Matthew Mosesohn
17f3d76445
Update inventory.py
2016-12-29 10:57:58 +03:00
Bogdan Dobrelya
6e1c0cdd15
Systemd units, limits, and bin path fixes
...
* Add restart for weave service unit
* Reuse docker_bin_dir everythere
* Limit systemd managed docker containers by CPU/RAM. Do not configure native
systemd limits due to the lack of consensus in the kernel community
requires out-of-tree kernel patches.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-28 15:49:42 +01:00
Matthew Mosesohn
3b4d9ceeca
Add yaml/json loader for inventory
2016-12-28 16:50:31 +03:00
Bogdan Dobrelya
4413c38105
Merge pull request #831 from mattymo/fix_separate_etcd
...
Fix creation and sync of etcd certs
2016-12-28 13:56:42 +01:00
Matthew Mosesohn
2ac2a3ed93
Fix creation and sync of etcd certs
...
Admin certs only go to etcd nodes
Only generate cert-data for nodes that need sync
2016-12-28 14:21:17 +04:00
Matthew Mosesohn
612c5bb5f1
Merge pull request #818 from mattymo/calico-rr-certs
...
Fix calico-rr to use etcd certs instead of kube certs
2016-12-28 08:47:16 +03:00
Bogdan Dobrelya
44d89322d7
Rework wildcards matching all nodes
...
* Re-enable ansible_ssh_pipelining as expected for the cluster.yml
* Do not use 'all' wildcasts for hosts, limit only to k8s-cluster, etcd,
calico-rr groups instead. Other nodes in inventory are out of Kargo
scope and it's up to users how to manage them.
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2016-12-27 17:02:08 +01:00
Antoine Legrand
e4562cf84c
Merge pull request #828 from bogdando/triggers
...
Rework CI triggers/pipeline
2016-12-27 15:20:42 +01:00
Matthew Mosesohn
716b590f3b
Fix calico-rr to use etcd certs instead of kube certs
2016-12-27 17:04:50 +03:00
Bogdan Dobrelya
c454e15881
Rework CI triggers/pipeline
...
* Run CI triggers in one step
* Run all test matrix for triggers
* Switch back to g1-small
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2016-12-27 14:39:52 +01:00
Bogdan Dobrelya
1ccd4b892f
Merge pull request #827 from bogdando/noreds
...
Rework ignore_errors to report no reds
2016-12-27 14:37:38 +01:00
Bogdan Dobrelya
9b29df183b
Rework ignore_errors to report no reds
...
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2016-12-27 13:00:50 +01:00
Antoine Legrand
f06de012dc
Merge pull request #805 from bogdando/dnsmasq_armors
...
Do not forward private domains for upstream resolvers
2016-12-26 14:50:39 +01:00
Bogdan Dobrelya
222859601e
Do not forward bogus domains for upstream resolvers
...
Also fix kube log level 4 to log dnsmasq queries.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-23 11:53:14 +01:00
Matthew Mosesohn
4ea0cbb2d0
Merge pull request #804 from mattymo/inventory_builder
...
Add inventory builder python script
2016-12-23 13:22:41 +03:00
Matthew Mosesohn
69b89a9155
Add inventory builder python script
...
Includes tox support for running unit tests.
Small note added to getting-started guide for using
inventory_builder.py
Also adds manual-only unit test.
2016-12-23 13:00:56 +03:00
Thomas Catterall
9905d0056b
Update README.md
2016-12-22 22:46:23 +00:00
Spencer Smith
460571506c
Merge pull request #813 from mattymo/etcdcertflags
...
Adjust etcd server certificates
2016-12-22 16:37:15 -05:00
Matthew Mosesohn
a2c38f5f5f
Update etcd.j2
2016-12-22 22:29:24 +03:00
Matthew Mosesohn
e5374af95c
Adjust etcd server certificates
...
ETCD doesn't need cert/key options set. It only requires peer
cert options.
2016-12-22 23:05:17 +04:00
Spencer Smith
f3f16e3676
Workaround etcdctl not yet being installed ( #797 )
...
workaround case for etcdctl not yet being installed, only allow for return code of 0 (no error)
2016-12-22 12:41:38 -05:00
Antoine Legrand
7c9db9ad73
Merge pull request #812 from mattymo/vars_doc
...
Document commonly used Kargo vars
2016-12-22 18:01:23 +01:00
Matthew Mosesohn
0a6d2223a5
Document commonly used Kargo vars
2016-12-22 19:57:39 +03:00
Matthew Mosesohn
370ad3acba
Merge pull request #760 from genti-t/issue-748-flannel-options
...
Fix Flannel network on CoreOS
2016-12-22 19:02:31 +03:00
Matthew Mosesohn
a49d061298
Merge pull request #798 from mattymo/perhostssl7
...
Individual etcd ssl certs
2016-12-22 19:02:15 +03:00
Genti Topija
a42b458fdf
Fix Flannel network on CoreOS
...
Resolves : #748
2016-12-22 16:50:04 +01:00
Antoine Legrand
ef69b99acc
Merge pull request #809 from bogdando/ci_forks
...
Raise ansible forks for CI test config
2016-12-22 15:55:47 +01:00
Bogdan Dobrelya
d823248cd7
Raise ansible forks for CI test config
...
As we raised the flavor from small to standard, raise the ansible
forks from default 5 to 20 to speed up deployment.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-22 15:12:47 +01:00
Bogdan Dobrelya
d5b68ae194
Merge pull request #787 from bogdando/coreos_weave_manual
...
Add coreos-alpha weave manual CI builds
2016-12-22 14:32:03 +01:00
Matthew Mosesohn
5457799aa3
Individual etcd ssl certs
...
Includes hooks for triggering calico, kubelet, and kube-apiserver restarts
if etcd certs changed.
2016-12-22 13:31:11 +03:00
Bogdan Dobrelya
85f31a369e
Merge pull request #786 from mattymo/bug777
...
Add wait for kube-apiserver to kubernetes-apps
2016-12-22 11:02:50 +01:00
Bogdan Dobrelya
b8590a13c8
Merge pull request #801 from rsmitty/issue-800
...
create systemd drop-in path if not existent
2016-12-22 11:02:05 +01:00
Bogdan Dobrelya
32f0b9756f
Add coreos-alpha weave manual CI builds
...
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-22 11:00:31 +01:00
Bogdan Dobrelya
4120c77a08
Merge pull request #791 from kubernetes-incubator/premptilble_gce_vm
...
Use preemptible instances
2016-12-22 11:00:08 +01:00
Spencer Smith
3575f890fc
create systemd drop-in path if not existent
2016-12-21 13:06:12 -05:00
Bogdan Dobrelya
29358c08c6
Merge pull request #794 from kubernetes-incubator/revert-722-dnsmasq_armors
...
Revert "Do not forward private domains for upstream resolvers"
2016-12-21 17:39:11 +01:00
Bogdan Dobrelya
b103799901
Revert "Do not forward private domains for upstream resolvers"
2016-12-21 15:24:17 +01:00
Matthew Mosesohn
b1eb852207
Add wait for kube-apiserver to kubernetes-apps
...
Fixes #777
2016-12-21 15:39:39 +03:00
Antoine Legrand
d892adfae1
use standard vm
2016-12-21 11:43:52 +01:00
Antoine Legrand
e7d78fc7d7
Merge pull request #782 from samos123/master
...
Vagrant, skip synchronize tasks (bug #697 )
2016-12-21 11:18:20 +01:00
Bogdan Dobrelya
d89df3a2ce
Merge pull request #780 from bogdando/downloads
...
Add download_always_pull check and sha256 for docker images
2016-12-21 11:02:57 +01:00
Antoine Legrand
bcad456b7e
Use preemptible instances
2016-12-21 09:27:21 +01:00
Bogdan Dobrelya
f45872b558
Add download_always_pull check and sha256 for docker images
...
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-20 17:02:09 +01:00
Bogdan Dobrelya
763c1aff72
Merge pull request #722 from bogdando/dnsmasq_armors
...
Do not forward private domains for upstream resolvers
2016-12-20 14:25:17 +01:00
Antoine Legrand
acc4c6a61e
Merge pull request #785 from bogdando/pipelines
...
Add gitlab CI auto builds for triggers
2016-12-20 14:18:19 +01:00
Bogdan Dobrelya
072c4e4669
Merge pull request #775 from kubernetes-incubator/register_master
...
Register master node as unschedulable
2016-12-20 14:17:55 +01:00
Bogdan Dobrelya
5674da25d0
Add gitlab CI auto builds for triggers
...
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-20 11:23:13 +01:00
Sam Stoelinga
0908c964b5
Fix #781 prevent vagrant asking for password
...
When download_run_once=True it will try to first download images to host
running vagrant, then upload the images from vagrant host to the vagrant
vms. While trying to upload the images it will ask for a the vagrant
linux user password.
For small environments this behaviour is unnecessary hence changing the
default to download_run_once=False inside the Vagrantfile seems like a
good fix.
2016-12-19 11:52:18 -08:00
Bogdan Dobrelya
c147f710ab
Merge pull request #774 from kubernetes-incubator/ant31-patch-2
...
check if calico_peer_rr is defined
2016-12-19 18:19:03 +01:00
Bogdan Dobrelya
eb234efa00
Merge pull request #778 from mattymo/fix_etcd_upgrade
...
Fix etcd to-SSL upgrade and task register vars
2016-12-19 15:20:07 +01:00