Bogdan Dobrelya
b6cd9a4c4b
Merge pull request #938 from bradbeam/ci
...
Splitting out moderator check from syntax check
2017-01-25 10:12:11 +01:00
Brad Beam
2333ec4d1f
Splitting out moderator check from syntax check
...
- Attempt to clarify CI runs from contributors
2017-01-24 23:05:12 -06:00
Bogdan Dobrelya
85a8a54d3e
Merge pull request #935 from sc68cal/terraform_groupvars_update
...
Update the group_vars for Terraform
2017-01-24 11:33:17 +01:00
Bogdan Dobrelya
7294a22901
Merge pull request #934 from frozenice/use-api-pwd-for-root
...
also use kube_api_pwd for root account
2017-01-24 11:24:02 +01:00
Matthew Mosesohn
f4b7474ade
Merge pull request #926 from adidenko/fix-calico-rr-for-masters
...
Fix calico-rr peering with k8s masters
2017-01-24 12:38:52 +03:00
Matthew Mosesohn
9428321607
Merge pull request #932 from vwfs/centos_pin_docker_version
...
Pin docker version on RedHat and CentOS to the desired version
2017-01-24 12:21:50 +03:00
Matthew Mosesohn
882544446a
Merge pull request #928 from sc68cal/terraform_identity_version
...
Specify the version of the credentials to download from Horizon
2017-01-24 12:21:27 +03:00
Sean M. Collins
73160c9b90
Update terraform's group_vars to be a symlink
...
That way, it will not become stale.
Related bug #929
2017-01-23 16:08:37 -05:00
Sean M. Collins
2184d6a3ff
Specify the version of the credentials to download from Horizon
...
More recent versions of OpenStack Horizon provide Identity v2 and
Identity v3 versions of the RC file.
2017-01-23 14:52:51 -05:00
David Kirstein
6e35895b44
also use kube_api_pwd for root account
...
This makes it a bit more secure. Also the password can now be changed with a (inventory) variable (no need to edit all.yml).
2017-01-23 19:09:30 +01:00
Alexander Block
9bf792ce0b
Pin docker version on RedHat and CentOS to the desired version
2017-01-23 12:39:54 +01:00
Aleksandr Didenko
f05aaeb329
Fix calico-rr peering with k8s masters
...
Calico-rr is broken for deployments with separate k8s-master and
k8s-node roles. In order to fix it we should peer k8s-cluster
nodes with calico-rr, not just k8s-node. The same for peering
with routers.
Closes #925
2017-01-23 10:19:09 +01:00
Bogdan Dobrelya
1bdf34e7dc
Merge pull request #915 from bradbeam/ci
...
Sorting ansible args, fixed ci cluster_mode
2017-01-20 09:43:10 +01:00
Bogdan Dobrelya
cd25bfca91
Merge pull request #884 from mattymo/inventory_builder_scale
...
Add scale thresholds to split etcd and k8s-masters
2017-01-20 09:34:45 +01:00
Bogdan Dobrelya
1b621ab81c
Merge pull request #873 from crodetsky/fix_test_cases
...
Genericize test cases and namespace create pod
2017-01-20 09:30:35 +01:00
Matthew Mosesohn
8ce32eb3e1
Merge pull request #905 from galthaus/async-runs
...
Add tasks to ensure that the first nodes have their directories for cert gen
2017-01-19 18:32:27 +03:00
Matthew Mosesohn
aae0314bda
Merge pull request #904 from galthaus/nginx-port-config
...
Add nginx local balancer port configuration variable
2017-01-19 18:31:57 +03:00
Matthew Mosesohn
35d5248d41
Merge pull request #913 from galthaus/apps-master-only
...
Ansible apps should only check for api-server running on the master.
2017-01-19 18:30:58 +03:00
Matthew Mosesohn
0ccc2555d3
Merge pull request #917 from mattymo/rkt_resolvconf
...
Fix setting resolvconf when using rkt deploy mode
2017-01-19 18:30:21 +03:00
Matthew Mosesohn
b26a711e96
Merge pull request #916 from mattymo/update_ansible
...
Update Ansible to 2.2.1
2017-01-19 18:13:45 +03:00
Matthew Mosesohn
2218a052b2
Merge pull request #921 from mattymo/docker113
...
Add docker 1.13, update 1.12 to 1.12.6
2017-01-19 18:13:21 +03:00
Matthew Mosesohn
40f419ca54
Merge pull request #922 from holser/dnsmasq_dns-forward-max
...
Allow to specify number of concurrent DNS queries
2017-01-19 18:08:04 +03:00
Matthew Mosesohn
f742fc3dd1
Add scale thresholds to split etcd and k8s-masters
...
Also adds calico-rr group if there are standalone etcd nodes.
Now if there are 50 or more nodes, 3 etcd nodes will be standalone.
If there are 200 or more nodes, 2 kube-masters will be standalone.
If thresholds are exceeded, kube-node group cannot add nodes that
belong to etcd or kube-master groups (according to above statements).
2017-01-19 17:30:56 +03:00
Matthew Mosesohn
33fbcc56d6
Add docker 1.13, update 1.12 to 1.12.6
...
Fixes #903
2017-01-19 13:58:36 +03:00
Sergii Golovatiuk
61d05dea58
Allow to specify number of concurrent DNS queries
...
ndots creates overhead as every pod creates 5 concurrent connections
that are forwarded to sky dns. Under some circumstances dnsmasq may
prevent forwarding traffic with "Maximum number of concurrent DNS
queries reached" in the logs.
This patch allows to configure the number of concurrent forwarded DNS
queries "dns-forward-max" as well as "cache-size" leaving the default
values as they were before.
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-01-19 11:47:37 +01:00
Matthew Mosesohn
8a821060a3
Update Ansible to 2.2.1
2017-01-19 13:46:46 +03:00
Greg Althaus
0d44599a63
Add explicit name printing in task names for deletgated task during
...
cert creation
2017-01-18 14:06:50 -06:00
crodetsky
8e29b08070
Genericize test cases and namespace create pod
...
This change modifies 020_check-create-pod and 030_check-network test cases to
target `kube-master[0]` instead of `node1` as these tests can be useful in
deployments that do not use the same naming convention as the basic tests.
This change also modifies 020_check-create-pod to namespace into a `test`
namespace allowing the `get pods` command to get its expected number of
running containers.
Closes #866 and #867 .
2017-01-18 14:52:35 -05:00
Matthew Mosesohn
b6c3e61603
Fix setting resolvconf when using rkt deploy mode
...
rkt deploy mode doesn't create {{ bin_dir }}/kubelet, so
let's rely on kubelet.env file instad.
2017-01-18 19:18:47 +03:00
Brad Beam
dc08b75c6a
Sorting ansible args, fixed ci cluster_mode
...
- s/separated/separate/g for cluster_mode so it now generates the correct number of instances
2017-01-18 08:03:04 -06:00
Matthew Mosesohn
5420fa942e
Merge pull request #897 from holser/flush_handlers_before_etcd
...
Flush handlers before etcd restart
2017-01-18 12:27:01 +03:00
Matthew Mosesohn
1ee33d3a8d
Merge pull request #910 from mattymo/escape_curly
...
Fix ansible 2.2.1 handling of registered vars
2017-01-18 11:13:01 +03:00
Greg Althaus
61dab8dc0b
Should only check for api-server running on the master.
...
If this runs on other nodes, it will fail the playbook.
2017-01-17 15:57:34 -06:00
Greg Althaus
0022a2b29e
Add doc updates.
2017-01-17 13:15:48 -06:00
Matthew Mosesohn
b2a27ed089
Fix bash completion installation
2017-01-17 20:36:58 +03:00
Matthew Mosesohn
d8ae50800a
Work around escaping curly braces for docker inspect
2017-01-17 20:35:38 +03:00
Sergii Golovatiuk
43fa72b7b7
Flush handlers before etcd restart
...
systemctl daemon-reload should be run before when task modifies/creates
union for etcd. Otherwise etcd won't be able to start
Closes #892
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-01-17 15:04:25 +01:00
Bogdan Dobrelya
36b62b7270
Merge pull request #896 from bogdando/idempot_check
...
Add idempotency checks for CI
2017-01-17 14:21:32 +01:00
Matthew Mosesohn
73204c868d
Merge pull request #909 from mattymo/docker-upgrade
...
Always trigger docker restart when docker package changes
2017-01-17 11:37:42 +03:00
Matthew Mosesohn
2ee889843a
Merge pull request #900 from galthaus/cn-length
...
Cert fail if inventory names too long
2017-01-16 23:39:32 +03:00
Matthew Mosesohn
74b78e75a1
Always trigger docker restart when docker package changes
...
Docker upgrade doesn't auto-restart docker, causing failures
when trying to start another container
2017-01-16 17:52:28 +03:00
Greg Althaus
6905edbeb6
Add a variable that defaults to kube_apiserver_port that defines
...
the which port the local nginx proxy should listen on for HA
local balancer configurations.
2017-01-14 23:38:07 -06:00
Greg Althaus
6c69da1573
This PR adds/or modifies a few tasks to allow for the playbook to
...
be run by limit on each node without regard for order.
The changes make sure that all of the directories needed to do
certificate management are on the master[0] or etcd[0] node regardless
of when the playbook gets run on each node. This allows for separate
ansible playbook runs in parallel that don't have to be synchronized.
2017-01-14 23:24:34 -06:00
Bogdan Dobrelya
e776dfd800
Add idempotency checks for CI
...
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2017-01-13 17:16:03 +01:00
Greg Althaus
95bf380d07
If the inventory name of the host exceeds 63 characters,
...
the openssl tools will fail to create signing requests because
the CN is too long. This is mainly a problem when FQDNs are used
in the inventory file.
THis will truncate the hostname for the CN field only at the
first dot. This should handle the issue for most cases.
2017-01-13 10:02:23 -06:00
Bogdan Dobrelya
2a61ad1b57
Merge pull request #895 from mattymo/same_apiserver_certs
...
Use only one certificate for all apiservers
2017-01-13 13:05:06 +01:00
Matthew Mosesohn
80703010bd
Use only one certificate for all apiservers
...
https://github.com/kubernetes/kubernetes/issues/25063
2017-01-13 14:03:20 +03:00
Bogdan Dobrelya
e88c10670e
Merge pull request #891 from galthaus/selinux-order
...
preinstall fails on AWS CentOS7 image
2017-01-13 11:51:18 +01:00
Bogdan Dobrelya
2a2953c674
Merge pull request #893 from kubernetes-incubator/undo_hostresolvconf
...
Don't try to delete kargo specific config from dhclient when file does not exist
2017-01-13 11:35:46 +01:00
Alexander Block
1054f37765
Don't try to delete kargo specific config from dhclient when file does not exist
...
Also remove the check for != "RedHat" when removing the dhclient hook,
as this had also to be done on other distros. Instead, check if the
dhclienthookfile is defined.
2017-01-13 10:56:10 +01:00