Bogdan Dobrelya
62313afccc
Fix etc hosts for cluster nodes
...
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2017-01-02 13:20:51 +01:00
Matthew Mosesohn
bd0f787809
Fix etcd cert generation to support large deployments
...
Due to bash max args limits, we should pass all node filenames and
base64-encoded tar data through stdin/stdout instead.
Fixes #832
2016-12-30 12:55:26 +03:00
Bogdan Dobrelya
6e1c0cdd15
Systemd units, limits, and bin path fixes
...
* Add restart for weave service unit
* Reuse docker_bin_dir everythere
* Limit systemd managed docker containers by CPU/RAM. Do not configure native
systemd limits due to the lack of consensus in the kernel community
requires out-of-tree kernel patches.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-28 15:49:42 +01:00
Matthew Mosesohn
2ac2a3ed93
Fix creation and sync of etcd certs
...
Admin certs only go to etcd nodes
Only generate cert-data for nodes that need sync
2016-12-28 14:21:17 +04:00
Matthew Mosesohn
612c5bb5f1
Merge pull request #818 from mattymo/calico-rr-certs
...
Fix calico-rr to use etcd certs instead of kube certs
2016-12-28 08:47:16 +03:00
Matthew Mosesohn
716b590f3b
Fix calico-rr to use etcd certs instead of kube certs
2016-12-27 17:04:50 +03:00
Bogdan Dobrelya
9b29df183b
Rework ignore_errors to report no reds
...
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2016-12-27 13:00:50 +01:00
Bogdan Dobrelya
222859601e
Do not forward bogus domains for upstream resolvers
...
Also fix kube log level 4 to log dnsmasq queries.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-23 11:53:14 +01:00
Matthew Mosesohn
a2c38f5f5f
Update etcd.j2
2016-12-22 22:29:24 +03:00
Matthew Mosesohn
e5374af95c
Adjust etcd server certificates
...
ETCD doesn't need cert/key options set. It only requires peer
cert options.
2016-12-22 23:05:17 +04:00
Spencer Smith
f3f16e3676
Workaround etcdctl not yet being installed ( #797 )
...
workaround case for etcdctl not yet being installed, only allow for return code of 0 (no error)
2016-12-22 12:41:38 -05:00
Matthew Mosesohn
370ad3acba
Merge pull request #760 from genti-t/issue-748-flannel-options
...
Fix Flannel network on CoreOS
2016-12-22 19:02:31 +03:00
Genti Topija
a42b458fdf
Fix Flannel network on CoreOS
...
Resolves : #748
2016-12-22 16:50:04 +01:00
Matthew Mosesohn
5457799aa3
Individual etcd ssl certs
...
Includes hooks for triggering calico, kubelet, and kube-apiserver restarts
if etcd certs changed.
2016-12-22 13:31:11 +03:00
Bogdan Dobrelya
85f31a369e
Merge pull request #786 from mattymo/bug777
...
Add wait for kube-apiserver to kubernetes-apps
2016-12-22 11:02:50 +01:00
Spencer Smith
3575f890fc
create systemd drop-in path if not existent
2016-12-21 13:06:12 -05:00
Bogdan Dobrelya
b103799901
Revert "Do not forward private domains for upstream resolvers"
2016-12-21 15:24:17 +01:00
Matthew Mosesohn
b1eb852207
Add wait for kube-apiserver to kubernetes-apps
...
Fixes #777
2016-12-21 15:39:39 +03:00
Bogdan Dobrelya
f45872b558
Add download_always_pull check and sha256 for docker images
...
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-20 17:02:09 +01:00
Bogdan Dobrelya
763c1aff72
Merge pull request #722 from bogdando/dnsmasq_armors
...
Do not forward private domains for upstream resolvers
2016-12-20 14:25:17 +01:00
Bogdan Dobrelya
072c4e4669
Merge pull request #775 from kubernetes-incubator/register_master
...
Register master node as unschedulable
2016-12-20 14:17:55 +01:00
Bogdan Dobrelya
c147f710ab
Merge pull request #774 from kubernetes-incubator/ant31-patch-2
...
check if calico_peer_rr is defined
2016-12-19 18:19:03 +01:00
Matthew Mosesohn
6a705aa0b5
Fix etcd to-SSL upgrade and task register vars
2016-12-19 15:05:49 +03:00
Bogdan Dobrelya
4d4b0adc03
Do not forward private domains for upstream resolvers
...
Also fix kube log level 4 to log dnsmasq queries.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
Co-authored-by: Matthew Mosesohn <mmosesohn@mirantis.com>
2016-12-19 11:01:41 +01:00
Alexander Block
c43615c765
Register master node as unschedulable
...
Also refactor generation of kubelet args to not repeat args.
2016-12-19 10:47:43 +01:00
Antoine Legrand
c250737b0a
Update main.yml
2016-12-17 20:22:39 +01:00
Antoine Legrand
5c280ef54a
Merge pull request #704 from vwfs/bastion_hosts
...
Add support for bastion hosts
2016-12-17 12:08:49 +01:00
Antoine Legrand
5d46f62718
Merge pull request #763 from bogdando/resolver_fallback
...
Fallback to default resolver if no nameservers
2016-12-17 12:03:41 +01:00
Antoine Legrand
b1841fda76
Merge pull request #766 from kubernetes-incubator/docker12point5
...
Update docker to 1.12.5
2016-12-17 11:55:06 +01:00
Bogdan Dobrelya
e7e0e82f43
Fallback to default resolver if no nameservers
...
Current design expects users to define at least one
nameserver in the nameservers var to backup host OS DNS config
when the K8s cluster DNS service IP is not available and hosts
still have to resolve external or intranet FQDNs.
Fix undefined nameservers to fallback to the default_resolver.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-16 14:51:34 +01:00
Bogdan Dobrelya
7fc0b552a0
Revert "Fix wrong path for dhclient.conf on RedHat/CentOS"
2016-12-16 14:49:26 +01:00
Matthew Mosesohn
42dc2351b1
Update docker to 1.12.5
...
Note the new ubuntu/debian version string change:
https://github.com/docker/docker/issues/29355
2016-12-16 16:30:46 +03:00
Bogdan Dobrelya
fc2f616f94
Merge pull request #745 from kubernetes-incubator/fix_weave_start
...
Fix weave restart after docker daemon restart
2016-12-16 14:06:48 +01:00
Matthew Mosesohn
76e7048f06
Fix weave restart after docker daemon restart
2016-12-16 14:15:22 +03:00
Antoine Legrand
3bf2c0f54f
Merge pull request #757 from kubernetes-incubator/issue754
...
Add dns_domain for each host to /etc/hosts
2016-12-15 21:42:59 +01:00
Bogdan Dobrelya
290433b89f
Merge pull request #755 from kubernetes-incubator/fix_dhclientconf_path
...
Fix wrong path for dhclient.conf on RedHat/CentOS
2016-12-15 19:08:31 +01:00
Bogdan Dobrelya
80a8193d74
Merge pull request #746 from kubernetes-incubator/etcd_ssl_upgrade_fix
...
Fix etcd member list when upgrading ETCD from an old version
2016-12-15 12:31:34 +01:00
Matthew Mosesohn
ab4eb809d4
Add dns_domain for each host to /etc/hosts
...
Fixes #754
2016-12-15 13:34:59 +04:00
Bogdan Dobrelya
c09db6cd54
Merge pull request #749 from kubernetes-incubator/azure_ip_forward
...
Set net.ipv4.ip_forward=1 on all systems, not only on GCE
2016-12-15 10:19:43 +01:00
Alexander Block
2624da6161
Fix wrong path for dhclient.conf on RedHat/CentOS
...
/etc/dhclient.conf is ignored on RedHat/CentOS
Correct location is /etc/dhcp/dhclient.conf
2016-12-15 10:11:16 +01:00
Matthew Mosesohn
3b14519208
Fix etcd member list when upgrading ETCD from an old version
2016-12-15 12:00:45 +04:00
Bogdan Dobrelya
f635d224ed
Merge pull request #721 from adidenko/calico-add-rr
...
Add calico/routereflector support
2016-12-14 17:22:00 +01:00
Smaine Kahlouch
af76813bf4
Merge pull request #708 from vwfs/cloud_network
...
Add support for cloud-provider based networking
2016-12-14 16:23:20 +01:00
Alexander Block
cbcdc7d9a0
Set net.ipv4.ip_forward=1 on all systems, not only on GCE
2016-12-14 15:08:13 +01:00
Aleksandr Didenko
d5a9b34d9e
Add calico/routereflector support
...
Add BGP route reflectors support in order to optimize BGP topology
for deployments with Calico network plugin.
Also bump version of calico/ctl for some bug fixes.
2016-12-14 13:44:10 +01:00
Alexander Block
586ad91300
Add --reconcile-cidr flag to kubelet to support cloud network plugin in 1.4
2016-12-13 17:30:10 +01:00
Alexander Block
6887948537
Add check for azure_route_table_name and add it to all.yml
2016-12-13 17:30:10 +01:00
Alexander Block
5b0034c420
Add pseudo network plugin called "cloud" to use cloud provider for network
...
Allow to let the cloud provider configure proper routing for nodes.
2016-12-13 17:30:10 +01:00
Alexander Block
433eb1dc53
Add support for bastion hosts
2016-12-13 17:29:47 +01:00
Antoine Legrand
e22e4c02db
Merge branch 'master' into standalone_kubelet
2016-12-13 17:26:21 +01:00