Bogdan Dobrelya
34ecf4ea51
Merge pull request #1109 from pcm32/feature/fixTerraformOS
...
Restores working order of contrib/terraform/openstack
2017-03-15 17:15:35 +01:00
Matthew Mosesohn
a422ad0d50
More idempotency fixes
...
Fixed sync_tokens fact
Fixed sync_certs for k8s tokens fact
Disabled register docker images changability
Fixed CNI dir permission
Fix idempotency for etcd pre upgrade checks
2017-03-15 19:06:39 +03:00
Matthew Mosesohn
096d96e344
Merge pull request #1137 from holser/bug/1135
...
Turn on iptables for flannel
2017-03-15 17:06:42 +03:00
Bogdan Dobrelya
e61310bc89
Merge pull request #1140 from VincentS/jinja28
...
Added Jinja 2.8 to Docs
2017-03-15 13:18:53 +01:00
Vincent Schwarzer
111ca9584e
Added Jinja 2.8 to Docs
...
Added Jinja 2.8 Requirements to docs and pip requirements file which
is needed to run the current Ansible Playbooks.
2017-03-15 13:11:09 +01:00
Matthew Mosesohn
7d35c4592c
Merge pull request #1139 from VincentS/docu_fix
...
Fix for CoreOS Docu
2017-03-15 15:06:41 +03:00
Vincent Schwarzer
3e8386cbf3
Fixed CoreOS Docu
...
CoreOS docu was referencing outdated bootstrap playbook that
is now part of kargo itself.
2017-03-15 13:04:01 +01:00
Matthew Mosesohn
4354162067
Merge pull request #1080 from VincentS/Granular_Auth_Control
...
Granular authentication Control
2017-03-15 13:12:51 +03:00
Matthew Mosesohn
a62a444229
Merge pull request #1117 from mattymo/etcd3-upgrade
...
Migrate k8s data to etcd3 api store
2017-03-15 12:56:06 +03:00
Matthew Mosesohn
f6b72fa830
Make resolvconf preinstall idempotent
2017-03-15 01:20:13 +04:00
Sergii Golovatiuk
9667e8615f
Turn on iptables for flannel
...
Closes : #1135
Closes : #1026
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-03-14 17:54:55 +01:00
Vincent Schwarzer
026da060f2
Granular authentication Control
...
It is now possible to deactivate selected authentication methods
(basic auth, token auth) inside the cluster by adding
removing the required arguments to the Kube API Server and generating
the secrets accordingly.
The x509 authentification is currently not optional because disabling it
would affect the kubectl clients deployed on the master nodes.
2017-03-14 16:57:35 +01:00
Matthew Mosesohn
3feab1cb2d
Merge pull request #1134 from mattymo/1.6-support
...
Explicitly set cni-bin-dir
2017-03-14 17:53:08 +03:00
Matthew Mosesohn
804e9a09c0
Migrate k8s data to etcd3 api store
...
Default backend is now etcd3 (was etcd2).
The migration process consists of the following steps:
* check if migration is necessary
* stop etcd on first etcd server
* run migration script
* start etcd on first etcd server
* stop kube-apiserver until configuration is updated
* update kube-apiserver
* purge old etcdv2 data
2017-03-14 17:50:20 +03:00
Matthew Mosesohn
4c6829513c
Fix etcd idempotency
2017-03-14 17:23:29 +03:00
Matthew Mosesohn
4038954f96
Merge pull request #1078 from VincentS/oidc_support
...
Added Support for OpenID Connect Authentication
2017-03-14 12:07:21 +03:00
Matthew Mosesohn
52a6dd5427
Explicitly set cni-bin-dir
2017-03-13 20:13:21 +03:00
Matthew Mosesohn
c301dd5d94
Merge pull request #1118 from mattymo/noderolelabels
...
Add node labels in kubelet
2017-03-13 19:04:21 +03:00
Antoine Legrand
7cb7eee29d
Merge pull request #1116 from kubernetes-incubator/contrib_docs
...
Reference external documentation sources
2017-03-07 13:33:25 +01:00
David Crook
a52e1069ce
updated debian and ubuntu package names based on testing
...
docker-ce is not the .deb package until the repositories are switched over to new "downloads" docker webserver
2017-03-06 16:54:39 -07:00
David Crook
a8e5002aeb
removed irrelevant comments
2017-03-06 16:02:53 -07:00
David Crook
c515a351c6
Merge branch 'master' into issue_1107-docker-versioning
2017-03-06 16:00:31 -07:00
Antoine Legrand
7777b30693
Merge pull request #1120 from bradbeam/fixtags
...
Removing cloud_provider tag to fix scenario where cloud_provider is n…
2017-03-06 19:00:41 +01:00
Brad Beam
d04fbf3f78
Removing cloud_provider tag to fix scenario where cloud_provider is not defined
2017-03-06 10:52:38 -06:00
Matthew Mosesohn
54207877bd
Add node labels in kubelet
...
Related-issue: https://github.com/kubernetes/community/issues/300
Upgraded nodes do not obtain labels automatically.
See https://github.com/kubernetes/kubernetes/pull/29459 for more details.
2017-03-06 17:18:42 +03:00
Vincent Schwarzer
3c6b1480b8
Rewrote AWS Terraform for Kargo
...
Rewrote AWS Terraform deployment for AWS Kargo. It supports now
multiple Availability Zones, AWS Loadbalancer for Kubernetes API,
Bastion Host, ...
For more information see README
2017-03-06 12:52:02 +01:00
Vincent Schwarzer
b075960e3b
Added Support for OpenID Connect Authentication
...
To use OpenID Connect Authentication beside deploying an OpenID Connect
Identity Provider it is necesarry to pass additional arguments to the Kube API Server.
These required arguments were added to the kube apiserver manifest.
2017-03-06 12:40:35 +01:00
Antoine Legrand
85596c2610
Merge pull request #1045 from bradbeam/vsphere
...
Adding vsphere cloud provider support
2017-03-06 12:34:05 +01:00
Antoine Legrand
0613e3c24d
Reference external documentation sources
2017-03-06 12:25:54 +01:00
Antoine Legrand
ee5f009b95
Merge pull request #1112 from mattymo/skip_vault_if_disabled
...
Disable vault role properly on ansible 2.2.0
2017-03-06 11:27:53 +01:00
Antoine Legrand
d76816d043
Merge pull request #1115 from mattymo/etcd-phases
...
Remove standalone etcd specific play, cleanup host mode
2017-03-06 11:21:08 +01:00
Matthew Mosesohn
45274560ec
Disable vault role properly on ansible 2.2.0
...
when condition does not seem to work correctly at playbook
level for ansible 2.2.0.
2017-03-05 00:43:01 +04:00
Matthew Mosesohn
02a8e78902
Remove standalone etcd specific play, cleanup host mode
...
Now etcd role can optionally disable etcd cluster setup for faster
deployment when it is combined with etcd role.
2017-03-04 00:34:26 +04:00
Matthew Mosesohn
8f3d9e93ce
Merge pull request #1111 from mattymo/use_find_for_certs
...
Use find module for checking for certificates
2017-03-03 20:08:33 +03:00
Matthew Mosesohn
a244aca6a4
Merge pull request #1113 from VincentS/AWS_IAM_PROFILES
...
Added Missing AWS IAM Profiles and Policies
2017-03-03 17:35:55 +03:00
Vincent Schwarzer
5ae85b9de5
Added Missing AWS IAM Profiles and Policies
...
The AWS IAM profiles and policies required to run Kargo on AWS
are no longer hosted in the kubernetes main repo since kube-up got
deprecated. Hence we have to move the files into the kargo repository.
2017-03-03 15:30:07 +01:00
Matthew Mosesohn
d176818c44
Use find module for checking for certificates
...
Also generate certs only when absent on master (rather than
when absent on target node)
2017-03-03 16:21:01 +03:00
Bogdan Dobrelya
aeec0f9a71
Merge pull request #1071 from vijaykatam/atomic_host
...
Add support for atomic host
2017-03-03 13:03:59 +01:00
Matthew Mosesohn
08a02af833
Merge pull request #1075 from VincentS/loadbalancer_aws
...
Possibility to add Loadbalancers without static IP (e.g. AWS ELB) #1074
2017-03-03 14:07:22 +03:00
Pablo Moreno
cf26585cff
Restores working order of contrib/terraform/openstack, includes vault group and avoids group_vars/k8s-cluster.yml
2017-03-02 23:58:07 +00:00
David Crook
3f4a375ac4
first pass at adding 'stable' and 'edge' version packages
...
- Only have ubuntu to test on
- fedora and redhat are placeholders/guesses
- the "old" package repositories seem to have the "new" CE version which is `1.13.1` based
- `docker-ce` looks like it is named as a backported `docker-engine` package in some
places
- Did not change the `defaults` version anywhere, so should work as before
- Did not point to new package repositories, as existing ones have the new packages.
2017-03-02 13:48:09 -07:00
Matthew Mosesohn
cc632f2713
Merge pull request #1099 from rutsky/patch-4
...
fix inline verbatim blocks formatting in markdown
2017-03-02 17:46:52 +03:00
Matthew Mosesohn
5ebc9a380c
Merge pull request #1060 from holser/etcdv3
...
Allow to specify etcd backend for kube-api
2017-03-02 17:24:09 +03:00
Matthew Mosesohn
6453650895
Merge pull request #1093 from mattymo/scaledns
...
Add autoscalers for dnsmasq and kubedns
2017-03-02 16:58:56 +03:00
Matthew Mosesohn
9cb12cf250
Add autoscalers for dnsmasq and kubedns
...
By default kubedns and dnsmasq scale when installed.
Dnsmasq is no longer a daemonset. It is now a deployment.
Kubedns is no longer a replicationcluster. It is now a deployment.
Minimum replicas is two (to enable rolling updates).
Reduced memory erquirements for dnsmasq and kubedns
2017-03-02 13:44:22 +03:00
Vincent Schwarzer
68e8d74545
Changes based on feedback (additional ansible checks)
2017-03-02 11:04:10 +01:00
Vincent Schwarzer
fc054e21f6
Modified how adding LB for the Kube API is handled (AWS)
...
Until now it was not possible to add an API Loadbalancer
without an static IP Address. But certain Loadbalancers
like AWS Elastic Loadbalanacer dontt have an fixed IP address.
With this commit it is possible to add these kind of Loadbalancers
to the Kargo deployment.
2017-03-02 11:04:10 +01:00
Matthew Mosesohn
3256f4bc0f
Merge pull request #1103 from mattymo/upgradesyntax
...
Add upgrade-cluster and reset playbooks to syntax check
2017-03-02 12:41:10 +03:00
Matthew Mosesohn
0e9ad8f2c7
Merge pull request #1100 from retr0h/host-vars
...
Added host_vars to gitignore
2017-03-02 12:32:22 +03:00
Matthew Mosesohn
efbb5b2db3
Merge pull request #1101 from retr0h/docker-1.13.1
...
Use docker-engine 1.13.1
2017-03-02 12:31:58 +03:00