abelgana
9506c2e597
require-kubeconfig is deprecated since K8s v1.8
2018-01-09 14:33:05 -05:00
Peter Slijkhuis
32884357ff
Add kubelet_custom_flags to kubelet.kubeadm.env.j2
2018-01-09 14:04:36 +01:00
Bogdan Dobrelya
278ac08087
Fix HA docs API access endpoints explained ( #2126 )
...
* Fix HA docs API access endpoints explained
Follow-up commit 81347298a3
and fix the endpoint value provided in HA docs.
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
* Clarify internal LB with external LB use case
* Clarify how to use both internal and external, non-cluster aware and
not managed with Kubespray, LB solutions.
* Clarify the requirements, like TLS/SSL termination, for such an external LB.
Unlike to the 'cluster-aware' external LB config, endpoints' security must be
managed by that non-cluster aware external LB.
* Note that masters always contact their local apiservers via https://bip:sp .
It's highly unlikely to go down and it reduces latency that might be
introduced when going host->lb->host. Only computes go that path.
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
* Add a note for supplementary_addresses_in_ssl_keys
Explain how to benefit from supplementary_addresses_in_ssl_keys
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2018-01-09 16:01:50 +03:00
neith00
88204642b7
updated weave to 2.1.3
2018-01-09 13:50:42 +01:00
Matthew Mosesohn
1401286910
Add support for cert alt names for etcd ( #2139 )
...
* Add support for cert alt names for etcd
* Update gen_certs_vault.yml
2018-01-09 14:37:34 +03:00
Lukasz Piatkowski
12eb242224
fix fluentd template
2018-01-08 13:40:47 +00:00
Ronald Rivera
8f36a02998
Merge branch 'master' of https://github.com/riverron/kubespray
2018-01-07 15:40:34 +00:00
Ronald Rivera
88f9e25f76
Updated with correct syntax to access default_tags variable.
2018-01-07 15:39:58 +00:00
Ron Rivera
dba1c13954
Updated with correct syntax to access default_tags variable.
2018-01-07 14:57:14 +00:00
Philippe Chepy
df9faa1743
Add support for flex volumes plugins.
2018-01-05 17:56:36 +01:00
ArchiFleKs
ce85bcaee7
Simplify and update OpenStack cloud provider
...
Simplify the number of variables necessary to "just" enable OpenStack
cloud provider. Also add the new options available in K8s 1.9.
2018-01-05 12:05:24 +01:00
rong.zhang
6ed2a60978
fix run dashboard error
2018-01-04 13:13:36 +08:00
Brad Beam
fd04c14260
Merge pull request #2127 from spiffxp/follow-cla-doc
...
Follow CLA doc to kubernetes/community
2018-01-03 19:19:34 -06:00
Aaron Crickenberger
10a5273f07
Follow CLA doc to kubernetes/community
2018-01-03 16:48:53 -08:00
Bogdan Dobrelya
bac3bf1a5f
Fix auto-evaluated API access endpoint for bind IP ( #2086 )
...
Auto configure API access endpoint with a custom bind IP, if provided.
Fix HA docs' http URLs are https in fact, clarify the insecure vs secure
API access modes as well.
Closes: #issues/2051
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2018-01-03 17:40:21 +01:00
RongZhang
e3b684df21
Remove blank lines
...
Remove blank lines
2018-01-03 00:54:04 -06:00
Steve Mitchell
e45b30d033
Add etcd key and cert environment variables for use with client auth
2018-01-02 13:52:17 -05:00
Matthew Mosesohn
ad6fecefa8
Update Kubernetes to v1.9.0 ( #2100 )
...
Update checksum for kubeadm
Use v1.9.0 kubeadm params
Include hash of ca.crt for kubeadm join
Update tag for testing upgrades
Add workaround for testing upgrades
Remove scale CI scenarios because of slow inventory parsing
in ansible 2.4.x.
Change region for tests to us-central1 to
improve ansible performance
2017-12-25 08:57:45 +00:00
Jan Jungnickel
3fdb2ccf55
Revert back to using an empty var as default to exclude hostname ( #2110 )
2017-12-22 22:09:59 +00:00
Matthew Mosesohn
29f5b55d42
remove unwanted whitespace for kube_override_hostname ( #2105 )
2017-12-22 11:31:18 +00:00
rong.zhang
5aef52e8c0
fix dashboard certs secret
2017-12-22 11:17:05 +08:00
Brad Beam
336e0cbf70
Merge pull request #2102 from spiffxp/update-code-of-conduct
...
Update code-of-conduct.md
2017-12-20 20:00:47 -06:00
Aaron Crickenberger
3cd06b0eb4
Update code-of-conduct.md
...
Refer to kubernetes/community as authoritative source for code of conduct
2017-12-20 14:12:38 -05:00
Matthew Mosesohn
6bb46e3ecb
Fix param names in preparation for Kubernetes v1.9.0 ( #2098 )
...
This does not update v1.9.0, but fixes two incompatibilities
when trying to deploy v1.9.0.
2017-12-20 10:48:09 +00:00
Matthew Mosesohn
127bc01857
Do not override kubelet hostname if cloud_provider is used ( #2095 )
...
Starting with Kubernetes v1.8.4, kubelet ignores the AWS cloud
provider string and uses the override hostname, which fails
Node admission checks.
Fixes #2094
2017-12-19 20:18:20 +00:00
Evan Zeimet
a6975c1850
Rename runtime docker_version ( #2082 )
...
Renaming runtime docker_version to prevent setting that
value on the command line from breaking the play run.
This fixes #2081
2017-12-19 14:47:54 +00:00
Stanislav Makar
b2cb0725ac
Default OpenStack Cinder Storage Class ( #2083 )
...
Add possibility to create default OpenStack Cinder Storage Class
Closes : #1609
2017-12-19 14:47:00 +00:00
rong.zhang
b974b144a8
Add RBAC to binding Dahsboard UI
2017-12-18 23:07:19 +08:00
Matthew Mosesohn
bfb25fa47b
Change vault cert ttl to 8y ( #2013 )
2017-12-15 13:34:00 +00:00
Matthew Mosesohn
b135bcb9d9
Split download container task for delegate and non-delegate modes ( #2077 )
...
Ansible cannot seem to handle omitting delegate_to since v2.4.0.0.
Possibly related: https://github.com/ansible/ansible/issues/30760
2017-12-14 16:45:54 +00:00
rong.zhang
0771cd8599
Remove dashboard_tls_key and dashboard_tls_cert
2017-12-13 15:42:20 +08:00
Fang Zhen
91d848f98a
Make spliting system_search_domains more robust
...
The search line in /etc/resolv.conf could have
multiple spaces or tabs between domains.
split(' ') will give wrong results in some case,
use split() without argument instead.
e.g.
>>> 'domain.tld cluster.tld '.split(' ')
['domain.tld\tcluster.tld', '']
>>> 'domain.tld cluster.tld '.split()
['domain.tld', 'cluster.tld']
2017-12-13 15:39:38 +08:00
rong.zhang
40edf8c6f5
Update dashboard version to v1.8.0
...
Update dependencies to be compatible with Kubernetes v1.8
2017-12-13 12:50:44 +08:00
Chad Swenson
e78562830f
Retry kube container removal during upgrade
...
As we have seen with other containers, sometimes container removal fails on the first attempt due to some Docker bugs. Retrying typically corrects the issue.
2017-12-12 12:06:41 -06:00
Brad Beam
39ce1bd8be
Merge pull request #2059 from bradbeam/vaultalt
...
Fixing alt_names for vault cert generation
2017-12-12 09:28:51 -06:00
Spencer Smith
6291881943
Merge pull request #2057 from rsmitty/master
...
set docker_version fact regardless of docker_dns in use
2017-12-12 10:28:14 -05:00
Brad Beam
802fd94dad
Merge pull request #2054 from ArchiFleKs/os-cloud-provider-domain-fix
...
Fix domain id for OpenStack provider
2017-12-11 21:06:16 -06:00
Xu Zhipei
66f38a1b31
fix: always only one docker image got synced after download
2017-12-12 09:51:03 +08:00
Brad Beam
d3850a4da5
Fixing alt_names for vault cert generation
2017-12-11 17:28:18 -06:00
Spencer Smith
53a4355e60
set docker_version fact regardless of docker_dns in use
2017-12-11 17:48:11 -05:00
Spencer Smith
18a616f57c
Merge pull request #2052 from ArchiFleKs/os-terraform-fix-inventory
...
Change OpenStack inventory to python2
2017-12-11 13:42:05 -05:00
Spencer Smith
32333eb627
Merge pull request #2035 from brutus333/fix/proxy
...
Added proxy_env to scale and upgrade playbooks
2017-12-11 12:43:06 -05:00
Brad Beam
19def41fdf
Merge pull request #2047 from bradbeam/vaulttime
...
Adding retries for vault-temp to come online
2017-12-11 09:04:57 -06:00
ArchiFleKs
44b9dce134
Fix domain id for OpenStack provider
...
OpenStack authentication does not support using a mix of DomainID and
DomainName, only one or the other should be used.
2017-12-11 15:57:33 +01:00
Brad Beam
fa5a538fe5
Merge pull request #2050 from jbonachera/fix-vault-tls-validation
...
append newline char to vault generated certs
2017-12-11 08:41:34 -06:00
ArchiFleKs
5e3fd2253f
Change OpenStack inventory to python2
...
For distribution who ship python3 as default python, it breaks the
inventory script as it is not compatible with python3.
2017-12-11 14:25:05 +01:00
Brad Beam
9643c2c1e3
Fixes to reset ( #2046 )
...
- adding additional directories to cleanup (rkt/vault)
- targeting kubespray ansible groups instead of all
2017-12-11 12:49:21 +00:00
Brad Beam
93f3614382
Fixes #2039 - changing alt_names to be string instead of list ( #2043 )
2017-12-11 12:48:07 +00:00
Brad Beam
cbc8a7d679
Merge pull request #1995 from b0r1sp/patch-1
...
Update main.yml
2017-12-10 21:45:02 -06:00
Julien BONACHERA
290bc993a5
append newline char to vault generated certs
2017-12-10 13:06:28 +01:00