
af5e35e938 Configure bgp peering with border routers of dc 2015-10-15 09:40:02 +02:00
Smaine Kahlouch
f1647d621e update submodules 2015-10-14 17:38:40 +02:00
Smaine Kahlouch
fb13b42db9 add postgres submodule 2015-10-14 13:30:17 +02:00
Smaine Kahlouch
72096c8b1b add submodules 2015-10-14 12:01:40 +02:00
Smaine Kahlouch
fec609053c use ansible-galaxy 2015-10-14 11:42:45 +02:00
Smaine Kahlouch
6183a4d3b1 dns vars for skydns submodule 2015-10-13 17:12:59 +02:00
Smaine Kahlouch
481d16d5ad tag 'apps' 2015-10-12 17:31:04 +02:00
Smaine Kahlouch
347bc4a79c remove fluentd configuration on nodes 2015-10-12 17:28:17 +02:00
Smaine Kahlouch
9c1f722f8d Fix common directory 2015-10-12 14:26:55 +02:00
Smaine Kahlouch
c105e20ac9 Role common required 2015-10-12 14:13:53 +02:00
Smaine Kahlouch
4281506322 moving apps submodules to the directory roles/apps 2015-10-12 13:12:29 +02:00
Smaine Kahlouch
f9395f7259 add submodule postgres 2015-10-12 13:06:41 +02:00
Smaine Kahlouch
9c1543c3db tag v1.0 for skydns 2015-10-10 22:07:27 +02:00
Smaine Kahlouch
a5849938d4 add submodule skydns 2015-10-10 21:52:47 +02:00
Smaine Kahlouch
ca977d7681 tag version v1.0 of kube-ui 2015-10-08 16:19:08 +02:00
Smaine Kahlouch
7841d4d3c9 Add submodule/role kube-ui 2015-10-08 14:01:25 +02:00
Antoine Legrand
e46adbca8a Add submodules 2015-10-08 10:58:29 +02:00
Smaine Kahlouch
6b798d87d1 Docker garbage collection is already managed by kubelet daemon 2015-10-08 09:21:49 +02:00
Smaine Kahlouch
6b6a5ceeae docker-gc executable cron task 2015-10-05 14:22:36 +02:00
Smaine Kahlouch
67be137e01 move fabric8 addon to 'default' namespace 2015-10-05 12:01:48 +02:00
Smaine Kahlouch
c26d2e17cd Addon Fabric8 2015-10-05 11:27:13 +02:00
Smaine Kahlouch
e74ad80fe4 Readme v2 2015-10-04 10:55:52 +02:00
Smaine Kahlouch
00c562828f Initial commit 2015-10-03 22:19:50 +02:00