woopstar
a94a407a43
Fix duplicate --proxy-client-cert-file and --proxy-client-key-file
2018-03-20 12:08:36 +01:00
Andreas Krüger
8b6a6a5a28
Merge pull request #2487 from MQasimSarfraz/upgrade-playbook-fix
...
Mark "calico-rr" as optional in fact gather
2018-03-19 20:25:24 +01:00
Andreas Krüger
f253691a68
Merge pull request #2347 from hswong3i/multiple_artifacts_dir
...
Support multiple artifacts under individual inventory directory
2018-03-19 12:45:55 +01:00
Andreas Krüger
50e5f0d28b
Merge pull request #2468 from LuckySB/master
...
change expirations period for generated certificate from 10y to 100 years
2018-03-17 19:43:40 +01:00
Chad Swenson
7d33650019
Merge pull request #2462 from woopstar/coredns-patch
...
Add CoreDNS support
2018-03-16 18:33:36 -05:00
MQasimSarfraz
728598b230
Mark "calico-rr" as optional in fact gathering
2018-03-16 21:09:47 +00:00
woopstar
e40368ae2b
Add CoreDNS support with various fixes
...
Added CoreDNS to downloads
Updated with labels. Should now work without RBAC too
Fix DNS settings on hosts
Rename CoreDNS service from kube-dns to coredns
Add rotate based on http://edgeofsanity.net/rant/2017/12/20/systemd-resolved-is-broken.html
Updated docs with CoreDNS info
Added labels and fixed minor settings from official yaml file: https://github.com/kubernetes/kubernetes/blob/release-1.9/cluster/addons/dns/coredns.yaml.sed
Added a secondary deployment and secondary service ip. This is to mitigate dns timeouts and create high resitency for failures. See discussion at 'https://github.com/coreos/coreos-kubernetes/issues/641#issuecomment-281174806 '
Set dns list correct. Thanks to @whereismyjetpack
Only download KubeDNS or CoreDNS if selected
Move dns cleanup to its own file and import tasks based on dns mode
Fix install of KubeDNS when dnsmask_kubedns mode is selected
Add new dns option coredns_dual for dual stack deployment. Added variable to configure replicas deployed. Updated docs for dual stack deployment. Removed rotate option in resolv.conf.
Run DNS manifests for CoreDNS and KubeDNS
Set skydns servers on dual stack deployment
Use only one template for CoreDNS dual deployment
Set correct cluster ip for the dns server
2018-03-16 21:51:37 +01:00
Brad Beam
4ff17cb5a5
Merge pull request #2457 from MQasimSarfraz/vsphere-volumes-rbac
...
Fix vsphere cloud_provider RBAC permissions
2018-03-16 14:08:49 -05:00
Qasim Sarfraz
8ee2091955
Merge pull request #3 from kubernetes-incubator/master
...
Sync Upstream
2018-03-16 17:21:54 +01:00
Sergey Bondarev
3fac550090
Merge remote-tracking branch 'upstream/master'
2018-03-16 14:09:54 +03:00
Andreas Krüger
d29a1db134
Merge pull request #2461 from woopstar/patch-11
...
Add support to kubeadm too
2018-03-16 08:24:31 +01:00
Andreas Krüger
653d97dda4
Merge pull request #2472 from woopstar/patch-12
...
Make sure output from extra args is strings
2018-03-16 08:23:50 +01:00
Andreas Krüger
5364160d6a
Merge pull request #2476 from woopstar/patch-13
...
Enable encrypting the secrets
2018-03-16 08:22:54 +01:00
Andreas Krüger
1a35948ff6
Enable encrypting the secrets
...
Enable the CI test to check the encryption of secrets
2018-03-15 20:33:57 +01:00
woopstar
40c0f3756b
Encapsulate item instead of casting to string
2018-03-15 20:27:21 +01:00
Andreas Krüger
3d6fd49179
Added option for encrypting secrets to etcd v.2 ( #2428 )
...
* Added option for encrypting secrets to etcd
* Fix keylength to 32
* Forgot the default
* Rename secrets.yaml to secrets_encryption.yaml
* Fix static path for secrets file to use ansible variable
* Rename secrets.yaml.j2 to secrets_encryption.yaml.j2
* Base64 encode the token
* Fixed merge error
* Changed path to credentials dir
* Update path to secrets file which is now readable inside the apiserver container. Set better file permissions
* Add encryption option to k8s-cluster.yml
2018-03-15 22:20:05 +03:00
Oleg Vyukov
d843e3d562
Fix indent Custom ConfigMap ingress-nginx ( #2447 )
2018-03-15 22:18:18 +03:00
Aivars Sterns
d8d5474dcc
Merge pull request #2467 from huzhengchuan/fix/kubeadm_enable
...
Fix error in kubelet.kubeadm.env.j2
2018-03-15 08:50:40 +02:00
Andreas Krüger
788e41a315
Make sure output from extra args is strings
...
Setting the following:
```
kube_kubeadm_controller_extra_args:
address: 0.0.0.0
terminated-pod-gc-threshold: "100"
```
Results in `terminated-pod-gc-threshold: 100` in the kubeadm config file. But it has to be a string to work.
2018-03-14 19:23:43 +01:00
MQasimSarfraz
1bcc641dae
Create vsphere clusterrole only if it doesnt exists
2018-03-14 11:29:35 +00:00
Sergey Bondarev
f8fed0f308
change expirations period for generated certificate from 10 years to 100 years
2018-03-14 13:33:36 +03:00
zhengchuan hu
d1e6632e6a
Fix err in kubelet.kubeadm.env.j2
...
1. 404 link url
2. kubelet_authentication_token_webhook is not work
3. kube_reserved variable set twice
2018-03-14 17:25:21 +08:00
Aivars Sterns
710295bd2f
Merge pull request #2434 from protomech/feature/azure-vnet-resource-group
...
add support for azure vnetResourceGroup
2018-03-13 17:42:09 +02:00
RongZhang
3e2d68cd32
Merge pull request #2455 from whereismyjetpack/kube-limits
...
uses new kube_memory_reserved/kube_cpu_reserved variables in kubelt
2018-03-13 06:28:07 -05:00
Dann Bohn
f3788525ff
fixes yamllint for docker defaults, and weave network plugin
2018-03-13 06:15:48 -04:00
Andreas Krüger
39d247a238
Add support to kubeadm too
...
Explicitly defines the --kubelet-preferred-address-types parameter #2418
Fixes #2453
2018-03-13 10:31:15 +01:00
Aivars Sterns
b37144b0b2
Merge pull request #2459 from riverzhang/remove-node-docs
...
Add remove node to getting-started doc
2018-03-13 11:12:42 +02:00
rong.zhang
2e0b33f754
Add remove node to getting-started doc
2018-03-13 16:41:26 +08:00
Aivars Sterns
adc3f79c23
Merge pull request #2458 from jouve/collect_info
...
use archive instead of command
2018-03-13 09:45:48 +02:00
Aivars Sterns
7904b454ba
Merge pull request #2460 from riverzhang/fix-weave
...
Fix yamllint roles error for #2188 commit
2018-03-13 09:40:54 +02:00
rong.zhang
d264da8f08
Fix yamllint roles error for #2188 commit
2018-03-13 14:28:49 +08:00
Cyril Jouve
6abe78ff46
use archive instead of command
2018-03-12 19:59:22 +01:00
MQasimSarfraz
9a4aa4288c
Fix vsphere cloud_provider RBAC permissions
2018-03-12 18:07:08 +00:00
Dann Bohn
50e3ccfa2b
uses new kube_memory_reserved/kube_cpu_reserved variables in kubelt
2018-03-12 12:46:14 -04:00
RongZhang
69a3c33ceb
Merge pull request #2429 from riverzhang/patch-6
...
Fix Docker exits prematurely
2018-03-12 06:16:25 -05:00
RongZhang
649b1ae868
Merge pull request #2452 from riverzhang/dockerproject
...
Fix issues #2451 Support docker-ce and docker-engine
2018-03-12 06:15:44 -05:00
Aivars Sterns
973cc12ca9
Merge pull request #2188 from cornelius-keller/fix_weave
...
fix nodePort for weave
2018-03-12 10:55:41 +02:00
Aivars Sterns
436de45dd4
Merge pull request #2295 from manics/supplementary-bugfix
...
Fix indexing of supplementary DNS in openssl.conf
2018-03-12 10:54:56 +02:00
Aivars Sterns
5f186a2835
Merge pull request #2418 from kubernetes-incubator/1439br
...
Explicitly defines the --kubelet-preferred-address-types parameter
2018-03-12 10:53:48 +02:00
RongZhang
ecec94ee7e
Fix Docker exits prematurely
...
details:https://github.com/moby/moby/pull/31490/files
2018-03-12 14:44:47 +08:00
rong.zhang
196995a1a7
Fix issues#2451 Support docker-ce and docker-engine
...
Support docker-ce and docker-engine include redhat/centos ubuntu debian
2018-03-12 13:31:31 +08:00
Spencer Smith
3a714fd4ac
Merge pull request #2427 from hswong3i/local_volume_provisioner_default
...
FIXUP #2424 : local_provisioner directory should be created only if enabled
2018-03-10 09:00:35 -05:00
Spencer Smith
2132ec0269
Merge pull request #2378 from dleske/reorg-inventory-for-opst
...
Update OpenStack contrib to use per-cluster inventory layout
2018-03-09 15:21:21 -05:00
Spencer Smith
c47fdc9aa0
Merge pull request #2445 from chadswen/kube-cert-directory-fix
...
Fix kubernetes cert permission sync
2018-03-09 15:10:35 -05:00
Spencer Smith
5c4cfb54ae
Merge pull request #2444 from chadswen/system-node-crb-name
...
Prefix system:node CRB
2018-03-09 15:09:01 -05:00
chadswen
cd153a1fb3
Fix kubernetes cert permission sync
...
Add `state: directory` to `file` task so that `recurse: yes` will actually take effect and ensure
certs/keys have the right file mode and owner
2018-03-09 00:11:10 -06:00
chadswen
b0ab92c921
Prefix system:node CRB
...
Change the name of `system:node` CRB to `kubespray:system:node` to avoid
conflicts with the auto-reconciled CRB also named `system:node`
Fixes #2121
2018-03-08 23:56:46 -06:00
RongZhang
5007a69eee
Merge pull request #2437 from huzhengchuan/fix/callo-routereflector
...
Fix always download calico_rr image
2018-03-08 23:22:48 -06:00
Chad Swenson
8a46e050e3
Merge pull request #2433 from octarinesec/eyeofthefrog/systemd_command_fix
...
Fix systemd version detection
2018-03-08 22:28:12 -06:00
Chad Swenson
256fd12da5
Merge pull request #2440 from huzhengchuan/fix/proxy
...
clean http-proxy.conf
2018-03-08 20:36:26 -06:00