Commit graph

181 commits

Author SHA1 Message Date
Andreas Krüger
bf3c6aeed1 Add kube anon auth settings to kubeadm config templates (#4713)
* Disable kube_api_anonymous_auth by default to secure the setup

* Disable metrics-server in addons. Health endpoint is slow and unstable

* Fix anonymous-auth missing in configuration

* Cleanup a bit

* Fix kube anon auth
2019-05-07 12:52:34 -07:00
MarkusTeufelberger
e67f848abc ansible-lint: add spaces around variables [E206] (#4699) 2019-05-02 14:24:21 -07:00
Maxime Guyot
3f45122d0d Refactor Terraform CI (#4654) 2019-05-02 12:26:19 -07:00
MarkusTeufelberger
e814da1eec ansible-lint: Don't use the local_action module [E504] (#4666) 2019-05-01 00:38:55 -07:00
Andreas Krüger
38af93b60c Remove rkt support (#4671) 2019-04-29 01:14:20 -07:00
Matthew Mosesohn
741de6051c Fix nodeselectors for contiv and nginx-ingress (#4662)
* Fix nodeselectors for contiv and nginx-ingress

Change-Id: Ib3eb6bd87193c69a90ee944c9164a0b6792c79ba

* Set kube proxy mode to iptables for addons task

Change-Id: Iff71a71f672405c74b4708c71db15ddc4391a53a
2019-04-28 23:36:19 -07:00
MarkusTeufelberger
88d919337e ansible-lint: don't compare to empty string [E602] (#4665) 2019-04-28 23:00:20 -07:00
Maxime Guyot
d5c33e6d6c Refactor test cases (#4655) 2019-04-28 22:56:19 -07:00
Matthew Mosesohn
009e208bcd Remove RHEL from packet deploy (#4661)
Change-Id: I131d77bb9d16cc0f252dd86166c29f72daa9a64a
2019-04-26 09:56:29 -07:00
Matthew Mosesohn
81e6877b02 Make cilium tests pass (#4660)
Cilium requires a high kernel. rhel7 and centos7 are too low, so they are removed.
Bumping ubuntu to ubuntu-1804

Change-Id: Ib1bffa45b8f9ed0ba500f751714372b3a3f7878b
2019-04-26 05:54:37 -07:00
Andreas Krüger
3722acee85 Fix broken metrics-server deployment not starting (#4651)
* Fix metrics-server deployment

* Make metrics server work

* Fix sample inventory
2019-04-26 00:44:26 -07:00
Maxime Guyot
a4a35f8a4f Git checkout a specific version for testing upgrades (#4653) 2019-04-25 05:24:46 -07:00
Maxime Guyot
01da65252b Reduce VM size for Packet CI (#4630) 2019-04-24 04:30:04 -07:00
Andreas Krüger
f3e7615bef Switch deploy-part1 AIO job to Calico (#4628)
* Switch deploy-part1 AIO job to Calico

* Cleanup file

* Remove newline at end
2019-04-24 03:32:04 -07:00
Maxime Guyot
a3144e7e21 Test with minimum requirements (#4615) 2019-04-24 02:02:03 -07:00
Maxime Guyot
38a3075025 Always rebase on master before running a job (#4616) 2019-04-24 01:38:01 -07:00
Maxime Guyot
6df8111cd4 Merge 020_check and 030_check (#4623)
* Merge 020_check and 030_check

* Fix pods output and fail if test pods is not ready
2019-04-23 16:12:00 -07:00
Andreas Krüger
d588532c9b Update probe timeouts, delays etc. (#4612)
* Fix merge conflict

* Add check delay

* Add more liveness and readiness options to metrics-server
2019-04-23 14:46:02 -07:00
Maxime Guyot
228b244c84 Move inline shell into script files (#4604) 2019-04-23 13:36:03 -07:00
Matthew Mosesohn
d89ecb8308 disable metrics server and fix terraform (#4617)
* disable metrics server in centos7-flannel-addons job

Change-Id: I1d87923547584896f64dda9ea8feb5581ad48cbe

* Fix tf facility->facilities syntax

Change-Id: I434bfe53f47e8e4a546890e0b62d24bde6e6d6a7

* Update Terraform CI for facilities

* Fix undefined variable error
2019-04-23 12:06:03 -07:00
Maxime Guyot
88fe3403ce Add overcommitment for CPU in Packet CI playbook (#4597) 2019-04-21 02:27:44 -07:00
Maxime Guyot
4de6a78e26 Fix CI for packet_centos7-flannel-addons (#4586) 2019-04-20 06:21:40 -07:00
Maxime Guyot
50c86919dc Packet CI: Increasing the time wiating for IP to be assigned (#4584) 2019-04-20 06:13:40 -07:00
Maxime Guyot
781cc00cc4 Add a testcase to check that pods are running (#4555) 2019-04-20 06:11:40 -07:00
Matthew Mosesohn
05dc2b3a09 Use K8s 1.14 and add kubeadm experimental control plane mode (#4514)
* Use K8s 1.14 and add kubeadm experimental control plane mode

This reverts commit d39c273d96.

* Cleanup kubeadm setup run on first master

* pin kubeadm_certificate_key in test

* Remove kubelet autolabel of kube-node, add symlink for pki dir

Change-Id: Id5e74dd667c60675dbfe4193b0bc9fb44380e1ca
2019-04-19 06:01:54 -07:00
Andreas Krüger
656633f784 YAMLLint everything (#4576) 2019-04-18 23:59:54 -07:00
MarkusTeufelberger
04e3fb6a5a Fix ansible-lint error 103 (#4511) 2019-04-18 01:42:10 -07:00
Maxime Guyot
49af1f9969 Fix ansible-lint e601 in create-vms (#4561) 2019-04-17 10:46:10 -07:00
Andreas Krüger
d4b9f15c0a PHASE 2 - Enable Packet-CI in gitlab and move unit-tests and deploy-part1 (#4538)
* PHASE 2 - Enable Packet-CI in gitlab

* Add gitlab files

* Reset files back and only keep Packet

* Include packet

* Add missing Upgrade Tests

* Update GCE jobs etc

* Fix bug

* Yaml lint all gitlab files

* Remove GCE

* Test

* Test again

* Enable GCE again

* Install requirements

* Cleanup the gitlab file

* Cleanup runner tags

* Install requirements

* Test

* Test variables for gce

* Test again

* Test again

* Fix

* Update
2019-04-17 08:32:03 -07:00
Andreas Krüger
b834a28891 PHASE 1 - Add Packet-CI playbook and configuration (#4537) 2019-04-16 14:49:07 -07:00
Matthew Mosesohn
d39c273d96 Revert "Use K8s 1.14 and add kubeadm experimental control plane mode (#4317)" (#4510)
This reverts commit 316508626d.
2019-04-11 12:52:43 -07:00
Matthew Mosesohn
316508626d Use K8s 1.14 and add kubeadm experimental control plane mode (#4317)
* Use Kubernetes 1.14 and experimental control plane support

* bump to v1.14.0
2019-04-11 05:30:13 -07:00
Andreas Krüger
4ff851b302 Enable nodelocaldns by default (#4461)
* Enable nodelocaldns by default

* Enable nodelocaldns by default

* nodelocaldns is now default

* Disable enable_nodelocaldns for the addons CI jobs

Disable enable_nodelocaldns for the addons CI jobs to make sure things still work without nodelocaldns
2019-04-11 00:24:08 -07:00
Andreas Krüger
5e0249ae7c Add HAProxy as internal loadbalancer (#4480) 2019-04-10 05:56:18 -07:00
MarkusTeufelberger
d2a1ac3b0c Add Ansible-lint CI step (#4411)
* Add ansible-lint as gitlab-ci step

* Fix jinja2 syntax in include_tasks that breaks ansible-lint

* Use a block scalar to get around gitlab quoting/escaping rules

* Run ansible-lint in verbose mode in CI
2019-04-10 02:04:16 -07:00
Matthew Mosesohn
5f12b7aedf Remove kubedns and dnsmasq. Move dns_late phase after apps (#4406)
Both kubedns and dnsmasq modes are long not maintained.
We should run dns_late steps at the end because sshd
makes DNS lookups during Ansible run and has 2s timeouts
for each failed lookup trying to connect to coredns before
it is ready.
2019-04-01 12:32:34 -07:00
MarkusTeufelberger
9ffc65f8f3 Yamllint fixes (#4410)
* Lint everything in the repository with yamllint

* yamllint fixes: syntax fixes only

* yamllint fixes: move comments to play names

* yamllint fixes: indent comments in .gitlab-ci.yml file
2019-04-01 02:38:33 -07:00
Maxime Guyot
3511b55cf5 Increase CPU flavor for CI (#4389) 2019-03-27 16:26:48 -07:00
Maxime Guyot
7fb5fbac37 Use wide for netchecker debug output (#4383) 2019-03-22 19:41:06 -07:00
Peter Metz
26ca58419f feat(external-provisioner): adds support for local-path-provisioner (#4232)
* feat(external-provisioner/local-path-provisioner): adds support for local path provisioner

Helpful for local development but also in production workloads (once the
permission model is worked out) where you have redundancy built into the
software uses the PVCs (e.g. database cluster with synchronous
replication)

* feat(local-path-provisioner): adds debug flag, image tag group var

* fix(local-path-provisioner): moves image repo/tag to download role

* test(gce_centos7-flannel): enables local-path-provisioner in test case

* fix(addons): add image repo/tag to commented default values

* fix(local-path-provisioner): typo in jinja template for local path provisioner

* style(local-path-provisioner): debug flag condition re-formatted

* fix(local-path-provisioner): adds missing default value for debug flag

* fix(local-path-provisioner): syntax fix for debug if condition end

* fix(local-path-provisioner): jinja template syntax: if condition white space
2019-02-25 22:45:30 -08:00
Erwan Miran
7f93a5a0f5 Fix deprecation warnings (#4130)
* use not deprecated ansible_play_hosts variable

* Using tests as filters is deprecated

* Fix deprecation warning about pkg list
2019-01-31 14:57:22 -08:00
Erwan Miran
d790ec96d8 Fixup 4125: Debug agents when requests time out (#4132) 2019-01-28 10:22:43 -08:00
Erwan Miran
5e260fe23a Fixup 4094: Debug agents when nothing is return (#4125) 2019-01-28 03:33:18 -08:00
Erwan Miran
61d88b8db2 Fix random failure in debug: var=result.content|from_json (#4094)
* Fix random failure in debug: var=result.content|from_json

* netchecker agents are deployed on all k8s-cluster group members

* reducing limits/requests is not enough, switching to n1-standard-2

* gce_centos7 need more cpu
2019-01-25 08:14:22 -08:00
Thomas Nys
3e3ee0aeb1 Add support for running a nodelocal dns cache (#3861)
* Add support for running a nodelocal dns cache

After encountering dns issues in a cluster I was recently working on I
noticed Kubernetes 1.13 introduced support for running a nodelocal dns
cache.

I believe this can usefull for more people.

73b548db06
https://github.com/kubernetes/enhancements/blob/master/keps/sig-network/0030-nodelocal-dns-cache.md

* Add requested changes

* Add additional requested changes + documentation

* Add requested changes after review

* Replace incorrect variable
2018-12-10 17:28:03 -08:00
Andreas Krüger
ddffdb63bf Remove non-kubeadm deployment (#3811)
* Remove non-kubeadm deployment

* More cleanup

* More cleanup

* More cleanup

* More cleanup

* Fix gitlab

* Try stop gce first before absent to make the delete process work

* More cleanup

* Fix bug with checking if kubeadm has already run

* Fix bug with checking if kubeadm has already run

* More fixes

* Fix test

* fix

* Fix gitlab checkout untill kubespray 2.8 is on quay

* Fixed

* Add upgrade path from non-kubeadm to kubeadm. Revert ssl path

* Readd secret checking

* Do gitlab checks from v2.7.0 test upgrade path to 2.8.0

* fix typo

* Fix CI jobs to kubeadm again. Fix broken hyperkube path

* Fix gitlab

* Fix rotate tokens

* More fixes

* More fixes

* Fix tokens
2018-12-06 02:33:38 -08:00
Rong Zhang
9051aa5296 Fix ubuntu-contiv test failed (#3808)
netchecker agent status is pending
2018-12-03 23:01:32 -08:00
Andreas Krüger
432f8e9841 Fix basic auth tokens for kubeadm deployment. (#3801)
* Fix basic auth tokens for kubeadm deployment.

* Tokens should be a dependancy on master, not nodes
2018-12-03 10:44:29 -08:00
Andreas Krüger
bad886ca9b Update defaults to match k8s 1.12 suggestions (#3760)
* Update defaults to match k8s 1.12 suggestions

* Test if Netchecker works with node ip instead of localhost

* Update defaults to ipvs and coredns

* Update defaults for kube_apiserver_insecure_port

* Update main.yaml
2018-11-26 15:36:39 -08:00
Rong Zhang
07d2f1aa36 Add some warning information about deprecating non-kubeadm code (#3759) 2018-11-26 01:17:31 -08:00