Matthew Mosesohn
85c851f519
scale down coredns on each master during graceful upgrade ( #5344 )
...
This fixes the scenario where masters are upgraded one at a time
and coredns gets improperly scaled back up to 2 replicas.
Change-Id: I7cc9283f40efcfd61b5813c89a5805c95d901567
2019-11-18 00:13:41 -08:00
Yumo Yang
5cd7d1a3c9
modify host.yml in README.md ( #5338 )
2019-11-17 18:15:40 -08:00
Matthew Mosesohn
8b67159239
Do not run kubeadm upgrade on first deploy ( #5339 )
...
Change-Id: I68a962a9dd28c83ef07eaeaf53eb98287f38bca9
2019-11-14 02:05:34 -08:00
LuciferInLove
4f70da2731
Added Amazon Linux 2 support for deploying with docker ( #5301 )
2019-11-11 07:05:41 -08:00
Matthew Mosesohn
db5040e6ea
Set certs and files with kubeadm token to mode 0640 ( #5325 )
...
Change-Id: I298496e55a6889c158b2085fcadeda5e679a873e
2019-11-11 05:41:41 -08:00
Jacopo Secchiero
97764921ed
Fix calico name resolution ( #5291 )
2019-11-11 04:01:41 -08:00
Michée lengronne
a6853cb79d
library files added to setup.cfg ( #5274 )
...
It hopefully ensures the usability of Kubespray as pip.
2019-11-11 03:59:41 -08:00
Bjoern Teipel
8c15db53b2
Fix helm for Kubernetes 1.16.2 ( #5332 )
...
Since upgrading k8s beyond 1.16.0 version, helm init does
no longer work with helm < 2.16.0 due to
https://github.com/helm/helm/issues/6374
This PR closes issue #5331
2019-11-11 03:53:41 -08:00
Julien Pervillé
0200138a5d
Pass ingress_nginx_extra_args
when deploying the nginx-ingress addon ( #5321 )
2019-11-11 03:51:40 -08:00
Florent Monbillard
14af98ebdc
Respect cri-tool supported version matrix ( #5241 )
...
| Kubernetes Version | cri-tools Version |
|--------------------|-------------------|
| 1.16.x | v1.16.0 |
| 1.15.X | v1.15.0 |
| 1.14.X | v1.14.0 |
| 1.13.X | v1.13.0 |
| 1.12.X | v1.12.0 |
| 1.11.X | v1.11.1 |
- Upgrade to cri-tools 1.16.1
- Add checksums for cri-tools 1.16.1
2019-11-11 03:45:42 -08:00
YichenWong
8a5434419b
fix useradd etcd ( #5281 )
2019-11-11 03:27:41 -08:00
Quentin Gliech
8a406be48a
Fix indentation in cilium-ds.yml template ( #5305 )
2019-11-11 03:25:41 -08:00
Johannes Scheuermann
feac802456
Remove default docker_options from sample ( #5287 )
2019-11-11 03:23:40 -08:00
Junho Suh
076f254a67
Add cilium_tunnel_mode variable to the cilium config ( #5295 )
2019-11-11 03:19:42 -08:00
holmesb
bc3a8a0039
Fixes issue #5299 ( #5300 )
2019-11-11 03:13:41 -08:00
Dmitry Chusovitin
45d151a69d
containerd installation on Debian ( #5326 )
2019-11-11 02:41:41 -08:00
Matthew Mosesohn
bd014c409b
Skip coredns image when evaluating kubeadm images ( #5327 )
...
It will be enabled correctly in downloads
Change-Id: Ief0b7aa2a8ee2ba6a6849820802f8542584b2c04
Related-story: PRODX-1171
2019-11-09 00:51:39 -08:00
Michael Shen
08421aad3d
[FIX] fix incorrect link to downloads documentation ( #5319 )
2019-11-07 03:50:42 -08:00
Matthew Mosesohn
1c25ed669c
Remove unnecessary and risky reload network for resolvconf propagation ( #5322 )
...
Change-Id: I54d706f7941b4b86c4c6cd45340295577155b884
2019-11-06 10:11:52 -08:00
Matthew Mosesohn
a005d19f6f
Enable systemd-resolved DNS resolution mode ( #5318 )
...
Change-Id: If3e253a40782e03cde7fc4a91493517ae31fda17
2019-11-06 03:33:52 -08:00
Matthew Mosesohn
471589f1f4
Scale down coredns created by kubeadm upgrade to 0 replicas ( #5308 )
...
Change-Id: I128b0f9c1acbb956d9a6c4e5510b45a36e296af7
2019-11-05 03:34:38 -08:00
Ali Sanhaji
b0ee1f6cc6
Deploy Cinder CSI driver to provision volumes over OpenStack ( #5184 )
...
* Deploy Cinder CSI driver to provision volumes over OpenStack
* Deploy Cinder CSI StorageClass
* Cinder CSI doc
2019-11-01 00:59:24 -07:00
Pierre Ozoux
79128dcd6b
Removes repetition. ( #5310 )
2019-10-30 06:12:53 -07:00
Samina Fu
dd7e1469e9
Fix typo of docs/dns-stack ( #5307 )
2019-10-30 02:00:55 -07:00
Matthew Mosesohn
186ec13579
Fix incorrect suggestion to enable old k8s apis ( #5292 )
...
Change-Id: If965cc6aa0daaca232dcf2ca0efd649aa097497f
2019-10-30 01:58:53 -07:00
Matthew Mosesohn
2c4e6b65d7
Raise delay and retry for rotate tokens ( #5304 )
...
Change-Id: I87844b43b9a18064e7a99567ce57c1ca1ffcc4a8
2019-10-30 01:56:52 -07:00
Eric Lake
108a6297e9
Terraform dynamic inventory 0.12.12 ( #5298 )
...
* Update parsing of terraform state file for 0.12.12
* Resource does not seem to have a module element but instead has
provider
* Return the boolean right way if it is already a bool since a bool does
not have an lower method
* Remove the setting of ansible_ssh_user to root for all Packet
Not all servers in packet are accessed as root by default. CoreOS
systems use the `core` user. Removing this allows the user to specify
the remote user with an extra_var or in an ansible.cfg file.
* Default to root user for packet devices except on CoreOS
* Update TF_VERSION for packet in tf-validate-packet
Update TV_VERSION to 0.12.12 for gitlab-ci tf-validate-packet tests
* convert packet terraform files to TV_VERSION 4
* initalize terraform before copying the variable file to the top level dir
2019-10-29 00:02:42 -07:00
Matthew Mosesohn
94d4ce5a6f
Retry cleaning up calico-node container ( #5302 )
...
Change-Id: Iad27b107860213759c7ae51f0891d7e5e7c6d96b
2019-10-28 05:11:25 -07:00
Matthew Mosesohn
81da231b1e
Set cluster DNS in kubeadm config for kubelet dynamic config ( #5293 )
...
Change-Id: I23116efefe8626d361d1904fc6fb8448f66cf3c5
2019-10-25 02:23:40 -07:00
Ludovic Muller
1a87dcd9b9
readme: update url to the Kubernetes documentation page for Kubespray ( #5294 )
2019-10-24 22:39:39 -07:00
Matthew Mosesohn
a1fff30bd9
Generate TLS certs for calico typha ( #5258 )
...
* Generate TLS certs for calico typha
Change-Id: I3883f49c124c52d0fc5b900ca2b44e4e2ed0d707
* Add group vars note
Change-Id: I63550dfef616e884efdbd42010a90b2c04c5eb69
2019-10-17 07:02:38 -07:00
Sergey
81d57fe658
set calico_datastore default value in role kubespray-default ( #5259 )
2019-10-17 05:58:38 -07:00
Sergey
3118437e10
check on all cluster node - kubelet_max_pods <= (2 ** (32 - kube_network_node_prefix | int)) - 2 ( #5279 )
2019-10-17 05:48:38 -07:00
Sergey
65e461a7c0
download container always been on download_delegate host ( #5177 )
...
* download container always been on download_delegate host
* fix also check pull required
2019-10-17 05:38:38 -07:00
Michael Oglesby
c672681ce5
Revert Pull Request #5084 ( #5120 )
...
Kubespray Pull Request #5084 (https://github.com/kubernetes-sigs/kubespray/pull/5084 ) caused more problems than it solved due to limitations with the synchronize module. See comments on Kubespray Issues #5059 (https://github.com/kubernetes-sigs/kubespray/issues/5059 ) and #5116 (https://github.com/kubernetes-sigs/kubespray/issues/5116 ). Details from Ansible documentation: "Currently, synchronize is limited to elevating permissions via passwordless sudo. This is because rsync itself is connecting to the remote machine and rsync doesn’t give us a way to pass sudo credentials in. ... Currently there are only a few connection types which support synchronize (ssh, paramiko, local, and docker) because a sync strategy has been determined for those connection types. Note that the connection for these must not need a password as rsync itself is making the connection and rsync does not provide us a way to pass a password to the connection. ..." Thus, reverting Pull Request #5084 .
2019-10-17 05:26:37 -07:00
yelhouti
d332a254ee
install python3 instead of python2 for fedora >= 30 fixes 5056, fixes 4802 ( #5111 )
2019-10-17 05:04:38 -07:00
Sean Sube
f3c072f6b6
ignore gpg files in inventory ( #5209 )
2019-10-16 20:22:39 -07:00
Matthew Rapa
3debb8aab5
add KUBELET_VOLUME_PLUGIN to kubelet.env ( #5128 )
2019-10-16 20:08:38 -07:00
YichenWong
aada6e7e40
Add etcd_data_dir variable to the kubeadm config ( #5263 )
2019-10-16 19:50:39 -07:00
Matthew Mosesohn
ac60786c6f
Add support for restart handlers for control plane on crio/containerd ( #5250 )
...
* Add support for restart handlers for control plane on crio/containerd
Change-Id: I8343cc4e9df7f55b732628ed01cc6e7ea5dcee85
* Update main.yml
2019-10-16 18:58:39 -07:00
Hugo Blom
db33dc6938
Add support for Kubernetes 1.16.2 ( #5272 )
...
* Add support for Kubernetes 1.16.1
* Defaults to 1.16.1
* add 1.16.2 checksums and set new version as default
* correct 1.16.2 checksums and add 1.15.5 checksums
2019-10-16 18:34:38 -07:00
Hugo Blom
9dfb25cafd
fix typo ( #5275 )
2019-10-16 18:26:38 -07:00
Maxime Guyot
df8d2285b6
Update ingress-nginx to v0.26.1 ( #5268 )
2019-10-16 18:22:39 -07:00
Matthew Mosesohn
af6456d1ea
Fix selector for calico-typha deployment ( #5253 )
...
Change-Id: I79f43379cbe1c495cb416f0572e65f695d5ec2b8
2019-10-16 07:53:42 -07:00
Maxime Guyot
6f57f7dd2f
Update nginx image to latest ( #5270 )
2019-10-16 04:37:42 -07:00
Dennis Field
fd2ff675c3
Clarify process for upgrading more than one version ( #5264 )
...
Since it is unsupported to skip upgrades, I've detailed the steps for upgrading a step at a time and removed some language that indicated it should work
2019-10-16 04:35:41 -07:00
Xiaodu
bec23c8a41
Add k8s v1.15.4 hashes ( #5235 )
2019-10-16 04:33:41 -07:00
Robin Elfrink
faaff8bd72
Add RotateCertificates to kubelet config if kubelet_rotate_certificates is set. ( #5152 )
...
Signed-off-by: Robin Elfrink <robin.elfrink@eu.equinix.com>
2019-10-16 04:31:41 -07:00
andreyshestakov
8031c6c1e7
Update template for dashboard to support v2.x ( #5187 )
...
Secrets and ConfigMap should be created before dashboard pod run.
2019-10-16 04:29:41 -07:00
Erwan Miran
9d8fc8caad
Fix getting nameserver and search for /etc/resolv.conf with comments ( #5197 )
2019-10-16 04:27:40 -07:00