Matthew Mosesohn
af82710e09
Merge pull request #1141 from mattymo/idempotency2
...
More idempotency fixes
2017-03-16 12:29:42 +03:00
Matthew Mosesohn
ad03f3ac84
Merge branch 'master' into idempotency2
2017-03-16 09:29:43 +03:00
Matthew Mosesohn
261aeb6112
Merge pull request #1138 from mattymo/idempotency-fixes
...
Idempotency fixes for etcd certs and resolvconf tasks
2017-03-16 09:20:28 +03:00
Bogdan Dobrelya
6b69174ec2
Merge pull request #1109 from pcm32/feature/fixTerraformOS
...
Restores working order of contrib/terraform/openstack
2017-03-15 17:15:35 +01:00
Matthew Mosesohn
fad22bae97
More idempotency fixes
...
Fixed sync_tokens fact
Fixed sync_certs for k8s tokens fact
Disabled register docker images changability
Fixed CNI dir permission
Fix idempotency for etcd pre upgrade checks
2017-03-15 19:06:39 +03:00
Matthew Mosesohn
7b5d6c7a06
Merge pull request #1137 from holser/bug/1135
...
Turn on iptables for flannel
2017-03-15 17:06:42 +03:00
Bogdan Dobrelya
bc565cb111
Merge pull request #1140 from VincentS/jinja28
...
Added Jinja 2.8 to Docs
2017-03-15 13:18:53 +01:00
Vincent Schwarzer
59f2934c53
Added Jinja 2.8 to Docs
...
Added Jinja 2.8 Requirements to docs and pip requirements file which
is needed to run the current Ansible Playbooks.
2017-03-15 13:11:09 +01:00
Matthew Mosesohn
8540df89e0
Merge pull request #1139 from VincentS/docu_fix
...
Fix for CoreOS Docu
2017-03-15 15:06:41 +03:00
Vincent Schwarzer
eabea728c6
Fixed CoreOS Docu
...
CoreOS docu was referencing outdated bootstrap playbook that
is now part of kargo itself.
2017-03-15 13:04:01 +01:00
Matthew Mosesohn
20247b9c0a
Merge pull request #1080 from VincentS/Granular_Auth_Control
...
Granular authentication Control
2017-03-15 13:12:51 +03:00
Matthew Mosesohn
210d9503f3
Merge pull request #1117 from mattymo/etcd3-upgrade
...
Migrate k8s data to etcd3 api store
2017-03-15 12:56:06 +03:00
Matthew Mosesohn
4287993811
Make resolvconf preinstall idempotent
2017-03-15 01:20:13 +04:00
Sergii Golovatiuk
97a7f1c4a5
Turn on iptables for flannel
...
Closes : #1135
Closes : #1026
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-03-14 17:54:55 +01:00
Vincent Schwarzer
ea1f072c7e
Granular authentication Control
...
It is now possible to deactivate selected authentication methods
(basic auth, token auth) inside the cluster by adding
removing the required arguments to the Kube API Server and generating
the secrets accordingly.
The x509 authentification is currently not optional because disabling it
would affect the kubectl clients deployed on the master nodes.
2017-03-14 16:57:35 +01:00
Matthew Mosesohn
8450ff00cc
Merge pull request #1134 from mattymo/1.6-support
...
Explicitly set cni-bin-dir
2017-03-14 17:53:08 +03:00
Matthew Mosesohn
25b366dd98
Migrate k8s data to etcd3 api store
...
Default backend is now etcd3 (was etcd2).
The migration process consists of the following steps:
* check if migration is necessary
* stop etcd on first etcd server
* run migration script
* start etcd on first etcd server
* stop kube-apiserver until configuration is updated
* update kube-apiserver
* purge old etcdv2 data
2017-03-14 17:50:20 +03:00
Matthew Mosesohn
bb66bb19e8
Fix etcd idempotency
2017-03-14 17:23:29 +03:00
Matthew Mosesohn
e486dabc42
Merge pull request #1078 from VincentS/oidc_support
...
Added Support for OpenID Connect Authentication
2017-03-14 12:07:21 +03:00
Matthew Mosesohn
944fa9d975
Explicitly set cni-bin-dir
2017-03-13 20:13:21 +03:00
Matthew Mosesohn
f2900d65e1
Merge pull request #1118 from mattymo/noderolelabels
...
Add node labels in kubelet
2017-03-13 19:04:21 +03:00
Antoine Legrand
f9298ef39a
Merge pull request #1116 from kubernetes-incubator/contrib_docs
...
Reference external documentation sources
2017-03-07 13:33:25 +01:00
Antoine Legrand
7be48d351b
Merge pull request #1120 from bradbeam/fixtags
...
Removing cloud_provider tag to fix scenario where cloud_provider is n…
2017-03-06 19:00:41 +01:00
Brad Beam
0c96b5d3fc
Removing cloud_provider tag to fix scenario where cloud_provider is not defined
2017-03-06 10:52:38 -06:00
Matthew Mosesohn
8065a2355c
Add node labels in kubelet
...
Related-issue: https://github.com/kubernetes/community/issues/300
Upgraded nodes do not obtain labels automatically.
See https://github.com/kubernetes/kubernetes/pull/29459 for more details.
2017-03-06 17:18:42 +03:00
Vincent Schwarzer
ea6bf9143f
Added Support for OpenID Connect Authentication
...
To use OpenID Connect Authentication beside deploying an OpenID Connect
Identity Provider it is necesarry to pass additional arguments to the Kube API Server.
These required arguments were added to the kube apiserver manifest.
2017-03-06 12:40:35 +01:00
Antoine Legrand
bfe58a7750
Merge pull request #1045 from bradbeam/vsphere
...
Adding vsphere cloud provider support
2017-03-06 12:34:05 +01:00
Antoine Legrand
c876e99191
Reference external documentation sources
2017-03-06 12:25:54 +01:00
Antoine Legrand
8595bf50cd
Merge pull request #1112 from mattymo/skip_vault_if_disabled
...
Disable vault role properly on ansible 2.2.0
2017-03-06 11:27:53 +01:00
Antoine Legrand
48010cf64f
Merge pull request #1115 from mattymo/etcd-phases
...
Remove standalone etcd specific play, cleanup host mode
2017-03-06 11:21:08 +01:00
Matthew Mosesohn
7a3956173a
Disable vault role properly on ansible 2.2.0
...
when condition does not seem to work correctly at playbook
level for ansible 2.2.0.
2017-03-05 00:43:01 +04:00
Matthew Mosesohn
f247a75afd
Remove standalone etcd specific play, cleanup host mode
...
Now etcd role can optionally disable etcd cluster setup for faster
deployment when it is combined with etcd role.
2017-03-04 00:34:26 +04:00
Matthew Mosesohn
cd3c402454
Merge pull request #1111 from mattymo/use_find_for_certs
...
Use find module for checking for certificates
2017-03-03 20:08:33 +03:00
Matthew Mosesohn
5614e72d3a
Merge pull request #1113 from VincentS/AWS_IAM_PROFILES
...
Added Missing AWS IAM Profiles and Policies
2017-03-03 17:35:55 +03:00
Vincent Schwarzer
68ea8ad437
Added Missing AWS IAM Profiles and Policies
...
The AWS IAM profiles and policies required to run Kargo on AWS
are no longer hosted in the kubernetes main repo since kube-up got
deprecated. Hence we have to move the files into the kargo repository.
2017-03-03 15:30:07 +01:00
Matthew Mosesohn
7e1aa3b43b
Use find module for checking for certificates
...
Also generate certs only when absent on master (rather than
when absent on target node)
2017-03-03 16:21:01 +03:00
Bogdan Dobrelya
1cca1909c9
Merge pull request #1071 from vijaykatam/atomic_host
...
Add support for atomic host
2017-03-03 13:03:59 +01:00
Matthew Mosesohn
4b50274b33
Merge pull request #1075 from VincentS/loadbalancer_aws
...
Possibility to add Loadbalancers without static IP (e.g. AWS ELB) #1074
2017-03-03 14:07:22 +03:00
Pablo Moreno
f8283d8c56
Restores working order of contrib/terraform/openstack, includes vault group and avoids group_vars/k8s-cluster.yml
2017-03-02 23:58:07 +00:00
Matthew Mosesohn
11b3da85c8
Merge pull request #1099 from rutsky/patch-4
...
fix inline verbatim blocks formatting in markdown
2017-03-02 17:46:52 +03:00
Matthew Mosesohn
d1299f358b
Merge pull request #1060 from holser/etcdv3
...
Allow to specify etcd backend for kube-api
2017-03-02 17:24:09 +03:00
Matthew Mosesohn
09c3a4f8d1
Merge pull request #1093 from mattymo/scaledns
...
Add autoscalers for dnsmasq and kubedns
2017-03-02 16:58:56 +03:00
Matthew Mosesohn
576ffe83c7
Add autoscalers for dnsmasq and kubedns
...
By default kubedns and dnsmasq scale when installed.
Dnsmasq is no longer a daemonset. It is now a deployment.
Kubedns is no longer a replicationcluster. It is now a deployment.
Minimum replicas is two (to enable rolling updates).
Reduced memory erquirements for dnsmasq and kubedns
2017-03-02 13:44:22 +03:00
Vincent Schwarzer
9164b9cdcf
Changes based on feedback (additional ansible checks)
2017-03-02 11:04:10 +01:00
Vincent Schwarzer
3ef7365cae
Modified how adding LB for the Kube API is handled (AWS)
...
Until now it was not possible to add an API Loadbalancer
without an static IP Address. But certain Loadbalancers
like AWS Elastic Loadbalanacer dontt have an fixed IP address.
With this commit it is possible to add these kind of Loadbalancers
to the Kargo deployment.
2017-03-02 11:04:10 +01:00
Matthew Mosesohn
4ce0421142
Merge pull request #1103 from mattymo/upgradesyntax
...
Add upgrade-cluster and reset playbooks to syntax check
2017-03-02 12:41:10 +03:00
Matthew Mosesohn
4bc0a052a1
Merge pull request #1100 from retr0h/host-vars
...
Added host_vars to gitignore
2017-03-02 12:32:22 +03:00
Matthew Mosesohn
b9cd6d4e4d
Merge pull request #1101 from retr0h/docker-1.13.1
...
Use docker-engine 1.13.1
2017-03-02 12:31:58 +03:00
Matthew Mosesohn
6fa845f631
Add upgrade-cluster and reset playbooks to syntax check
2017-03-02 09:37:16 +04:00
John Dewey
e19bd9b543
Use docker-engine 1.13.1
...
The default version of Docker was switched to 1.13 in #1059 . This
change also bumped ubuntu from installing docker-engine 1.13.0 to
1.13.1. This PR updates os families which had 1.13 defined, but
were using 1.13.0.
The impetus for this change is an issue running tiller 1.2.3 on
docker 1.13.0. See discussion [1][2].
[1] https://github.com/kubernetes/helm/issues/1838
[2] https://github.com/kubernetes-incubator/kargo/pull/1100
2017-03-01 12:53:39 -08:00