Matthew Mosesohn
9fa1873a65
Add kube dashboard, enabled by default ( #1643 )
...
* Add kube dashboard, enabled by default
Also add rbac role for kube user
* Update main.yml
2017-09-09 23:38:03 +03:00
Matthew Mosesohn
f29a42721f
Clean up debug in check apiserver test ( #1638 )
...
* Clean up debug in check apiserver test
* Change password generation for kube_user
Special characters are not allowed in known_users.csv file
2017-09-08 15:47:13 +03:00
Matthew Mosesohn
7117614ee5
Use a generated password for kube user ( #1624 )
...
Removed unnecessary root user
2017-09-06 20:20:25 +03:00
Maxim Krasilnikov
9bce364b3c
Update auth enabled methods in group_vars example ( #1625 )
2017-09-06 15:10:18 +03:00
Matthew Mosesohn
ca3050ec3d
Update to Kubernetes v1.7.3 ( #1549 )
...
Change kubelet deploy mode to host
Enable cri and qos per cgroup for kubelet
Update CoreOS images
Add upgrade hook for switching from kubelet deployment from docker to host.
Bump machine type for ubuntu-rkt-sep
2017-08-21 10:53:49 +03:00
Kevin Lefevre
65a9772adf
Add OpenStack LBaaS support ( #1506 )
2017-08-20 13:59:15 +03:00
Brad Beam
460b5824c3
Merge pull request #1448 from lancomsystems/log-rotataion-example
...
Add logging options to default docker options
2017-08-10 08:30:23 -05:00
Spencer Smith
cb6892d2ed
Merge pull request #1469 from hzamani/etcd_metrics
...
Add etcd metrics flag
2017-07-31 09:04:07 -04:00
nico
cc9f3ea938
Fix enforce-node-allocatable option
...
Closes #1228
pods is default enforcement
see https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/
add
update
2017-07-31 10:06:53 +02:00
timtoum
3e457e4edf
Enable weave seed mode for kubespray ( #1414 )
...
* Enable weave seed mode for kubespray
* fix task Weave seed | Set peers if existing peers
* fix mac address variabilisation
* fix default values
* fix include seed condition
* change weave var to default values
* fix Set peers if existing peers
2017-07-26 19:09:34 +03:00
Hassan Zamani
3fb0383df4
Add etcd metrics flag
2017-07-25 20:00:30 +04:30
Spencer Smith
4a34514b21
Merge pull request #1447 from whereismyjetpack/template_known_users
...
Template out known_users.csv, optionally add groups
2017-07-25 08:55:08 -04:00
Spencer Smith
927e6d89d7
Merge pull request #1435 from delfer/master
...
Kubernetes upgrade to 1.6.7
2017-07-19 05:23:38 -07:00
Dann Bohn
d1f58fed4c
Template out known_users.csv, optionally add groups
2017-07-14 09:27:20 -04:00
Brad Beam
637f445c3f
Merge pull request #1365 from AtzeDeVries/master
...
Give more control over IPIP, but with same default behaviour
2017-07-12 10:17:17 -05:00
Delfer
9f45eba6f6
Kubernetes upgrade to 1.6.7
2017-07-11 09:11:55 +00:00
AtzeDeVries
e160018826
Fixed conflicts, ipip:true as defualt and added ipip_mode
2017-07-08 14:36:44 +02:00
Julian Poschmann
380fb986b6
Add logging options to default docker options
2017-07-07 12:39:42 +02:00
Vladimir Kozyrev
e26be9cb8a
add private dns server for a specific zone
2017-07-06 16:30:47 +03:00
jwfang
ec2255764a
docker_dns_servers_strict to control docker_dns_servers rtrim
2017-06-26 17:29:12 +08:00
AtzeDeVries
61b74f9a5b
updated to direct control over ipip
2017-06-23 09:16:05 +02:00
AtzeDeVries
7332679678
Give more control over IPIP, but with same default behaviour
2017-06-20 14:50:08 +02:00
Gregory Storme
fff0aec720
add configurable parameter for etcd_auto_compaction_retention
2017-06-14 10:39:38 +02:00
zoues
43408634bb
Merge branch 'master' into master
2017-05-23 09:32:28 +08:00
zouyee
d47fce6ce7
upgrade k8s version to 1.6.4
2017-05-23 09:30:03 +08:00
Spencer Smith
31a7b7d24e
default to kubedns and set nxdomain in kubedns deployment if that's the dns_mode
2017-05-12 15:57:24 -04:00
Vincent Schwarzer
7f0c0a0922
Fix for etcd variable issue
2017-04-12 12:59:49 +02:00
Matthew Mosesohn
ccc11e5680
Upgrade to Kubernetes 1.6.1
2017-04-05 13:26:36 +03:00
Matthew Mosesohn
0f64f8db90
Merge pull request #1155 from mattymo/helm
...
Add helm deployment
2017-03-20 17:00:06 +03:00
Matthew Mosesohn
b69d4b0ecc
Add helm deployment
2017-03-17 20:24:41 +03:00
Aleksandr Didenko
3a39904011
Move calico-policy-controller into separate role
...
By default Calico CNI does not create any network access policies
or profiles if 'policy' is enabled in CNI config. And without any
policies/profiles network access to/from PODs is blocked.
K8s related policies are created by calico-policy-controller in
such case. So we need to start it as soon as possible, before any
real workloads.
This patch also fixes kube-api port in calico-policy-controller
yaml template.
Closes #1132
2017-03-17 11:21:52 +01:00
Matthew Mosesohn
096d96e344
Merge pull request #1137 from holser/bug/1135
...
Turn on iptables for flannel
2017-03-15 17:06:42 +03:00
Sergii Golovatiuk
9667e8615f
Turn on iptables for flannel
...
Closes : #1135
Closes : #1026
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-03-14 17:54:55 +01:00
Vincent Schwarzer
026da060f2
Granular authentication Control
...
It is now possible to deactivate selected authentication methods
(basic auth, token auth) inside the cluster by adding
removing the required arguments to the Kube API Server and generating
the secrets accordingly.
The x509 authentification is currently not optional because disabling it
would affect the kubectl clients deployed on the master nodes.
2017-03-14 16:57:35 +01:00
Vincent Schwarzer
b075960e3b
Added Support for OpenID Connect Authentication
...
To use OpenID Connect Authentication beside deploying an OpenID Connect
Identity Provider it is necesarry to pass additional arguments to the Kube API Server.
These required arguments were added to the kube apiserver manifest.
2017-03-06 12:40:35 +01:00
Antoine Legrand
85596c2610
Merge pull request #1045 from bradbeam/vsphere
...
Adding vsphere cloud provider support
2017-03-06 12:34:05 +01:00
Sergii Golovatiuk
d31c040dc0
Change kube-api default port from 443 to 6443
...
Operator can specify any port for kube-api (6443 default) This helps in
case where some pods such as Ingress require 443 exclusively.
Closes: 820
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-02-28 15:45:35 +01:00
Sergii Golovatiuk
f9ff93c606
Make etcd data dir configurable.
...
Closes : #1073
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-02-27 21:35:51 +01:00
Jan Jungnickel
df476b0088
Initial support for vsphere as cloud provider
2017-02-27 12:51:41 -06:00
Sergii Golovatiuk
a098a32f7d
Uncomment one key/value in all.yml
...
all.yaml shouldn't be empty otherwise ansible won't be able to merge 2
dicts.
Related bug: ansible/issues/21889
2017-02-24 12:25:45 +01:00
Antoine Legrand
eb904668b2
Uncommented group_vars variables
2017-02-24 10:54:25 +01:00
Antoine Legrand
c7d61af332
Comment all variables in group_vars
2017-02-23 14:02:57 +01:00
Antoine Legrand
5f7607412b
Add default var role
2017-02-23 12:07:17 +01:00
Bogdan Dobrelya
712872efba
Rework inventory all by real groups' vars
...
* Leave all.yml to keep only optional vars
* Store groups' specific vars by existing group names
* Fix optional vars casted as mandatory (add default())
* Fix missing defaults for an optional IP var
* Relink group_vars for terraform to reflect changes
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2017-02-23 09:43:42 +01:00
Sergii Golovatiuk
ebf9daf73e
Statically disable iptables management for docker
...
Docker 1.13 changes the behaviour of iptables defaults from allow
to drop. This patch disables docker's iptables management as it was
in Docker 1.12 [1]
[1] https://github.com/docker/docker/pull/28257
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-02-21 19:10:34 +01:00
Matthew Mosesohn
10173525d8
Update Kubernetes to v1.5.3
2017-02-20 18:14:56 +03:00
Matthew Mosesohn
2d65554cb9
Change default network plugin to Calico
2017-02-15 16:15:22 +03:00
Hung Nguyen Viet
d0757ccc5e
Fix typo
2017-02-14 17:18:22 +07:00
Alexander Block
d2e010cbe1
Add kernel upgrade for CentOS
2017-02-10 09:29:12 +01:00
Matthew Mosesohn
60f1936a62
Merge pull request #1004 from galthaus/kubelet-load-modules
...
Allow kubelet to load kernel modules
2017-02-10 09:28:16 +03:00