Brad Beam
ca541c7e4a
Ensuring vault service is stopped in reset tasks ( #1736 )
2017-10-03 08:30:28 +01:00
Brad Beam
96e14424f0
Adding kubedns update for CVE-2017-14491 ( #1735 )
2017-10-03 08:30:14 +01:00
Brad Beam
47830896e8
Merge pull request #1733 from chapsuk/vagrant_mem
...
Increase vagrant vm's memory size
2017-10-02 15:45:37 -05:00
mkrasilnikov
5fd4b4afae
Increase vagrant vm's memory size
2017-10-02 23:16:39 +03:00
Matthew Mosesohn
dae9f6d3c2
Test if tokens are expired from host instead of inside container ( #1727 )
...
* Test if tokens are expired from host instead of inside container
* Update main.yml
2017-10-02 13:14:50 +01:00
Julian Poschmann
8e1210f96e
Fix cluster-network w/ prefix > 25 not possible with CNI ( #1713 )
2017-10-01 10:43:00 +01:00
Matthew Mosesohn
56aa683f28
Fix logic in idempotency tests in CI ( #1722 )
2017-10-01 10:42:33 +01:00
Brad Beam
1b9a6d7ad8
Merge pull request #1672 from manics/bastion-proxycommand-newline
...
Insert a newline in bastion ssh config after ProxyCommand conditional
2017-09-29 11:37:47 -05:00
Brad Beam
f591c4db56
Merge pull request #1720 from shiftky/improve_integration_doc
...
Improve playbook example of integration document
2017-09-29 11:34:44 -05:00
Peter Slijkhuis
371fa51e82
Make installation of EPEL optional ( #1721 )
2017-09-29 13:44:29 +01:00
shiftky
a927ed2da4
Improve playbook example of integration document
2017-09-29 18:00:01 +09:00
Matthew Mosesohn
a55675acf8
Enable RBAC with kubeadm always ( #1711 )
2017-09-29 09:18:24 +01:00
Matthew Mosesohn
25dd3d476a
Fix error for azure+calico assert ( #1717 )
...
Fixes #1716
2017-09-29 08:17:18 +01:00
Matthew Mosesohn
3ff5f40bdb
fix graceful upgrade ( #1704 )
...
Fix system namespace creation
Only rotate tokens when necessary
2017-09-27 14:49:20 +01:00
Matthew Mosesohn
689ded0413
Enable kubeadm upgrades to any version ( #1709 )
2017-09-27 14:48:18 +01:00
Matthew Mosesohn
327ed157ef
Verify valid settings before deploy ( #1705 )
...
Also fix yaml lint issues
Fixes #1703
2017-09-27 14:47:47 +01:00
Pablo Moreno
c819238da9
Adds support for separate etcd machines on terraform/openstack deployment ( #1674 )
2017-09-27 10:59:09 +01:00
tanshanshan
477afa8711
when and run_once are reduplicative ( #1694 )
2017-09-26 14:48:05 +01:00
Matthew Mosesohn
bd272e0b3c
Upgrade to kubeadm ( #1667 )
...
* Enable upgrade to kubeadm
* fix kubedns upgrade
* try upgrade route
* use init/upgrade strategy for kubeadm and ignore kubedns svc
* Use bin_dir for kubeadm
* delete more secrets
* fix waiting for terminating pods
* Manually enforce kube-proxy for kubeadm deploy
* remove proxy. update to kubeadm 1.8.0rc1
2017-09-26 10:38:58 +01:00
Maxim Krasilnikov
1067595b5c
Change used chars for kubeadm tokens ( #1701 )
2017-09-26 05:56:08 +01:00
Brad Beam
14c232e3c4
Merge pull request #1663 from foxyriver/fix-shell
...
use command module instead of shell module
2017-09-25 13:24:45 -05:00
Brad Beam
57f5fb1f4f
Merge pull request #1661 from neith00/master
...
upgrading from weave version 2.0.1 to 2.0.4
2017-09-25 13:23:57 -05:00
Bogdan Dobrelya
bcddfb786d
Merge pull request #1692 from mattymo/old-etcd-logic
...
drop unused etcd logic
2017-09-25 17:44:33 +02:00
Martin Uddén
20db1738fa
feature: install project atomic CSS on RedHat family ( #1499 )
...
* feature: install project atomic CSS on RedHat family
* missing patch for this feature
* sub-role refactor
* Yamllint fix
2017-09-25 12:29:17 +01:00
Hassan Zamani
b23d81f825
Add etcd_blkio_weight var ( #1690 )
2017-09-25 12:20:24 +01:00
Maxim Krasilnikov
bc15ceaba1
Update var doc about users accounts ( #1685 )
2017-09-25 12:20:00 +01:00
Junaid Ali
6f17d0817b
Updating getting-started.md ( #1683 )
...
Signed-off-by: Junaid Ali <junaidali.yahya@gmail.com>
2017-09-25 12:19:38 +01:00
Matthew Mosesohn
a1cde03b20
Correct master manifest cleanup logic ( #1693 )
...
Fixes #1666
2017-09-25 12:19:04 +01:00
Bogdan Dobrelya
cfce23950a
Merge pull request #1687 from jistr/cgroup-driver-kubeadm
...
Set correct kubelet cgroup-driver also for kubeadm deployments
2017-09-25 11:16:40 +02:00
Deni Bertovic
64740249ab
Adds tags for asserts ( #1639 )
2017-09-25 08:41:03 +01:00
Matthew Mosesohn
126f42de06
drop unused etcd logic
...
Fixes #1660
2017-09-25 07:52:55 +01:00
Matthew Mosesohn
d94e3a81eb
Use api lookup for kubelet hostname when using cloudprovider ( #1686 )
...
The value cannot be determined properly via local facts, so
checking k8s api is the most reliable way to look up what hostname
is used when using a cloudprovider.
2017-09-24 09:22:15 +01:00
Jiri Stransky
70d0235770
Set correct kubelet cgroup-driver also for kubeadm deployments
...
This follows pull request #1677 , adding the cgroup-driver
autodetection also for kubeadm way of deploying.
Info about this and the possibility to override is added to the docs.
2017-09-22 13:19:04 +02:00
foxyriver
30b5493fd6
use command module instead of shell module
2017-09-22 15:47:03 +08:00
Bogdan Dobrelya
4f6362515f
Merge pull request #1677 from jistr/cgroup-driver
...
Allow setting cgroup driver for kubelet
2017-09-21 17:31:48 +02:00
Jiri Stransky
dbbe9419e5
Allow setting cgroup driver for kubelet
...
Red Hat family platforms run docker daemon with `--exec-opt
native.cgroupdriver=systemd`. When kubespray tried to start kubelet
service, it failed with:
Error: failed to run Kubelet: failed to create kubelet: misconfiguration: kubelet cgroup driver: "cgroupfs" is different from docker cgroup driver: "systemd"
Setting kubelet's cgroup driver to the correct value for the platform
fixes this issue. The code utilizes autodetection of docker's cgroup
driver, as different RPMs for the same distro may vary in that regard.
2017-09-21 11:58:11 +02:00
Matthew Mosesohn
188bae142b
Fix wait for hosts in CI ( #1679 )
...
Also fix usage of failed_when and handling exit code.
2017-09-20 14:30:09 +01:00
Simon Li
7c2b12ebd7
Insert a newline in bastion after ProxyCommand conditional
2017-09-18 16:29:12 +01:00
Matthew Mosesohn
ef8e35e39b
Create admin credential kubeconfig ( #1647 )
...
New files: /etc/kubernetes/admin.conf
/root/.kube/config
$GITDIR/artifacts/{kubectl,admin.conf}
Optional method to download kubectl and admin.conf if
kubeconfig_lcoalhost is set to true (default false)
2017-09-18 13:30:57 +01:00
Matthew Mosesohn
975accbe1d
just use public_ip in creating gce temporary waitfor hosts ( #1646 )
...
* just use public_ip in creating gce temporary waitfor hosts
* Update create-gce.yml
2017-09-18 13:24:57 +01:00
Brad Beam
aaa27d0a34
Adding quotes around parameters in cloud_config ( #1664 )
...
This is to help support escapes and special characters
2017-09-16 08:43:47 +01:00
Kevin Lefevre
9302ce0036
Enhanced OpenStack cloud provider ( #1627 )
...
- Enable Cinder API version for block storage
- Enable floating IP for LBaaS
2017-09-16 08:43:24 +01:00
Matthew Mosesohn
0aab3c97a0
Add all-in-one CI mode and make coreos test aio ( #1665 )
2017-09-15 22:28:37 +01:00
Matthew Mosesohn
8e731337ba
Enable HA deploy of kubeadm ( #1658 )
...
* Enable HA deploy of kubeadm
* raise delay to 60s for starting gce hosts
2017-09-15 22:28:15 +01:00
Matthew Mosesohn
b294db5aed
fix apply for netchecker upgrade ( #1659 )
...
* fix apply for netchecker upgrade and graceful upgrade
* Speed up daemonset upgrades. Make check wait for ds upgrades.
2017-09-15 13:19:37 +01:00
Matthew Mosesohn
8d766a2ca9
Enable ssh opts by in config, set 100 connection retries ( #1662 )
...
Also update to ansible 2.3.2
2017-09-15 10:19:36 +01:00
Brad Beam
f2ae16e71d
Merge pull request #1651 from bradbeam/vaultnocontent
...
Fixing condition where vault CA already exists
2017-09-14 17:04:15 -05:00
Brad Beam
ac281476c8
Prune unnecessary certs from vault setup ( #1652 )
...
* Cleaning up cert checks for vault
* Removing all unnecessary etcd certs from each node
* Removing all unnecessary kube certs from each node
2017-09-14 12:28:11 +01:00
neith00
1b1c8d31a9
upgrading from weave version 2.0.1 to 2.0.4
...
This upgrade has been testing offline on a 1.7.5 cluster
2017-09-14 10:29:28 +02:00
Brad Beam
4b587aaf99
Adding ability to specify altnames for vault cert ( #1640 )
2017-09-14 07:19:44 +01:00