C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
3969 commits 17 branches 66 tags 141 MiB
Commit graph

2521 commits

Author SHA1 Message Date
Andreas Kruger
c058e7a5ec Remove audit again from Kubeadm 1.10.x. Write mounts not supported untill 1.11 2018-09-19 13:15:14 +02:00
Andreas Kruger
e0ddabc463 Add support for kubelet_node_custom_flags 2018-09-19 12:58:06 +02:00
Andreas Kruger
940d2fdbb1 Add missing enforce-node-allocatable to kubelet for kubeadm deployments 2018-09-19 11:54:34 +02:00
Andreas Kruger
1c999b2a61 Move kube_kubeadm_controller_extra_args to controllerManagerExtraArgs section. It was placed in controllerManagerExtraVolumes 2018-09-19 11:24:19 +02:00
Andreas Kruger
8e37841a2e Add audit support to v1alpha1 of Kubeadm 2018-09-19 11:01:30 +02:00
Andreas Kruger
8d1c0c469c Added missing enable-aggregator-routing option 2018-09-19 10:58:46 +02:00
Andreas Kruger
26d7380c2e Sync manifests from non-kubeadm to kubeadm deploy 2018-09-19 10:01:45 +02:00
Takashi Okamoto
95703fb6f2 Add kubelet path for kubeadm. 2018-09-19 03:04:03 +00:00
Karol Chrapek
0121bce9e5 Instead of doc update, change the verify step 2018-09-18 22:13:15 +02:00
Kevin Schuck
fb1678d425 Ensures BGPPeer resource names are unique 2018-09-18 10:48:30 -05:00
Alex Yakovenko
884053aaa7
Make Felix healthhost configurable 2018-09-18 15:48:29 +03:00
k8s-ci-robot
3d27007750
Merge pull request #3329 from riverzhang/checksum 
Keep list of k8s checksums for hyperkube and kubeadm
 2018-09-18 02:42:59 -07:00
AtzeDeVries
4cbd97667d Merge remote-tracking branch 'upstream/master' into fix/ubuntu-xenial-resolv-conf 2018-09-18 09:51:46 +02:00
k8s-ci-robot
2730c90dcd
Merge pull request #3320 from riverzhang/kubelet 
Support dynamic kubelet config
 2018-09-18 00:16:04 -07:00
rongzhang
09a1bcb30b Keep list of k8s checksums for hyperkube and kubeadm 
Keep a list of checksums for kubeadm and hyperkube downloads.
Makes it easier to switch version
 2018-09-18 15:05:17 +08:00
rongzhang
77e08ba204 Support dynamic kubelet config 
https://kubernetes.io/blog/2018/07/11/dynamic-kubelet-configuration/
 2018-09-18 08:44:39 +08:00
Kevin Schuck
d3adf09bde Fixes BGPPeer resource for calico >= 3.0.0 2018-09-17 15:22:28 -05:00
Erwan Miran
afa2a5f1c4 enhanced reset for contiv 2018-09-17 16:46:19 +02:00
Erwan Miran
bcaf2f9ea3 contiv 1.2.1 2018-09-17 16:45:05 +02:00
k8s-ci-robot
d16b562b18
Merge pull request #3316 from mattymo/tiller_override_fix 
Fix tiller override command
 2018-09-17 05:12:05 -07:00
k8s-ci-robot
0538f8a70d
Merge pull request #3290 from riverzhang/fix-upgrade 
Fix upgrade k8s
 2018-09-17 04:26:47 -07:00
k8s-ci-robot
1a426ada3c
Merge pull request #3324 from alvistack/cert-manager-v0.5.0 
cert-manager: Upgrade to 0.5.0
 2018-09-17 04:20:56 -07:00
Wong Hoi Sing Edison
a544e54578 weave: Upgrade to 2.4.1 
Upstream Changes:

-   weave 2.4.1 (https://github.com/weaveworks/weave/releases/tag/v2.4.1)

Our Changes:

-   Templates sync with upstream manifests
 2018-09-17 17:09:19 +08:00
Wong Hoi Sing Edison
f34a6699ef cert-manager: Upgrade to 0.5.0 
Upstream Changes:

-   cert-manager 0.5.0 (https://github.com/jetstack/cert-manager/releases/tag/v0.5.0)

Our Changes:

-   Templates sync with upstream manifests
 2018-09-17 16:58:04 +08:00
AtzeDeVries
482857611a added extra var for ubuntu 18 netplan resolv 2018-09-17 09:01:55 +02:00
AtzeDeVries
8d8bbc294a fix for resolvconf in ubuntu18 2018-09-17 09:00:55 +02:00
k8s-ci-robot
7f91f6e034
Merge pull request #3287 from Kami-no/coredns_metrics 
Monitor CoreDNS over svc
 2018-09-16 23:39:59 -07:00
rongzhang
84c4c7dc82 Use synchronize module 2018-09-16 20:36:44 +08:00
rongzhang
1d4aa7abcc Fix upgrade k8s 2018-09-16 10:35:12 +08:00
Matthew Mosesohn
fe35c32c62 Fix tiller override command 2018-09-15 16:35:19 +03:00
Rong Zhang
aa0da221e9
Merge pull request #2880 from hfinucane/rh7-paths 
Fix #2261 by supporting Red Hat's limited PATH
 2018-09-15 19:27:22 +08:00
k8s-ci-robot
f1403493df
Merge pull request #3296 from rabi/fix_cilium_crio 
Add volume and volumeMount for crio-socket
 2018-09-15 03:23:02 -07:00
k8s-ci-robot
36901d8394
Merge pull request #3309 from ant31/fix_download_file 
Fix download file
 2018-09-15 03:18:23 -07:00
k8s-ci-robot
e6a2e34dd1
Merge pull request #3315 from riverzhang/upgrade-kubedns 
Upgrade kubedns to 1.14.11
 2018-09-15 02:08:20 -07:00
rongzhang
934d92f09c Upgrade kubedns to 1.14.11 2018-09-15 15:22:38 +08:00
k8s-ci-robot
5e59541faa
Merge pull request #3258 from okamototk/fix_kubectl_path 
absolute path for kubectl.
 2018-09-13 14:38:20 -07:00
Antoine Legrand
d94b7fd57c Don't download binary if docker is selected 2018-09-13 22:06:51 +02:00
k8s-ci-robot
9964ba77ee
Merge pull request #3305 from mattymo/fixup_upgrade 
Fixes for upgrade mode
 2018-09-13 12:57:23 -07:00
k8s-ci-robot
153661cc47
Merge pull request #3284 from mattymo/more_calico_legacy 
Put back legacy support for calico ippools and bgp settings
 2018-09-13 09:25:26 -07:00
Matthew Mosesohn
8becd905b8 Fixes for upgrade mode 
Uses correct flag for draining with a pod selector
Verifies minimum kubectl version for compatibility
 2018-09-13 18:42:01 +03:00
Matthew Mosesohn
c83350e597 refactor to base on calico_version 2018-09-13 18:05:10 +03:00
k8s-ci-robot
ffbe9e7fd8
Merge pull request #1973 from guenhter/rsync-cmd-to-synchronize 
Replace the raw rsync command with the synchronize module
 2018-09-13 03:12:05 -07:00
AtzeDeVries
91b02c057e Add support for GPU accelerator 2018-09-13 11:53:11 +02:00
Matthew Mosesohn
55d76ea3d8
Update install.yml 2018-09-13 12:04:53 +03:00
rabi
1df0b67ec1 Add volume and volumeMount for crio-socket 
This commit fixes #3295
 2018-09-13 14:34:44 +05:30
k8s-ci-robot
218e527363
Merge pull request #3243 from mirwan/helm_binary_should_be_installed_on_all_masters 
Install Helm client on all masters
 2018-09-13 00:39:36 -07:00
k8s-ci-robot
27fc391f71
Merge pull request #3291 from mirwan/remove_insecure-bind-address_when_insecure_port_is_0 
Remove --insecure-bind-address when insecure-port=0
 2018-09-13 00:34:39 -07:00
Matthew Mosesohn
1091e82327
Update install.yml 2018-09-12 22:15:46 +03:00
k8s-ci-robot
a5cc8537f9
Merge pull request #3283 from mattymo/more_upgrade_options 
Extra options for upgrade mode
 2018-09-12 10:50:33 -07:00
Matthew Mosesohn
d692737a13 Extra options for upgrade mode 
Optionally do not drain nodes by setting drain_nodes to false
Optionally set a labelselector to target which pods should be drained.
 2018-09-12 17:05:41 +03:00
Matthew Mosesohn
cc79125d3e
Update install.yml 2018-09-12 17:03:55 +03:00
k8s-ci-robot
a801e02cea
Merge pull request #3261 from mattymo/etcd_ssl_dir_perms 
Ensure etcd file permissions are correct when using vault
 2018-09-12 01:10:26 -07:00
Zinin D.A
29c7775ea1 Monitor CoreDNS over svc 2018-09-12 10:24:15 +03:00
k8s-ci-robot
cbf099de4d
Merge pull request #3285 from mirwan/fix_netchecker_sa_when_psp 
Fix wrong sa name in crb when psp is enabled
 2018-09-12 00:20:38 -07:00
k8s-ci-robot
c8630f46fd
Merge pull request #3286 from fritchie/master 
Change update strategy to RollingUpdate
 2018-09-12 00:18:05 -07:00
Erwan Miran
af74d85b7d Remove --insecure-bind-address when insecure-port=0 2018-09-12 08:22:11 +02:00
Chad Swenson
97e5f28537
Revert "Remove insecure-port and insecure-bind-address when possible" 2018-09-11 17:42:12 -05:00
Frank Ritchie
f42e0a4711 Change update strategy to RollingUpdate. 
When enable_network_policy is set to True with Calico 3 kubectl
apply fails with the error:

The Deployment "calico-kube-controllers" is invalid:
spec.strategy.rollingUpdate: Forbidden: may not be specified when
strategy type is 'Recreate'

See

https://github.com/kubernetes-incubator/kubespray/issues/3267

Changing the update strategy to RollingUpdate avoids this error.
 2018-09-11 12:03:42 -04:00
Matthew Mosesohn
d91f9e14e6 Put back legacy support for calico ippools and bgp settings 2018-09-11 16:40:11 +03:00
Erwan Miran
e24b1220a0 Fix wrong sa name in crb when psp is enabled 2018-09-11 15:04:55 +02:00
k8s-ci-robot
0a720b35af
Merge pull request #3270 from riverzhang/fix-registry 
Add insecure_registry config to docker options
 2018-09-10 04:28:52 -07:00
rongzhang
f557b54489 Add docker_ to values 2018-09-10 18:05:49 +08:00
Erwan Miran
04852ad753 Install Helm on all masters 2018-09-10 11:39:26 +02:00
Matthew Mosesohn
aaa9a4efac Ensure vault file permissions are correct 2018-09-10 12:04:04 +03:00
rongzhang
0140cf71c8 Upgrade kubernetes to v1.11.3 2018-09-10 15:52:49 +08:00
rongzhang
51794e4c13 Deploying k8s clusters in a private environment 2018-09-09 11:06:00 +08:00
rongzhang
b249b06036 Move docker options to kubespray-defaults 2018-09-09 10:21:18 +08:00
rongzhang
20caaf9d1f Delete gitignore file 2018-09-09 02:09:02 +08:00
rongzhang
c41ca22a78 Planning the configuration of docker parameters 2018-09-09 00:59:59 +08:00
georgejdli
b891d77679 add option to secure helm tiller with tls 2018-09-07 10:29:31 -05:00
k8s-ci-robot
5c2e9a5376
Merge pull request #3252 from mirwan/remove_insecure-bind-address_when_insecure-bind-port_is_0 
Remove insecure-port and insecure-bind-address when possible
 2018-09-07 07:41:21 -07:00
k8s-ci-robot
b3a689658b
Merge pull request #3255 from mlushpenko/calico_check 
Fix calico health checks
 2018-09-07 07:39:20 -07:00
Takashi Okamoto
d182d4f979 absolute path for kubectl. 2018-09-07 09:33:43 -04:00
k8s-ci-robot
9c49e071d3
Merge pull request #3260 from riverzhang/discoverytimeout 
Add discovery_timeout to join configuration
 2018-09-07 05:20:19 -07:00
rongzhang
0f63924ed4 Add discovery_timeout to join configuration 
https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1alpha2#JoinConfiguration
 2018-09-07 16:28:53 +08:00
mlushpenko
ea2c9d8f57 Fix yaml checks 2018-09-06 16:26:57 +02:00
mlushpenko
f958b32c83 Fix calico health checks 2018-09-06 15:57:21 +02:00
k8s-ci-robot
2faa8f1e37
Merge pull request #3254 from mattymo/calico_upgrade_tweaks 
Fix backward compatibility with calico 2.6
 2018-09-06 06:20:52 -07:00
k8s-ci-robot
ab462d92b8
Merge pull request #3249 from mattymo/fix_missing_var_kube_proxy_nodeport 
Add missing variable kube_proxy_nodeport_addresses
 2018-09-06 06:18:23 -07:00
k8s-ci-robot
27905bbddf
Merge pull request #3250 from mattymo/openstack_cacert 
Fix openstack cacert task
 2018-09-06 06:15:59 -07:00
Matthew Mosesohn
dc3e317d20 Fix backward compatibility with calico 2.6 2018-09-06 15:54:20 +03:00
Erwan Miran
a5509fc2ce Remove insecure-port and insecure-bind-address when possible 2018-09-06 13:46:09 +02:00
Matthew Mosesohn
b614a3504b Fix openstack cacert task 2018-09-06 14:06:06 +03:00
Matthew Mosesohn
cd8e469b9c Add missing variable kube_proxy_nodeport_addresses 2018-09-06 13:36:17 +03:00
Matthew Mosesohn
991b3dbe54 put back endif in kubelet rkt template 2018-09-06 13:21:22 +03:00
k8s-ci-robot
f5251f7d27
Merge pull request #3247 from mattymo/kubelet_rkt_Fix 
remove broken endifs in kubelet rkt mode
 2018-09-06 02:49:35 -07:00
Matthew Mosesohn
faedfb6307 remove broken endifs in kubelet rkt mode 2018-09-06 11:59:25 +03:00
k8s-ci-robot
1940495817
Merge pull request #3246 from riverzhang/pause 
Upgrade pause image to 3.1
 2018-09-06 00:48:05 -07:00
rongzhang
b979fb0116 Upgrade pause image to 3.1 2018-09-06 14:15:51 +08:00
Antoine Legrand
7e140e5f3c
Merge pull request #3122 from jbcraig/fix_cacert_feature 
resolve issues with new cacert feature
 2018-09-05 23:31:53 +02:00
rongzhang
435e098751 Fix feature-gates 2018-09-05 22:55:51 +08:00
Antoine Legrand
055e80f846
Merge pull request #3244 from ant31/calico31 
Reverts calico update to 3.2.0, fixes #3223
 2018-09-05 11:45:22 +02:00
Antoine Legrand
15363530ae Reverts calico update to 3.2.0, fixes #3223 2018-09-05 11:44:32 +02:00
Jeff Bornemann
83838b7fbc Add new OCI cloud controls 2018-09-04 14:03:17 -04:00
Luis Nunez
6569180654 remove capitalize filter 2018-09-04 14:56:53 +02:00
k8s-ci-robot
ad33f71ac2
Merge pull request #3228 from mirwan/credentials_dir 
Introducing credentials_dir variable in order to be able to override it
 2018-09-04 04:35:11 -07:00
k8s-ci-robot
50c6a98b15
Merge pull request #3229 from mirwan/docker_1806_ubuntu_under_bionic 
Docker 18.06 for ubuntu versions before bionic
 2018-09-03 11:37:13 -07:00
Erwan Miran
a644b7c267 Introducing credentials_dir in order to be able to override it 2018-09-03 18:04:50 +02:00
Atoms
8c9588ab59 Add additional no proxy parameter for more customization 2018-09-03 17:09:58 +03:00
Erwan Miran
c0ce875743 change edge to 18.06 for ubuntu 2018-09-03 14:11:25 +02:00
Erwan Miran
a22d28e1c1 docker 18.06 for ubuntu version before bionic 2018-09-03 14:10:51 +02:00
k8s-ci-robot
c32145057d
Merge pull request #3178 from gitphill/patch-1 
Add azure-container-registry-config for Azure
 2018-09-03 05:06:01 -07:00
rboyapat
fbb98b0070 Fix the jinja expression for openstack_tenant_id (#3151) 
OS_PROJECT_ID is obsolete in keystone v3 and jinja expression
doesn't set openstack_tenant_id as expected because of
undefined env var. Fixed the expression.
 2018-09-03 14:59:49 +03:00
k8s-ci-robot
db11394711
Merge pull request #3200 from pablodav/feature/k8s_win_v1.11 
Required support to start working on windows node support
 2018-09-03 04:51:23 -07:00
Matthew Mosesohn
fd57fde075 Always run helm init to allow for settings changes 2018-09-03 11:16:01 +03:00
Wong Hoi Sing Edison
9fc8f9a07d ingress-nginx: Upgrade to 0.19.0 
Upstream Changes:

-   ingress-nginx 0.19.0 (https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.19.0)

Our Changes:

-   Sync templates with upstream changes
 2018-09-03 08:00:08 +08:00
Pablo Estigarribia
7cbe3c2171 ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version 
ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version

remove empty when line

ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version

force kubeadm upgrade due to failure without --force flag

ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version

added nodeSelector to have compatibility with hybrid cluster with win nodes, also fix for download with missing container type

fixes in syntax and LF for newline in files

fix on yamllint check

ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version

some cleanup for innecesary lines

remove conditions for nodeselector
 2018-09-02 12:47:06 -03:00
k8s-ci-robot
a47c9239e8
Merge pull request #3221 from alvistack/cephfs-provisioner-v2.1.0-k8s1.11 
cephfs-provisioner: Upgrade to v2.1.0-k8s1.11
 2018-09-02 04:16:17 -07:00
k8s-ci-robot
635ca1a0b8
Merge pull request #3220 from alvistack/coredns-1.2.2 
coredns: Upgrade to v1.2.2
 2018-09-02 04:13:53 -07:00
Wong Hoi Sing Edison
32fdfbcd5a cephfs-provisioner: Upgrade to v2.1.0-k8s1.11 
Upstream Changes:

-   cephfs-provisioner v2.1.0-k8s1.11 (https://github.com/kubernetes-incubator/external-storage/releases/tag/cephfs-provisioner-v2.1.0-k8s1.11)

Our Changes:

-   Sync clusterrole and role with upstream changes
 2018-09-02 11:51:28 +08:00
Wong Hoi Sing Edison
df8b27c03c coredns: Upgrade to v1.2.2 
Upstream Changes:

-   coredns v1.2.2 (https://github.com/coredns/coredns/releases/tag/v1.2.2)

NOTE:

-   coredns image for 1.2.0 and 1.2.1 had been removed from https://console.cloud.google.com/gcr/images/google-containers/GLOBAL/coredns
 2018-09-02 11:37:21 +08:00
mlushpenko
8e95974930 Fix ports for kubeadm client and master configs for ha setups 2018-09-01 18:02:52 +02:00
k8s-ci-robot
13dda0e36e
Merge pull request #3207 from mirwan/fix_3206 
Fix target hosts generation when /etc/hosts does not contain 127.0.0.1 or ::1
 2018-08-31 17:50:56 -07:00
k8s-ci-robot
6e7100f283
Merge pull request #3208 from mirwan/etcd_ha_doc_n_cleaning 
Add documentation about having HA for etcd
 2018-08-31 08:06:05 -07:00
Erwan Miran
059cd17b47 Fix target hosts generation when /etc/hosts does not contain 127.0.0.1 or ::1 2018-08-31 16:33:18 +02:00
k8s-ci-robot
fb7b3305dc
Merge pull request #3209 from mirwan/use_etcd_events_access_address 
etcd_events_access_address should be used for peer_url and client_url
 2018-08-31 07:26:25 -07:00
Erwan Miran
81c3f2c971 etcd_events_access_address should be used for peer_url and client_url 2018-08-31 15:03:07 +02:00
Erwan Miran
82a28d6bb3 Add documentation about having HA for etcd 2018-08-31 14:40:25 +02:00
Antoine Legrand
22f9114630 update calico to 3.2.0 2018-08-31 13:45:08 +02:00
Antoine Legrand
f2f0cdd0ff add arch vars for docker 2018-08-31 13:45:08 +02:00
Antoine Legrand
da06c8e5a9 etcd UNSUPPORTED for all arch 2018-08-31 13:45:08 +02:00
Antoine Legrand
2f1fe44762 update images to use arch 2018-08-31 13:45:08 +02:00
Antoine Legrand
19268ded23 Fix some arm64 errors 2018-08-31 13:45:08 +02:00
Antoine Legrand
f67933d2ac add ETCD_UNSUPPORTED_ARCH=arm64 flag 2018-08-31 13:45:08 +02:00
Antoine Legrand
247b9e83d8 etcd arch-image 2018-08-31 13:45:08 +02:00
Antoine Legrand
9c2098b8fa fix kubelet_max_pod assert 2018-08-31 13:45:08 +02:00
Antoine Legrand
48c0c8d854 Update dir list 2018-08-31 13:45:08 +02:00
rongzhang
2609ec0dc3 Fix copy etcd-ssl-ca failed 2018-08-31 15:06:03 +08:00
k8s-ci-robot
aafd034ab8
Merge pull request #3202 from riverzhang/fix-ipvs 
Fix ipvs by kubeadm v1alpha1
 2018-08-30 13:26:02 -07:00
k8s-ci-robot
d14394c691
Merge pull request #3185 from mirwan/helm_install_docker_insecureport_0 
Mount /root/.kube to helm container
 2018-08-30 08:11:33 -07:00
rongzhang
16fc22a207 Fix ipvs by kubeadm v1alpha1 2018-08-30 23:04:57 +08:00
k8s-ci-robot
d9ea937493
Merge pull request #3187 from mirwan/kubeadm-config_syntax 
Fix kubeadm-config for audit-log-path and feature-gates
 2018-08-30 06:55:43 -07:00
k8s-ci-robot
a96a0ee307
Merge pull request #3198 from riverzhang/fix-kubeadm-v1alpha1 
Fix kubeadm v1alpha1 configure
 2018-08-30 04:11:37 -07:00
k8s-ci-robot
f48468b83b
Merge pull request #3195 from mirwan/fix_psp_templates 
Fix some addons when PodSecurityPolicy is enabled
 2018-08-30 03:37:52 -07:00
rongzhang
35e5adaf0a Fix kubeadm v1alpha1 configure 2018-08-30 17:44:00 +08:00
k8s-ci-robot
a247c2c713
Merge pull request #3191 from fcgravalos/make-canal-mount-xtables-lock 
canal should mount xtables.lock to share the lock with other processe…
 2018-08-29 08:57:32 -07:00
k8s-ci-robot
4feb62f6bf
Merge pull request #3193 from riverzhang/fix-lb-kubeadm 
Fix kubeadm lb
 2018-08-29 04:22:40 -07:00
Fernando Crespo Grávalos
ac4ef719cc canal should mount xtables.lock to share the lock with other processes like kube-proxy 2018-08-29 13:08:51 +02:00
Erwan Miran
ceb97e5809 Fix wrong syntax for jinja sub list extraction and addition of missing role template 2018-08-29 12:58:10 +02:00
k8s-ci-robot
3bfda55fca
Merge pull request #3061 from okamototk/crio 
cri-o support
 2018-08-29 03:48:40 -07:00
rongzhang
9eade647e6 Fix kubeadm lb 2018-08-29 18:29:24 +08:00
Robin Elfrink
bbdd1c8f06 Add option to change the Tiller Deployment namespace. 2018-08-29 11:20:41 +02:00
k8s-ci-robot
f876c89081
Merge pull request #3189 from Arslanbekov/up-dashboard-version 
Up dashboard version to 1.10.0
 2018-08-29 02:08:40 -07:00
Phill Garrett
1babbcca85
Fix elif azure statement 2018-08-28 15:43:03 +01:00
Takashi Okamoto
c0dfa72707 Separate RedHat specific vars for cri-o. 2018-08-28 13:36:14 +00:00
Arslanbekov Denis
fe1e758856 Up dashboard version to 1.10.0 2018-08-28 14:10:19 +03:00
Phill Garrett
f325d13082 Add azure-container-registry-config for Azure 
Seperated out KUBELET_CLOUDPROVIDER env var assignment when cloud_provider equals azure
Appended azure-container-registry-config parameter
 2018-08-28 10:23:25 +00:00
Erwan Miran
52ab54eeea Fix missing quotes for audit-log-path and wrong placement of feature-gates 2018-08-28 09:05:57 +02:00
Takashi Okamoto
d407a590a6 container_manager variable to specify runtime. 2018-08-28 06:23:38 +00:00
Takashi Okamoto
5eb805f098 Change timeout for kubeadm 600s. 
* kubeadm timeout is too short and it may interrupt by timeout.
 2018-08-28 04:51:38 +00:00
Takashi Okamoto
dfdcb56784 Delete all cri-o containers when execute reset.yml. 2018-08-28 02:25:33 +00:00
Takashi Okamoto
236f066635 kubeadm cri-o support. 2018-08-28 02:24:45 +00:00
Takashi Okamoto
5ab8a712d9 Add download_container flag to avoid docker pull when use cri-o. 2018-08-28 01:24:26 +00:00
Takashi Okamoto
cf7b9cfeef Support crio in kubelet service. 2018-08-28 01:24:26 +00:00
Takashi Okamoto
6090af29e7 Add cri-o role. 2018-08-28 01:24:26 +00:00
Takashi Okamoto
359009bb05 Download etcd and hyperkube binary. 2018-08-28 01:24:26 +00:00
Takashi Okamoto
bdbfa4d403 Add ipvs support for kubeadm 1.10 or later. 2018-08-28 01:24:26 +00:00
Takashi Okamoto
6849788ebc Fix copy ca cert and ca key for kubeadm. 2018-08-28 01:24:25 +00:00
Takashi Okamoto
ac639b2a17 Change kubeadm config to run etcd by kubeadm. 2018-08-28 01:24:25 +00:00
Takashi Okamoto
b18ed5922b Add etcd default value in kubespray-default. 2018-08-28 01:24:25 +00:00
Erwan Miran
b395bb953f Fix wrong when condition that ends up with jinja error when the content of /etc/hosts contains parenthesis 2018-08-27 21:20:57 +02:00
Erwan Miran
b652792a93 /root/.kube must to mounted in order for helm to read kubeconfig and not fallback to localhost:8080 2018-08-27 18:17:26 +02:00
k8s-ci-robot
7efe287c74
Merge pull request #2474 from mirwan/localhost_in_etc_hosts 
Localhost in hosts files should be updated (if necessary), not overriden
 2018-08-27 06:25:43 -07:00
k8s-ci-robot
881b46f458
Merge pull request #3095 from mirwan/dnsmasq_template_rendering_filename 
Dnsmasq manifests should not have j2 extension but templates should
 2018-08-27 02:51:43 -07:00
k8s-ci-robot
d43cd9a24c
Merge pull request #3104 from maxbrunet/hotfix/replace-local_actions 
Use delegate_to: localhost instead of local_action
 2018-08-27 02:50:42 -07:00
guenhter
fff48d24ea Replace the raw rsync command with the synchronize module 2018-08-27 10:00:21 +02:00
k8s-ci-robot
f4feb17629
Merge pull request #2958 from elementyang/etcd-pr 
change the way that getting etcd_member_name
 2018-08-26 23:55:04 -07:00
Maxime Brunet
33135f2ada k8s/preinstall: Turn AND condition into a list 2018-08-25 14:33:31 -04:00
k8s-ci-robot
d6f4d10075
Merge pull request #3153 from alvistack/remove-image_tag-suffix 
Remove *_image_tag suffix from ReplicaSet/Deployment
 2018-08-25 04:42:19 -07:00
k8s-ci-robot
f97515352b
Merge pull request #3161 from nutellinoit/kube_proxy_nodeport_addresses 
--nodeport-addresses added on kube-proxy.manifest.j2 and on k8s-cluster.yml
 2018-08-25 02:00:19 -07:00
Aivars Sterns
f7f58bf070
Merge pull request #3173 from msimonin/fix-3164 
Fix createhome directory for adduser role
 2018-08-24 16:34:57 +03:00
Erwan Miran
1432e511a2 same work with less lines 2018-08-24 14:06:07 +02:00
Vasilis Remmas
b61eb7d7f3 Add ETCD_QUOTA_BACKEND_BYTES environment variable 2018-08-24 12:17:34 +02:00
Aivars Sterns
1567a977c3
Revert "gen_certs_script: refactor using stdin (Ansible 2.4+)" 2018-08-24 12:35:31 +03:00
Samuele Chiocca
cb8be37f72 fix on v1alpha1 2018-08-24 11:19:06 +02:00
Samuele Chiocca
e5dd4e1e70 added on v1alpha1 2018-08-24 10:59:06 +02:00
Antoine Legrand
6d74a3db7a
Merge pull request #3163 from kubernetes-incubator/fix-docker-ubuntu1804 
Fix docker apt-repo for Ubuntu18
 2018-08-24 00:51:59 +02:00
ant31
1da5926a94 Use xenial repo for ubuntu18 2018-08-23 22:34:44 +00:00
Antoine Legrand
4882531c29
Merge pull request #3115 from oracle/oracle_oci_controller 
Cloud provider support for OCI (Oracle Cloud Infrastructure)
 2018-08-23 18:22:45 +02:00
Antoine Legrand
f59b80b80b
Merge pull request #3147 from ishitatsuyuki/etcd-cleanup 
gen_certs_script: refactor using stdin (Ansible 2.4+)
 2018-08-23 18:19:28 +02:00
rongzhang
7b61a0eff0 Fix kubeadm LB configure 
1. join node add LB discoveryTokenAPIServers
2. kubeadm_config_api_fqdn support ipddress and domain_name
 2018-08-23 22:22:34 +08:00
Aivars Sterns
23fd3461bc calico upgrade to v3 (#3086) 
* calico upgrade to v3

* update calico_rr version

* add missing file

* change contents of main.yml as it was left old version

* enable network policy by default

* remove unneeded task

* Fix kubelet calico settings

* fix when statement

* switch back to node-kubeconfig.yaml
 2018-08-23 17:17:18 +03:00
msimonin
e22e15afda
Fix createhome directory for adduser role 
A typo in the adduser role prevents the createhome
variable to be taken into account.

Fix #3164
 2018-08-23 08:55:11 +02:00
Rong Zhang
f453567cce
Merge pull request #3144 from riverzhang/fix-audit-log 
Fix install audit failed
 2018-08-23 14:41:37 +08:00
Tatsuyuki Ishi
69786b2d16 gen_certs_script: refactor using stdin (Ansible 2.4+) 2018-08-23 11:19:17 +09:00
rongzhang
5a4352657d Fix install audit failed 
1.fix audit log not write
2.fix Parameter not recognized
3.delete kubedm futuregates auditing and use apiServerExtraArgs
 2018-08-23 01:47:15 +08:00
Samuele Chiocca
f13bc796d9 added nodePortAddresses on kubeadm conf v1alpha2 (not present on v1alpha1) 2018-08-22 18:43:03 +02:00
Erwan Miran
a6a14e7f77 create the service account and roles even if the rbac is not enabled. it will just be ignored 2018-08-22 18:17:11 +02:00
Erwan Miran
80cfeea957 psp, roles and rbs for PodSecurityPolicy when podsecuritypolicy_enabled is true 2018-08-22 18:16:13 +02:00
ant31
2c90208486 Fix docker apt-repo for Ubuntu18 2018-08-22 15:53:14 +00:00
Antoine Legrand
4eea7f7eb9
Merge pull request #3152 from johnzheng1975/cilium_1.2.0 
new cilium stable version: 1.2.0
 2018-08-22 17:11:42 +02:00
Samuele Chiocca
5d9908c2c3 --nodeport-addresses added on kube-proxy.manifest.j2 
Changed author
 2018-08-22 15:32:07 +02:00
Erwan Miran
a7b0c454db Localhost in hosts files should be updated (if necessary), not overriden 2018-08-22 12:10:49 +02:00
Wong Hoi Sing Edison
c3b3572025 Always create service account even rbac_enabled = false 2018-08-22 11:41:29 +08:00
Wong Hoi Sing Edison
f897596844 Remove *_image_tag suffix from ReplicaSet/Deployment 2018-08-22 11:02:56 +08:00
john
6df71956c4 new cilium stable version: 1.2.0 2018-08-22 10:52:24 +08:00
Jeff Bornemann
94df70be98 Cloud provider support for OCI (Oracle Cloud Infrastructure) 
Signed-off-by: Jeff Bornemann <jeff.bornemann@oracle.com>
 2018-08-21 17:36:42 -04:00
Mark Eisenblaetter
0c0a2138d9 allow '.' in hostnames 
we use FQDN as inventory_hostname
 2018-08-21 08:24:33 +02:00
Jonathan Craig
5bf152886b add support for openstack trust to cloud provider config 2018-08-20 12:51:25 -04:00
Andreas Krüger
497db69c9f
Merge pull request #3130 from riverzhang/add-control-plane 
Add kubeadm controlplaneEndpoint
 2018-08-20 10:43:50 +02:00
Andreas Krüger
c7de737551
Merge pull request #3133 from mirwan/auditlog_to_stdout_w_kubeadm 
Audit log to stdout with kubeadm
 2018-08-20 10:43:22 +02:00
Andreas Krüger
69749a5b7b
Merge pull request #3132 from mirwan/custom_audit_policy 
Custom audit policy
 2018-08-20 10:42:38 +02:00
Andreas Krüger
b3e32c1393
Merge pull request #3094 from hedayat/master 
Add --dns-loop-detect to dnsmasq used in kube-dns
 2018-08-20 09:27:15 +02:00
Erwan Miran
fc38b6d0ca Ability to define custom audit polcy rules 2018-08-20 07:04:56 +02:00
Erwan Miran
c34900e569 Define apiserver flags directly instead of relying on auditPolicy section in order to have the ability to redirect audit log to stdout with kubeadm 2018-08-20 07:00:53 +02:00
Rong Zhang
855f2a55cb
Merge pull request #3135 from ishitatsuyuki/patch-1 
Add bad hostname preflight check
 2018-08-20 12:08:02 +08:00
Wong Hoi Sing Edison
71fdc257bc cephfs-provisioner: Upgrade to v2.0.1-k8s1.11 2018-08-20 11:55:04 +08:00
Rong Zhang
fd16f77e20
Merge pull request #3017 from seungkyua/fix_kubeadm_client_conf 
Fix kubeadm client conf
 2018-08-20 10:51:02 +08:00
Tatsuyuki Ishi
3eef8dc8d0 Add bad hostname preflight check 
Hostname must be a valid DNS name, which is checked as https://github.com/kubernetes/apimachinery/blob/master/pkg/util/validation/validation.go#L115

The situation I have encountered is that my hostname contained underscore which is disallowed and apiserver refused to start.
 2018-08-20 09:09:00 +09:00
rongzhang
59176ebbb9 Add kubeadm controlplaneEndpoint 
Nginx LB(default)
Other LB by kubeadm controlplane
 2018-08-20 00:57:13 +08:00
rongzhang
b421d0ed5b Fix install nss 2018-08-20 00:07:31 +08:00
rongzhang
35efc387c4 Fix pull dns image error 2018-08-19 22:47:17 +08:00
Rong Zhang
fb309ca446
Merge pull request #3128 from riverzhang/delete-kubeadm 
Remove unused configuration
 2018-08-19 10:01:33 +08:00
Antoine Legrand
1d4f88eea8
Fix typo in image url 2018-08-19 01:30:54 +02:00
rongzhang
095ccef8bd Remove unused configuration 2018-08-19 01:23:20 +08:00
Rong Zhang
0df969ad19
Merge pull request #3117 from mirwan/audit_usecases 
Audit support improvement
 2018-08-19 01:13:22 +08:00
Antoine Legrand
3e5b6a5481
Merge pull request #3105 from mirwan/remove_cilium_device_at_reset_plus_move_network_to_network_plugin_roles 
Move network_plugin specific reset tasks to its role directory
 2018-08-17 22:27:16 +02:00
Antoine Legrand
c36744e96d
Merge pull request #3120 from alvistack/cephfs-provisioner-v2.0.0-k8s1.11 
cephfs-provisioner: Upgrade to v2.0.0-k8s1.11
 2018-08-17 22:11:15 +02:00
Antoine Legrand
e51c5dc0a6
Merge pull request #3123 from mathieuherbert/until-restart-etcd 
add until option for etcd backup commands
 2018-08-17 22:09:08 +02:00
Antoine Legrand
d297b82e82
Merge pull request #3126 from LuckySB/etcd_restart_on_update 
add etcd version to etcd environment file to trigger a reload
 2018-08-17 22:05:34 +02:00
Erwan Miran
98b818bbaf comply with ansible syntax consistency guideline 2018-08-17 16:37:33 +02:00
Antoine Legrand
26bf719a02
Merge branch 'master' into multi-arch-support 2018-08-17 16:35:50 +02:00
Antoine Legrand
7e37aa4aca
Merge pull request #2103 from xd007/docker_aarch64_pkg 
Update docker package info for aarch64
 2018-08-17 16:26:56 +02:00
Sergey Bondarev
ce6854e726 add version to environment file 
Trigger reboot handler when version upgrade during update script
 2018-08-17 17:25:35 +03:00
Antoine Legrand
ac49bbb336
Merge pull request #2168 from xd007/docker_arm64 
fix docker opts incompatible running on aarch64 Redhat/Centos
 2018-08-17 16:24:07 +02:00
Antoine Legrand
6c7eabb53b
Merge pull request #2001 from b0r1sp/patch-3 
Quote false and yes, otherwise they'll be transformed to 'False', 'Yes'
 2018-08-17 15:52:15 +02:00
Antoine Legrand
7a0f0126f7
Merge pull request #1295 from xuhuilong/master 
fix curl get calico status error ( error in tls version, centos 7.3 1611)
 2018-08-17 14:29:01 +02:00
Mathieu Herbert
59d89a37cc add until option for etcd backup commands 2018-08-17 11:05:57 +02:00
Wong Hoi Sing Edison
1a07c87af7 cephfs-provisioner: Upgrade to v2.0.0-k8s1.11 
Upstream Changes:

-   cephfs-provisioner v2.0.0-k8s1.11 (https://github.com/kubernetes-incubator/external-storage/releases/tag/cephfs-provisioner-v2.0.0-k8s1.11)
-   Update ClusterRole

Our Changes:

-   Fix typo in defaults/main.yml (rs -> deploy)
-   Manifests cleanup
 2018-08-17 12:41:56 +08:00
Seungkyu Ahn
29894293eb Fix kubeadm client conf 
Fix DiscoveryTokenCACertHashes key to discoveryTokenCACertHashes in kubeadm-client.conf
 2018-08-17 04:40:08 +00:00
Jonathan Craig
4d783fff0d resolve issues with new cacert feature 2018-08-16 23:31:21 -04:00
Erwan Miran
7f16b46ed5 Reset tasks specific to a network_plugin moved inside its role directory + Reset tasks specific to cilium 2018-08-16 17:34:33 +02:00
Antoine Legrand
58ee5f1cc9
Merge pull request #3089 from mattymo/cloudconfig 
Remove erroneous cloud-config task
 2018-08-16 16:17:01 +02:00
Antoine Legrand
253dc4f606
Merge pull request #3114 from woopstar/coredns-1.2.0 
Update CoreDNS to 1.2.0
 2018-08-16 16:14:13 +02:00
Erwan Miran
54548d3b95 kubeadm mounts the hostpaths itself 2018-08-16 13:17:30 +02:00
Erwan Miran
58d4d65fab minor variable fix and reuse + handle auditlog redirected to stdout 2018-08-16 12:51:09 +02:00
Rong Zhang
364ab2a6b7
Merge pull request #3113 from riverzhang/support-audit 
Support audit
 2018-08-16 15:33:43 +08:00
rongzhang
2ffc1afe40 Support audit 2018-08-16 14:38:07 +08:00
Wong Hoi Sing Edison
18612b3501 cert-manager: Upgrade to 0.4.1 
Upstream Changes:

-   cert-manager 0.4.1 (https://github.com/jetstack/cert-manager/releases/tag/v0.4.1)

Our Changes:

-   Better templates sync with upstream manifests
-   Remove fancy resources requests/limits customization
 2018-08-16 08:47:01 +08:00
Andreas Kruger
9da5d67728 Update CoreDNS to 1.2.0 2018-08-15 13:39:05 +02:00
Wong Hoi Sing Edison
bd413e36a3 ingress-nginx: Upgrade to 0.18.0 
Upstream Changes:

-   ingress-nginx 0.18.0 (https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.18.0)
 2018-08-15 11:40:42 +08:00
Chad Swenson
2c5781ace1
Merge pull request #2932 from wiremind/efk-fluentd-no-nodeselector 
fluentd daemonset: do not set old nodeSelector.
 2018-08-14 13:48:30 -05:00
JohnZheng
b50b3430be Disable locksmithd on CoreOS if coreos_auto_upgrade set to false (#3088) 
* Disable locksmithd on CoreOS if coreos_auto_upgrade set to false

* change when format to support multiple-condition
 2018-08-14 13:42:16 -05:00
Chad Swenson
0e3518f2ca
Merge pull request #2871 from fritchie/lptolerate 
Local volume provisioner: tolerate NoSchedule
 2018-08-14 13:39:57 -05:00
Chad Swenson
3a85a2f81c
Merge pull request #3080 from mirwan/netchecker_template_rendering_filename 
Netchecker manifests should not have j2 extension
 2018-08-14 13:24:16 -05:00
Chad Swenson
5dbfa0384e
Merge pull request #3101 from chenhonggc/uninstall_old_versions_of_docker 
Uninstall old versions of Docker
 2018-08-14 11:32:23 -05:00
rongzhang
48b6128814 Upgrade coredns to 1.1.3 2018-08-15 00:05:55 +08:00
Maxime Brunet
70b28288a3 Use delegate_to: localhost instead of local_action 
Allow to use `ansible_become: true` (#2969)
And set it to `false` for `localhost` with an `host_var`
 2018-08-14 10:08:43 -04:00
Rong Zhang
a11e1eba9e Upgrade kubernetes to V1.11.x (#3078) 
Upgrade Kubernetes to V1.11.2
The kubeadm configuration file version has been upgraded from v1alpha1 to v1alpha2
Add bootstrap kubeadm-config.yaml with external etcd
 2018-08-14 15:13:44 +03:00
Chen Hong
2dfa928c90 Uninstall old versions of Docker 2018-08-14 17:48:30 +08:00