Antoine Legrand
7e140e5f3c
Merge pull request #3122 from jbcraig/fix_cacert_feature
...
resolve issues with new cacert feature
2018-09-05 23:31:53 +02:00
rongzhang
435e098751
Fix feature-gates
2018-09-05 22:55:51 +08:00
Erwan Miran
a644b7c267
Introducing credentials_dir in order to be able to override it
2018-09-03 18:04:50 +02:00
k8s-ci-robot
c32145057d
Merge pull request #3178 from gitphill/patch-1
...
Add azure-container-registry-config for Azure
2018-09-03 05:06:01 -07:00
rboyapat
fbb98b0070
Fix the jinja expression for openstack_tenant_id ( #3151 )
...
OS_PROJECT_ID is obsolete in keystone v3 and jinja expression
doesn't set openstack_tenant_id as expected because of
undefined env var. Fixed the expression.
2018-09-03 14:59:49 +03:00
k8s-ci-robot
db11394711
Merge pull request #3200 from pablodav/feature/k8s_win_v1.11
...
Required support to start working on windows node support
2018-09-03 04:51:23 -07:00
Pablo Estigarribia
7cbe3c2171
ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version
...
ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version
remove empty when line
ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version
force kubeadm upgrade due to failure without --force flag
ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version
added nodeSelector to have compatibility with hybrid cluster with win nodes, also fix for download with missing container type
fixes in syntax and LF for newline in files
fix on yamllint check
ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version
some cleanup for innecesary lines
remove conditions for nodeselector
2018-09-02 12:47:06 -03:00
mlushpenko
8e95974930
Fix ports for kubeadm client and master configs for ha setups
2018-09-01 18:02:52 +02:00
Erwan Miran
059cd17b47
Fix target hosts generation when /etc/hosts does not contain 127.0.0.1 or ::1
2018-08-31 16:33:18 +02:00
Antoine Legrand
247b9e83d8
etcd arch-image
2018-08-31 13:45:08 +02:00
Antoine Legrand
9c2098b8fa
fix kubelet_max_pod assert
2018-08-31 13:45:08 +02:00
Antoine Legrand
48c0c8d854
Update dir list
2018-08-31 13:45:08 +02:00
rongzhang
2609ec0dc3
Fix copy etcd-ssl-ca failed
2018-08-31 15:06:03 +08:00
rongzhang
16fc22a207
Fix ipvs by kubeadm v1alpha1
2018-08-30 23:04:57 +08:00
k8s-ci-robot
d9ea937493
Merge pull request #3187 from mirwan/kubeadm-config_syntax
...
Fix kubeadm-config for audit-log-path and feature-gates
2018-08-30 06:55:43 -07:00
rongzhang
35e5adaf0a
Fix kubeadm v1alpha1 configure
2018-08-30 17:44:00 +08:00
k8s-ci-robot
4feb62f6bf
Merge pull request #3193 from riverzhang/fix-lb-kubeadm
...
Fix kubeadm lb
2018-08-29 04:22:40 -07:00
k8s-ci-robot
3bfda55fca
Merge pull request #3061 from okamototk/crio
...
cri-o support
2018-08-29 03:48:40 -07:00
rongzhang
9eade647e6
Fix kubeadm lb
2018-08-29 18:29:24 +08:00
Phill Garrett
1babbcca85
Fix elif azure statement
2018-08-28 15:43:03 +01:00
Phill Garrett
f325d13082
Add azure-container-registry-config for Azure
...
Seperated out KUBELET_CLOUDPROVIDER env var assignment when cloud_provider equals azure
Appended azure-container-registry-config parameter
2018-08-28 10:23:25 +00:00
Erwan Miran
52ab54eeea
Fix missing quotes for audit-log-path and wrong placement of feature-gates
2018-08-28 09:05:57 +02:00
Takashi Okamoto
d407a590a6
container_manager variable to specify runtime.
2018-08-28 06:23:38 +00:00
Takashi Okamoto
5eb805f098
Change timeout for kubeadm 600s.
...
* kubeadm timeout is too short and it may interrupt by timeout.
2018-08-28 04:51:38 +00:00
Takashi Okamoto
236f066635
kubeadm cri-o support.
2018-08-28 02:24:45 +00:00
Takashi Okamoto
5ab8a712d9
Add download_container flag to avoid docker pull when use cri-o.
2018-08-28 01:24:26 +00:00
Takashi Okamoto
cf7b9cfeef
Support crio in kubelet service.
2018-08-28 01:24:26 +00:00
Takashi Okamoto
6090af29e7
Add cri-o role.
2018-08-28 01:24:26 +00:00
Takashi Okamoto
359009bb05
Download etcd and hyperkube binary.
2018-08-28 01:24:26 +00:00
Takashi Okamoto
bdbfa4d403
Add ipvs support for kubeadm 1.10 or later.
2018-08-28 01:24:26 +00:00
Takashi Okamoto
6849788ebc
Fix copy ca cert and ca key for kubeadm.
2018-08-28 01:24:25 +00:00
Takashi Okamoto
ac639b2a17
Change kubeadm config to run etcd by kubeadm.
2018-08-28 01:24:25 +00:00
Erwan Miran
b395bb953f
Fix wrong when condition that ends up with jinja error when the content of /etc/hosts contains parenthesis
2018-08-27 21:20:57 +02:00
k8s-ci-robot
7efe287c74
Merge pull request #2474 from mirwan/localhost_in_etc_hosts
...
Localhost in hosts files should be updated (if necessary), not overriden
2018-08-27 06:25:43 -07:00
k8s-ci-robot
d43cd9a24c
Merge pull request #3104 from maxbrunet/hotfix/replace-local_actions
...
Use delegate_to: localhost instead of local_action
2018-08-27 02:50:42 -07:00
guenhter
fff48d24ea
Replace the raw rsync command with the synchronize module
2018-08-27 10:00:21 +02:00
Maxime Brunet
33135f2ada
k8s/preinstall: Turn AND condition into a list
2018-08-25 14:33:31 -04:00
k8s-ci-robot
f97515352b
Merge pull request #3161 from nutellinoit/kube_proxy_nodeport_addresses
...
--nodeport-addresses added on kube-proxy.manifest.j2 and on k8s-cluster.yml
2018-08-25 02:00:19 -07:00
Erwan Miran
1432e511a2
same work with less lines
2018-08-24 14:06:07 +02:00
Samuele Chiocca
cb8be37f72
fix on v1alpha1
2018-08-24 11:19:06 +02:00
Samuele Chiocca
e5dd4e1e70
added on v1alpha1
2018-08-24 10:59:06 +02:00
Antoine Legrand
4882531c29
Merge pull request #3115 from oracle/oracle_oci_controller
...
Cloud provider support for OCI (Oracle Cloud Infrastructure)
2018-08-23 18:22:45 +02:00
rongzhang
7b61a0eff0
Fix kubeadm LB configure
...
1. join node add LB discoveryTokenAPIServers
2. kubeadm_config_api_fqdn support ipddress and domain_name
2018-08-23 22:22:34 +08:00
Aivars Sterns
23fd3461bc
calico upgrade to v3 ( #3086 )
...
* calico upgrade to v3
* update calico_rr version
* add missing file
* change contents of main.yml as it was left old version
* enable network policy by default
* remove unneeded task
* Fix kubelet calico settings
* fix when statement
* switch back to node-kubeconfig.yaml
2018-08-23 17:17:18 +03:00
Rong Zhang
f453567cce
Merge pull request #3144 from riverzhang/fix-audit-log
...
Fix install audit failed
2018-08-23 14:41:37 +08:00
rongzhang
5a4352657d
Fix install audit failed
...
1.fix audit log not write
2.fix Parameter not recognized
3.delete kubedm futuregates auditing and use apiServerExtraArgs
2018-08-23 01:47:15 +08:00
Samuele Chiocca
f13bc796d9
added nodePortAddresses on kubeadm conf v1alpha2 (not present on v1alpha1)
2018-08-22 18:43:03 +02:00
Erwan Miran
80cfeea957
psp, roles and rbs for PodSecurityPolicy when podsecuritypolicy_enabled is true
2018-08-22 18:16:13 +02:00
Samuele Chiocca
5d9908c2c3
--nodeport-addresses added on kube-proxy.manifest.j2
...
Changed author
2018-08-22 15:32:07 +02:00
Erwan Miran
a7b0c454db
Localhost in hosts files should be updated (if necessary), not overriden
2018-08-22 12:10:49 +02:00
Jeff Bornemann
94df70be98
Cloud provider support for OCI (Oracle Cloud Infrastructure)
...
Signed-off-by: Jeff Bornemann <jeff.bornemann@oracle.com>
2018-08-21 17:36:42 -04:00
Mark Eisenblaetter
0c0a2138d9
allow '.' in hostnames
...
we use FQDN as inventory_hostname
2018-08-21 08:24:33 +02:00
Jonathan Craig
5bf152886b
add support for openstack trust to cloud provider config
2018-08-20 12:51:25 -04:00
Andreas Krüger
497db69c9f
Merge pull request #3130 from riverzhang/add-control-plane
...
Add kubeadm controlplaneEndpoint
2018-08-20 10:43:50 +02:00
Andreas Krüger
c7de737551
Merge pull request #3133 from mirwan/auditlog_to_stdout_w_kubeadm
...
Audit log to stdout with kubeadm
2018-08-20 10:43:22 +02:00
Erwan Miran
fc38b6d0ca
Ability to define custom audit polcy rules
2018-08-20 07:04:56 +02:00
Erwan Miran
c34900e569
Define apiserver flags directly instead of relying on auditPolicy section in order to have the ability to redirect audit log to stdout with kubeadm
2018-08-20 07:00:53 +02:00
Rong Zhang
855f2a55cb
Merge pull request #3135 from ishitatsuyuki/patch-1
...
Add bad hostname preflight check
2018-08-20 12:08:02 +08:00
Rong Zhang
fd16f77e20
Merge pull request #3017 from seungkyua/fix_kubeadm_client_conf
...
Fix kubeadm client conf
2018-08-20 10:51:02 +08:00
Tatsuyuki Ishi
3eef8dc8d0
Add bad hostname preflight check
...
Hostname must be a valid DNS name, which is checked as https://github.com/kubernetes/apimachinery/blob/master/pkg/util/validation/validation.go#L115
The situation I have encountered is that my hostname contained underscore which is disallowed and apiserver refused to start.
2018-08-20 09:09:00 +09:00
rongzhang
59176ebbb9
Add kubeadm controlplaneEndpoint
...
Nginx LB(default)
Other LB by kubeadm controlplane
2018-08-20 00:57:13 +08:00
rongzhang
b421d0ed5b
Fix install nss
2018-08-20 00:07:31 +08:00
Rong Zhang
fb309ca446
Merge pull request #3128 from riverzhang/delete-kubeadm
...
Remove unused configuration
2018-08-19 10:01:33 +08:00
rongzhang
095ccef8bd
Remove unused configuration
2018-08-19 01:23:20 +08:00
Rong Zhang
0df969ad19
Merge pull request #3117 from mirwan/audit_usecases
...
Audit support improvement
2018-08-19 01:13:22 +08:00
Antoine Legrand
ac49bbb336
Merge pull request #2168 from xd007/docker_arm64
...
fix docker opts incompatible running on aarch64 Redhat/Centos
2018-08-17 16:24:07 +02:00
Antoine Legrand
7a0f0126f7
Merge pull request #1295 from xuhuilong/master
...
fix curl get calico status error ( error in tls version, centos 7.3 1611)
2018-08-17 14:29:01 +02:00
Seungkyu Ahn
29894293eb
Fix kubeadm client conf
...
Fix DiscoveryTokenCACertHashes key to discoveryTokenCACertHashes in kubeadm-client.conf
2018-08-17 04:40:08 +00:00
Jonathan Craig
4d783fff0d
resolve issues with new cacert feature
2018-08-16 23:31:21 -04:00
Antoine Legrand
58ee5f1cc9
Merge pull request #3089 from mattymo/cloudconfig
...
Remove erroneous cloud-config task
2018-08-16 16:17:01 +02:00
Erwan Miran
54548d3b95
kubeadm mounts the hostpaths itself
2018-08-16 13:17:30 +02:00
Erwan Miran
58d4d65fab
minor variable fix and reuse + handle auditlog redirected to stdout
2018-08-16 12:51:09 +02:00
rongzhang
2ffc1afe40
Support audit
2018-08-16 14:38:07 +08:00
Maxime Brunet
70b28288a3
Use delegate_to: localhost instead of local_action
...
Allow to use `ansible_become: true` (#2969 )
And set it to `false` for `localhost` with an `host_var`
2018-08-14 10:08:43 -04:00
Rong Zhang
a11e1eba9e
Upgrade kubernetes to V1.11.x ( #3078 )
...
Upgrade Kubernetes to V1.11.2
The kubeadm configuration file version has been upgraded from v1alpha1 to v1alpha2
Add bootstrap kubeadm-config.yaml with external etcd
2018-08-14 15:13:44 +03:00
Matthew Mosesohn
581a30fdec
Remove erroneous cloud-config task
2018-08-10 15:59:18 +03:00
Andreas Krüger
d8e77600e2
Merge pull request #3066 from luisyonaldo/fix-conditional
...
fix bad conditional
2018-08-10 10:38:52 +02:00
Luis Nuñez
fd380615a0
fix bad conditional
2018-08-09 10:20:45 +02:00
Robert Everson
4eadf3228e
Only add admission plugins if defined
2018-08-07 11:25:03 -07:00
Robert Everson
99c5aa5a02
Use k8s default plugin list
2018-08-07 11:25:03 -07:00
Robert Everson
6ed65d762b
Separate out plugins into 2 variables
2018-08-07 11:25:03 -07:00
Robert Everson
ac18f6cf8b
Add support for admission controllers in 1.10 and above
2018-08-07 11:25:03 -07:00
Rong Zhang
e71f261935
Merge pull request #3068 from riverzhang/swap
...
Enable swap
2018-08-07 21:29:41 +08:00
rongzhang
b902602d16
Enable swap
2018-08-07 21:13:12 +08:00
Rong Zhang
c288ffc55d
Merge pull request #2342 from southquist/add-ca-cert
...
allow for setting the cacert on openstack cloud provider
2018-08-07 17:46:01 +08:00
Rong Zhang
9075dbdd3c
Merge pull request #2875 from bradbeam/movault
...
Adding cluster_name to api cert alt name for vault
2018-08-07 17:36:04 +08:00
Rong Zhang
3d19e03294
Merge pull request #3015 from podnov/kube_proxy_healthz_bind_address
...
Variablize kube_proxy_healthz_bind_address
2018-08-07 17:10:33 +08:00
rongzhang
ac644ed049
Fix yaml roles error
2018-08-05 18:48:07 +08:00
woosley.xu
72074f283b
set local for growpart part 2
2018-07-31 06:56:09 +08:00
woosley.xu
a5db3dbea9
set locale for growpart
2018-07-31 06:52:56 +08:00
Seungkyu Ahn
0366600b45
Remove double slash
...
Even without this PR, the operation works well.
However, it is better to use a single slash rather than
a double slash in the path.
2018-07-20 07:34:33 +00:00
Evan Zeimet
6a4ce96b7d
Variablize kube_proxy_healthz_bind_address
...
This fixes #3014
2018-07-19 14:19:09 -05:00
Takashi Okamoto
37ccf7e405
Fixed kubectl path.
2018-07-13 15:32:08 +00:00
Matthew Mosesohn
97e0de7e29
Fix vault file owner issues and k8s apiserver cert creation ( #2985 )
...
apiserver cert should be created only once
2018-07-11 14:58:02 +03:00
Rong Zhang
cf445fd4fe
Merge pull request #2930 from alvistack/ingress-nginx-0.16.1
...
ingress-nginx: Upgrade to 0.16.2
2018-07-10 14:42:37 +08:00
Aivars Sterns
72f053d9bb
Merge pull request #2972 from mattymo/force_cni_cp
...
Force copy cni files
2018-07-10 09:40:10 +03:00
Wong Hoi Sing Edison
a0defefb3f
ingress-nginx: Upgrade to 0.16.2
...
ingress-nginx 0.16.2 (https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.16.2 )
This patch simplify ingress-nginx deployment by default deploy on
master, with customizable options; on the other hand, remove the
additional Ansible group "kube-ingress" and its k8s node label
injection.
Reference to https://kubernetes.io/docs/concepts/services-networking/ingress/#prerequisites :
GCE/Google Kubernetes Engine deploys an ingress controller on the master.
By changing `ingress_nginx_nodeselector` plus custom k8s node
label, user could customize the DaemonSet deployment target.
If `ingress_nginx_nodeselector` is empty, will deploy DaemonSet on
every k8s node.
2018-07-10 12:26:06 +08:00
Dao Hoang Son
d306c9708c
Remove step that force disable kube_basic_auth
.
...
The referenced issue (https://github.com/kubernetes/kubeadm/issues/441 ) has already been fixed.
2018-07-08 16:57:43 +07:00
Matthew Mosesohn
1a3b9dd864
Force copy cni files
2018-07-06 16:39:42 +03:00
Matthew Mosesohn
5c617c5a8b
Add tags to deploy components by --tags option ( #2960 )
...
* Add tags for cert serial tasks
This will help facilitate tag-based deployment of specific components.
* fixup kubernetes node
2018-07-06 09:12:13 +03:00