Brad Beam
72a0d78b3c
Merge pull request #1585 from mattymo/canal_upgrade
...
Fix upgrade for canal and apiserver cert
2017-08-29 18:45:21 -05:00
Matthew Mosesohn
13d08af054
Fix upgrade for canal and apiserver cert
...
Fixes #1573
2017-08-29 22:08:30 +01:00
Eric Hoffmann
6c30a7b2eb
update calico version
...
update calico releases link
2017-08-28 16:23:51 -07:00
Matthew Mosesohn
76b72338da
Add CNI config for rkt kubelet ( #1579 )
2017-08-28 21:11:01 +03:00
Chad Swenson
a39e78d42d
Initial version of Flannel using CNI ( #1486 )
...
* Updates Controller Manager/Kubelet with Flannel's required configuration for CNI
* Removes old Flannel installation
* Install CNI enabled Flannel DaemonSet/ConfigMap/CNI bins and config (with portmap plugin) on host
* Uses RBAC if enabled
* Fixed an issue that could occur if br_netfilter is not a module and net.bridge.bridge-nf-call-iptables sysctl was not set
2017-08-25 10:07:50 +03:00
Brad Beam
4550dccb84
Fixing reference to vault leader url ( #1569 )
2017-08-24 23:21:39 +03:00
Hassan Zamani
01ce09f343
Add feature_gates var for customizing Kubernetes feature gates ( #1520 )
2017-08-24 23:18:38 +03:00
Brad Beam
71dca67ca2
Merge pull request #1508 from tmjd/update-calico-2-4-0
...
Update Calico to 2.4.1 release.
2017-08-24 14:57:29 -05:00
Yuki KIRII
a98b866a66
Verify if br_netfilter module exists ( #1492 )
2017-08-24 17:47:32 +03:00
Xavier Mehrenberger
3aabba7535
Remove discontinued option --reconcile-cidr if kube_network_plugin=="cloud" ( #1568 )
2017-08-24 17:01:30 +03:00
Mohamed Mehany
c22cfa255b
Added private key file to ssh bastion conf ( #1563 )
...
* Added private key file to ssh bastion conf
* Used regular if condition insted of inline conditional
2017-08-24 17:00:45 +03:00
Matthew Mosesohn
6bb3463e7c
Enable scheduling of critical pods and network plugins on master
...
Added toleration to DNS, netchecker, fluentd, canal, and
calico policy.
Also small fixes to make yamllint pass.
2017-08-24 10:41:17 +01:00
Brad Beam
8b151d12b9
Adding yamllinter to ci steps ( #1556 )
...
* Adding yaml linter to ci check
* Minor linting fixes from yamllint
* Changing CI to install python pkgs from requirements.txt
- adding in a secondary requirements.txt for tests
- moving yamllint to tests requirements
2017-08-24 12:09:52 +03:00
Ian Lewis
ecb6dc3679
Register standalone master w/ taints ( #1426 )
...
If Kubernetes > 1.6 register standalone master nodes w/ a
node-role.kubernetes.io/master=:NoSchedule taint to allow
for more flexible scheduling rather than just marking unschedulable.
2017-08-23 16:44:11 +03:00
riverzhang
49a223a17d
Update elrepo-release rpm version ( #1554 )
2017-08-23 09:54:51 +03:00
Brad Beam
e5cfdc648c
Adding ability to override max ttl ( #1559 )
...
Prior this would fail because we didnt set max ttl for vault temp
2017-08-23 09:54:01 +03:00
Erik Stidham
9f9f70aade
Update Calico to 2.4.1 release.
...
- Switched Calico images to be pulled from quay.io
- Updated Canal too
2017-08-21 09:33:12 -05:00
Matthew Mosesohn
ca3050ec3d
Update to Kubernetes v1.7.3 ( #1549 )
...
Change kubelet deploy mode to host
Enable cri and qos per cgroup for kubelet
Update CoreOS images
Add upgrade hook for switching from kubelet deployment from docker to host.
Bump machine type for ubuntu-rkt-sep
2017-08-21 10:53:49 +03:00
Vijay Katam
97031f9133
Make epel-release install configurable ( #1497 )
2017-08-20 14:03:10 +03:00
Vijay Katam
c92506e2e7
Add calico variable that enables ignoring Kernel's RPF Setting ( #1493 )
2017-08-20 14:01:09 +03:00
Kevin Lefevre
65a9772adf
Add OpenStack LBaaS support ( #1506 )
2017-08-20 13:59:15 +03:00
Anton
1e07ee6cc4
etcd_compaction_retention every 8 hour ( #1527 )
2017-08-20 13:55:48 +03:00
Miad Abrin
3c710219a1
Fix Some Typos in kubernetes master role ( #1547 )
...
* Fix Typo etc3 -> etcd3
* Fix typo in post-upgrade of master. stop -> start
2017-08-20 13:54:28 +03:00
Maxim Krasilnikov
2ba285a544
Fixed deploy cluster with vault cert manager ( #1548 )
...
* Added custom ips to etcd vault distributed certificates
* Added custom ips to kube-master vault distributed certificates
* Added comment about issue_cert_copy_ca var in vault/issue_cert role file
* Generate kube-proxy, controller-manager and scheduler certificates by vault
* Revert "Disable vault from CI (#1546 )"
This reverts commit 781f31d2b8
.
* Fixed upgrade cluster with vault cert manager
* Remove vault dir in reset playbook
2017-08-20 13:53:58 +03:00
Antoine Legrand
72ae7638bc
Merge pull request #1446 from matlockx/master
...
add possibility to ignore the hostname override
2017-08-18 17:03:40 +02:00
Xavier Lange
3bfad5ca73
Bump etcd to 3.2.4 ( #1468 )
2017-08-18 17:12:33 +03:00
Matthew Mosesohn
df28db0066
Fix cert and netchecker upgrade issues ( #1543 )
...
* Bump tag for upgrade CI, fix netchecker upgrade
netchecker-server was changed from pod to deployment, so
we need an upgrade hook for it.
CI now uses v2.1.1 as a basis for upgrade.
* Fix upgrades for certs from non-rbac to rbac
2017-08-18 15:46:22 +03:00
Jan Jungnickel
20183f3860
Bump Calico CNI Plugin to 1.8.0 ( #1458 )
...
This aligns calico component versions with Calico release 2.1.5 and
fixes an issue with nodes being unable to schedule existing workloads
as per [#349 ](https://github.com/projectcalico/cni-plugin/issues/349 )
2017-08-18 15:40:14 +03:00
Matthew Mosesohn
2645e88b0c
Fix vault setup partially ( #1531 )
...
This does not address per-node certs and scheduler/proxy/controller-manager
component certs which are now required. This should be handled in a
follow-up patch.
2017-08-18 15:09:45 +03:00
Brad Beam
af007c7189
Fixing netchecker-server type - pod => deployment ( #1509 )
2017-08-14 18:43:56 +03:00
Seungkyu Ahn
b22bef5cfb
Apply RBAC to efk and create fluentd.conf
...
Making fluentd.conf as configmap to change configuration.
Change elasticsearch rc to deployment.
Having installed previous elastaicsearch as rc, first should delete that.
2017-08-11 05:31:50 +00:00
Brad Beam
1155008719
Merge pull request #1481 from magnon-bliex/fluentd-template-fix-typo
...
fixed typo in fluentd-ds.yml.j2
2017-08-10 08:19:59 -05:00
Brad Beam
383d582b47
Merge pull request #1382 from jwfang/rbac
...
basic rbac support
2017-08-07 08:01:51 -05:00
Spencer Smith
6eacedc443
Merge pull request #1483 from delfer/patch-3
...
Update flannel from 0.6.2 to 0.8.0
2017-08-01 13:57:43 -04:00
Spencer Smith
e55f8a61cd
Merge pull request #1482 from bradbeam/fix1393
...
Removing run_once in these tasks so that etcd ca certs get propogated…
2017-07-31 13:47:18 -04:00
Spencer Smith
cb6892d2ed
Merge pull request #1469 from hzamani/etcd_metrics
...
Add etcd metrics flag
2017-07-31 09:04:07 -04:00
Spencer Smith
43eda8d878
Merge pull request #1471 from whereismyjetpack/fix_1447
...
add newline after expanding user information
2017-07-31 09:03:04 -04:00
nico
cc9f3ea938
Fix enforce-node-allocatable option
...
Closes #1228
pods is default enforcement
see https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/
add
update
2017-07-31 10:06:53 +02:00
Alexander Chumakov
8bc717a55c
Update flannel from 0.6.2 to 0.8.0
2017-07-29 10:54:31 +03:00
Brad Beam
d09222c900
Removing run_once in these tasks so that etcd ca certs get propogated properly to worker nodes
...
without this etcd ca certs dont exist on worker nodes causing calico to fail
2017-07-28 14:34:47 -05:00
magnon-bliex
38eb1d548a
fixed typo
2017-07-28 14:10:13 +09:00
Anton
e0960f6288
FIX: Unneded (extra) cycles in some tasks ( #1393 )
2017-07-27 20:46:21 +03:00
timtoum
3e457e4edf
Enable weave seed mode for kubespray ( #1414 )
...
* Enable weave seed mode for kubespray
* fix task Weave seed | Set peers if existing peers
* fix mac address variabilisation
* fix default values
* fix include seed condition
* change weave var to default values
* fix Set peers if existing peers
2017-07-26 19:09:34 +03:00
Dann Bohn
c4894d6092
add newline after expanding user information
2017-07-25 12:59:10 -04:00
Hassan Zamani
3fb0383df4
Add etcd metrics flag
2017-07-25 20:00:30 +04:30
Spencer Smith
ee36763f9d
Merge pull request #1464 from johnko/patch-4
...
set loadbalancer_apiserver_localhost default true
2017-07-25 10:00:56 -04:00
Spencer Smith
955c5549ae
Merge pull request #1402 from Lendico/fix_failed_when
...
"failed_when: false" and "|succeeded" checks for registered vars
2017-07-25 09:33:43 -04:00
Spencer Smith
4a34514b21
Merge pull request #1447 from whereismyjetpack/template_known_users
...
Template out known_users.csv, optionally add groups
2017-07-25 08:55:08 -04:00
Brad Beam
20f29327e9
Merge pull request #1379 from gdmello/etcd_data_dir_fix
...
Custom `etcd_data_dir` saves etcd data to host, not container
2017-07-20 09:30:18 -05:00
John Ko
018b5039e7
set loadbalancer_apiserver_localhost default true
...
to match this https://github.com/kubernetes-incubator/kubespray/blob/master/roles/kubernetes/node/tasks/main.yml#L20
and the documented behaviour in HA docs
related to #1456
@rsmitty
2017-07-20 10:27:05 -04:00