C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
1812 commits 17 branches 66 tags 141 MiB
Commit graph

1812 commits

This branch
This branch
All branches
Author SHA1 Message Date
Matthew Mosesohn
f9ef55c796 Merge pull request #1152 from mattymo/redhat_weave 
Fix weave on RHEL deployment
 2017-03-19 16:45:20 +03:00
Matthew Mosesohn
182a2e682f Merge pull request #1149 from mattymo/centos-retries 
Retry yum/apt/rpm download commands
 2017-03-18 11:12:36 +03:00
Matthew Mosesohn
579a6299c0 Add helm deployment 2017-03-17 20:24:41 +03:00
Matthew Mosesohn
9e507f365a Merge pull request #1157 from rutsky/remove-change-k8s-version 
remove obsolete script
 2017-03-17 20:23:34 +03:00
Vladimir Rutsky
86658bc5ee remove obsolete script 
Currently Kubernetes version can be selected using "kube_version" variable.
 2017-03-17 20:09:36 +03:00
Matthew Mosesohn
bf72882a8f Merge pull request #1156 from rutsky/patch-5 
fix jinja package name
 2017-03-17 20:08:36 +03:00
Vladimir Rutsky
6c45d868ff fix jinja package name 
Jinja 2.* releases are published under `Jinja2` name.
 2017-03-17 20:07:49 +03:00
Matthew Mosesohn
dd56342361 Retry yum/apt/rpm download commands, fix succeeded filter 2017-03-17 18:56:26 +03:00
Matthew Mosesohn
b060d3279c Merge pull request #1146 from mattymo/resolvconf_optimize 
Condense resolvconf sources before starting loop
 2017-03-17 18:42:32 +03:00
Matthew Mosesohn
446a4bbdc8 Fix weave on RHEL deployment 
Reduce retry delay checking weave
Always load br_netfilter module
 2017-03-17 18:17:47 +03:00
Matthew Mosesohn
a5876a1ac8 Merge pull request #1136 from adidenko/fix-calico-policy-order 
Move calico-policy-controller into separate role
 2017-03-17 17:32:14 +03:00
Aleksandr Didenko
1adf231512 Move calico-policy-controller into separate role 
By default Calico CNI does not create any network access policies
or profiles if 'policy' is enabled in CNI config. And without any
policies/profiles network access to/from PODs is blocked.

K8s related policies are created by calico-policy-controller in
such case. So we need to start it as soon as possible, before any
real workloads.

This patch also fixes kube-api port in calico-policy-controller
yaml template.

Closes #1132
 2017-03-17 11:21:52 +01:00
Matthew Mosesohn
9454acde87 Merge pull request #1147 from mattymo/calico-update 
Update calico to 1.1.0-rc8
 2017-03-17 13:17:41 +03:00
Matthew Mosesohn
2586d01345 Condense resolvconf sources before starting loop 2017-03-17 13:06:56 +03:00
Matthew Mosesohn
7575d83467 Merge pull request #1148 from VincentS/patch-1 
Fixed Formatting / Ansbile-Playbook Command Upgrade Cluster
 2017-03-16 19:55:59 +03:00
Vincent Schwarzer
9c4d668548 Fixed Formatting / Ansbile-Playbook Command 
- added -b and fixed typo in ansible-playbook command 
- fixed formatting issue
 2017-03-16 17:53:48 +01:00
Matthew Mosesohn
3ee77a08cd Update calico to 1.1.0-rc8 
Fixes bug in CentOS/RHEL in felix related to overlayfs driver.
 2017-03-16 19:23:36 +03:00
Matthew Mosesohn
bf5bf13003 Merge pull request #1087 from bradbeam/openstack 
Adding openstack domain id
 2017-03-16 17:53:14 +03:00
Matthew Mosesohn
7e13e17d9f Merge pull request #1108 from idcrook/issue_1107-docker-versioning 
Adding Docker CE 'stable' and 'edge' version packages
 2017-03-16 16:32:13 +03:00
Matthew Mosesohn
af82710e09 Merge pull request #1141 from mattymo/idempotency2 
More idempotency fixes
 2017-03-16 12:29:42 +03:00
Matthew Mosesohn
ad03f3ac84 Merge branch 'master' into idempotency2 2017-03-16 09:29:43 +03:00
Matthew Mosesohn
261aeb6112 Merge pull request #1138 from mattymo/idempotency-fixes 
Idempotency fixes for etcd certs and resolvconf tasks
 2017-03-16 09:20:28 +03:00
Bogdan Dobrelya
6b69174ec2 Merge pull request #1109 from pcm32/feature/fixTerraformOS 
Restores working order of contrib/terraform/openstack
 2017-03-15 17:15:35 +01:00
Matthew Mosesohn
fad22bae97 More idempotency fixes 
Fixed sync_tokens fact
Fixed sync_certs for k8s tokens fact
Disabled register docker images changability
Fixed CNI dir permission
Fix idempotency for etcd pre upgrade checks
 2017-03-15 19:06:39 +03:00
Matthew Mosesohn
7b5d6c7a06 Merge pull request #1137 from holser/bug/1135 
Turn on iptables for flannel
 2017-03-15 17:06:42 +03:00
Bogdan Dobrelya
bc565cb111 Merge pull request #1140 from VincentS/jinja28 
Added Jinja 2.8 to Docs
 2017-03-15 13:18:53 +01:00
Vincent Schwarzer
59f2934c53 Added Jinja 2.8 to Docs 
Added Jinja 2.8 Requirements to docs and pip requirements file which
is needed to run the current Ansible Playbooks.
 2017-03-15 13:11:09 +01:00
Matthew Mosesohn
8540df89e0 Merge pull request #1139 from VincentS/docu_fix 
Fix for CoreOS Docu
 2017-03-15 15:06:41 +03:00
Vincent Schwarzer
eabea728c6 Fixed CoreOS Docu 
CoreOS docu was referencing outdated bootstrap playbook that
is now part of kargo itself.
 2017-03-15 13:04:01 +01:00
Matthew Mosesohn
20247b9c0a Merge pull request #1080 from VincentS/Granular_Auth_Control 
Granular authentication Control
 2017-03-15 13:12:51 +03:00
Matthew Mosesohn
210d9503f3 Merge pull request #1117 from mattymo/etcd3-upgrade 
Migrate k8s data to etcd3 api store
 2017-03-15 12:56:06 +03:00
Matthew Mosesohn
4287993811 Make resolvconf preinstall idempotent 2017-03-15 01:20:13 +04:00
Sergii Golovatiuk
97a7f1c4a5 Turn on iptables for flannel 
Closes: #1135
Closes: #1026
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
 2017-03-14 17:54:55 +01:00
Vincent Schwarzer
ea1f072c7e Granular authentication Control 
It is now possible to deactivate selected authentication methods
(basic auth, token auth) inside the cluster by adding
removing the required arguments to the Kube API Server and generating
the secrets accordingly.

The x509 authentification is currently not optional because disabling it
would affect the kubectl clients deployed on the master nodes.
 2017-03-14 16:57:35 +01:00
Matthew Mosesohn
8450ff00cc Merge pull request #1134 from mattymo/1.6-support 
Explicitly set cni-bin-dir
 2017-03-14 17:53:08 +03:00
Matthew Mosesohn
25b366dd98 Migrate k8s data to etcd3 api store 
Default backend is now etcd3 (was etcd2).
The migration process consists of the following steps:
* check if migration is necessary
* stop etcd on first etcd server
* run migration script
* start etcd on first etcd server
* stop kube-apiserver until configuration is updated
* update kube-apiserver
* purge old etcdv2 data
 2017-03-14 17:50:20 +03:00
Matthew Mosesohn
bb66bb19e8 Fix etcd idempotency 2017-03-14 17:23:29 +03:00
Matthew Mosesohn
e486dabc42 Merge pull request #1078 from VincentS/oidc_support 
Added Support for OpenID Connect Authentication
 2017-03-14 12:07:21 +03:00
Matthew Mosesohn
944fa9d975 Explicitly set cni-bin-dir 2017-03-13 20:13:21 +03:00
Matthew Mosesohn
f2900d65e1 Merge pull request #1118 from mattymo/noderolelabels 
Add node labels in kubelet
 2017-03-13 19:04:21 +03:00
Connz
c90578d3ad Fixed nova command to get available flavors 
The nova command for getting the flavors is not
nova list-flavors
but
nova flavor-list
 2017-03-09 11:10:25 +01:00
Cesarini, Daniele
d7f5fdc0c5 Adding /O=system:masters to admin certificate 
Issue #1125. Make RBAC authorization plugin work out of the box.
"When bootstrapping, superuser credentials should include the system:masters group, for example by creating a client cert with /O=system:masters. This gives those credentials full access to the API and allows an admin to then set up bindings for other users."
 2017-03-08 14:42:25 +00:00
Antoine Legrand
f9298ef39a Merge pull request #1116 from kubernetes-incubator/contrib_docs 
Reference external documentation sources
 2017-03-07 13:33:25 +01:00
David Crook
9e6983a11f updated debian and ubuntu package names based on testing 
docker-ce is not the .deb package until the repositories are switched over to new "downloads" docker webserver
 2017-03-06 16:54:39 -07:00
David Crook
32d1edf0b9 removed irrelevant comments 2017-03-06 16:02:53 -07:00
David Crook
b1d701ae47 Merge branch 'master' into issue_1107-docker-versioning 2017-03-06 16:00:31 -07:00
Antoine Legrand
7be48d351b Merge pull request #1120 from bradbeam/fixtags 
Removing cloud_provider tag to fix scenario where cloud_provider is n…
 2017-03-06 19:00:41 +01:00
Brad Beam
0c96b5d3fc Removing cloud_provider tag to fix scenario where cloud_provider is not defined 2017-03-06 10:52:38 -06:00
Matthew Mosesohn
8065a2355c Add node labels in kubelet 
Related-issue: https://github.com/kubernetes/community/issues/300
Upgraded nodes do not obtain labels automatically.
See https://github.com/kubernetes/kubernetes/pull/29459 for more details.
 2017-03-06 17:18:42 +03:00
Vincent Schwarzer
18298bfeb7 Rewrote AWS Terraform for Kargo 
Rewrote AWS Terraform deployment for AWS Kargo. It supports now
multiple Availability Zones, AWS Loadbalancer for Kubernetes API,
Bastion Host, ...

For more information see README
 2017-03-06 12:52:02 +01:00