RongZhang
3846384d56
Bump kube-dns to 1.14.8 ( #2204 )
...
Bump kube-dns to 1.14.8
2018-01-30 19:23:37 +03:00
Dmitri Rubinstein
331f141f63
Fix DNS entries in etcd's openssl.conf by adding a newline. ( #2208 )
...
DNS entries generated from 'etcd_cert_alt_names' variable in etcd's
openssl.conf are not terminated by a newline.
This fixes issue #2207 .
2018-01-30 16:26:58 +03:00
Matthew Mosesohn
62dd3d2a9d
Add missing group var default values to kubespray-defaults
2018-01-30 16:04:00 +03:00
Sébastien Han
fa8a128e49
etcd: ability to enable/disable ETCD_PEER_CLIENT_CERT_AUTH
...
Some installation are failing to authenticate with peers due to
etcd picking up/resoling the wrong node.
By setting 'etcd_peer_client_auth' to "False" you can disable peer client cert
authentication.
Signed-off-by: Sébastien Han <seb@redhat.com>
2018-01-30 11:19:12 +01:00
rong.zhang
b10c308a5a
Support ipvs mode for kube-proxy
...
Support ipvs mode for kube-proxy
2018-01-30 13:09:01 +08:00
rong.zhang
e22c70e431
Upgrade to Kubernetes v1.9.2
2018-01-30 13:04:38 +08:00
Chad Swenson
f4fe9e3421
Merge pull request #2171 from ArchiFleKs/kubeproxy-lvs
...
Add lib/modules to kube-proxy to enable LVS
2018-01-29 22:58:02 -06:00
Brad Beam
da173615e4
Merge pull request #2048 from xizhibei/master
...
Fix: always only one container got synced after download
2018-01-29 16:01:11 -06:00
Matthew Mosesohn
dc6a17e092
Use include/import tasks ( #2192 )
...
import_tasks will consume far less memory, so it should be
used whenever it is compatible.
2018-01-29 14:37:48 +03:00
Antoine Legrand
f4180503c8
Merge pull request #2196 from Miouge1/network-size-large-deploy
...
Network size large deploy documentation
2018-01-26 15:26:03 +01:00
Miouge1
240d4193ae
Update information about network sizes
2018-01-26 15:23:21 +01:00
Matthew Mosesohn
ac66e98ae9
Upgrade to Kubernetes v1.9.1 ( #2152 )
...
Raise drain timeout to 5m
2018-01-25 18:44:44 +03:00
Matthew Mosesohn
d2935ffed0
Optionally ignore the presence of extra calico pools ( #2190 )
2018-01-25 18:44:20 +03:00
Chad Swenson
c6e0fcea31
Merge pull request #1948 from sgmitchell/secured-etcd
...
Enable etcd secure client to prevent etcdctl access without cert and key
2018-01-25 09:35:51 -06:00
Chad Swenson
5d014d986b
Merge pull request #1992 from manics/flannel-hairpin
...
Enable flannel hairpin mode
2018-01-24 21:20:03 -06:00
mirwan
714994cad8
iptables: flush nat table as well as filter table upon reset ( #2174 )
...
* iptables: flush nat table as well as filter table upon reset
* Indentation fix
2018-01-24 20:22:49 -06:00
Brad Beam
08fe61e058
Merge pull request #2071 from riverzhang/dashboard
...
Update dashboard version to v1.8.1
2018-01-24 20:10:05 -06:00
Brad Beam
0c8bed21ee
Merge pull request #2019 from chadswen/disable-api-insecure-port
...
Support for disabling apiserver insecure port (the sequel)
2018-01-24 19:58:53 -06:00
Brad Beam
98eb845f8c
Merge pull request #2173 from mirwan/hardcoded_dnsmasq-autoscaler_image
...
Dnsmasq autoscaler image should be a variable
2018-01-24 16:15:59 -06:00
Brad Beam
98300e3165
Merge pull request #2155 from brutus333/fix/pvc
...
Fix for Issue #2141
2018-01-24 16:15:33 -06:00
Matthew Mosesohn
bf1411060e
Add optional manual dns_mode ( #2178 )
2018-01-23 14:28:42 +01:00
Virgil Chereches
a4d142368b
Renamed variable from disable_volume_zone_conflict to volume_cross_zone_attachment and removed cloud provider condition; fix identation
2018-01-23 13:14:00 +00:00
Brad Beam
eb80f9b606
Merge pull request #2154 from tdihp/proxy-conf-restart-docker
...
Restart docker when http-proxy.conf changed.
2018-01-22 08:39:05 -06:00
Stanislav Makar
ae47b617e3
Fix 'no such host' problem ( #2148 )
...
Fix 'no such host' problem reported by commands *kubectl logs* and *kubectl exec*
when cloud_provider is OpenStack
Closes : #2147
2018-01-22 16:08:24 +03:00
Bogdan Dobrelya
c116b8022e
Update rpm spec and pbr setup configs ( #2170 )
...
* Update rpm spec and pbr setup configs
* Rename package to kubespray
* Do not break Fedora's FHS and install to /usr/share instead
* Remove the vendor tag
* Update source0 for better artifacts' names
* Fix missing files build errors
* Make version/release to auto match from git and fit PEP 440
Co-authored-by: Matthias Runge <mrunge@redhat.com>
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
* Add package paths to roles search in ansible conf
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
* Poke jinja2 requirements in rpm spec file
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2018-01-18 16:22:37 +01:00
Erwan Miran
5b98e15613
Merge branch 'hardcoded_dnsmasq-autoscaler_image' of github.com:mirwan/kubespray into hardcoded_dnsmasq-autoscaler_image
2018-01-18 16:04:35 +01:00
Erwan Miran
e5b4011aa4
move hardcoded dnsmasq autoscaler image to its own variable
2018-01-18 16:04:29 +01:00
Virgil Chereches
3125f93b3f
Added disable_volume_zone_conflict variable
2018-01-18 10:55:23 +00:00
Spencer Smith
f19c8e8c1d
Merge pull request #2132 from PhilippeChepy/flex-volumes
...
Add support for flex volumes plugins.
2018-01-17 15:00:45 -05:00
Dave Carley
752fba1691
Fix spelling mistakes in group_vars ( #2166 )
2018-01-17 18:42:27 +03:00
ArchiFleKs
637604d08f
Add lib/modules to kube-proxy to enable LVS
...
kube-proxy is complaining of missing modules at startup. There is a plan
to also support an LVS implementation of kube-proxy in additon to
userspace and iptables
2018-01-17 16:35:53 +01:00
Erwan Miran
1a9989ade9
move hardcoded dnsmasq autoscaler image to its own variable
2018-01-16 09:11:59 +01:00
Jonas Kongslund
11844c987c
Make the Kubelet read-only port configurable and disable it by default. Fixes #2159 .
2018-01-16 11:11:41 +04:00
Virgil Chereches
8c45c88d15
Fix for Issue #2141 - added policy file
2018-01-12 07:15:35 +00:00
Virgil Chereches
c87bb2f239
Fix for Issue #2141
2018-01-12 07:07:02 +00:00
heping
32eeb9a0e0
Restart docker when http-proxy.conf changed.
2018-01-12 10:56:25 +08:00
rong.zhang
df21fc8643
Remove initContainer
2018-01-10 12:17:17 +08:00
Spencer Smith
ffbdf31ac4
Merge pull request #2135 from riverron/master
...
Updated with correct syntax to access default_tags variable.
2018-01-09 17:22:12 -05:00
Spencer Smith
ccd9cc3dce
Merge pull request #2146 from abelgana/master
...
Manage deprecated kubelet option
2018-01-09 17:19:42 -05:00
Spencer Smith
81867402f6
Merge pull request #2145 from pslijkhuis/master
...
Add kubelet_custom_flags to kubelet.kubeadm.env.j2
2018-01-09 17:19:09 -05:00
Spencer Smith
4f5d61212b
Merge pull request #2144 from neith00/weave-2.1.3
...
updated weave to 2.1.3
2018-01-09 17:18:26 -05:00
Spencer Smith
ef96123482
Merge pull request #2068 from chadswen/remove-container-retries
...
Retry kube container removal during upgrade
2018-01-09 15:03:50 -05:00
Spencer Smith
ee27ab0052
Merge pull request #2124 from riverzhang/patch-3
...
Remove blank lines
2018-01-09 14:58:49 -05:00
Spencer Smith
57f87ba083
Merge pull request #2142 from trilogy-group/hotfix/fluentd-template
...
fix fluentd template
2018-01-09 14:44:50 -05:00
abelgana
a9bb72c6fd
require-kubeconfig is depricated since k8s v1.8
2018-01-09 14:35:42 -05:00
abelgana
9506c2e597
require-kubeconfig is deprecated since K8s v1.8
2018-01-09 14:33:05 -05:00
Peter Slijkhuis
32884357ff
Add kubelet_custom_flags to kubelet.kubeadm.env.j2
2018-01-09 14:04:36 +01:00
Bogdan Dobrelya
278ac08087
Fix HA docs API access endpoints explained ( #2126 )
...
* Fix HA docs API access endpoints explained
Follow-up commit 81347298a3
and fix the endpoint value provided in HA docs.
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
* Clarify internal LB with external LB use case
* Clarify how to use both internal and external, non-cluster aware and
not managed with Kubespray, LB solutions.
* Clarify the requirements, like TLS/SSL termination, for such an external LB.
Unlike to the 'cluster-aware' external LB config, endpoints' security must be
managed by that non-cluster aware external LB.
* Note that masters always contact their local apiservers via https://bip:sp .
It's highly unlikely to go down and it reduces latency that might be
introduced when going host->lb->host. Only computes go that path.
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
* Add a note for supplementary_addresses_in_ssl_keys
Explain how to benefit from supplementary_addresses_in_ssl_keys
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2018-01-09 16:01:50 +03:00
neith00
88204642b7
updated weave to 2.1.3
2018-01-09 13:50:42 +01:00
Matthew Mosesohn
1401286910
Add support for cert alt names for etcd ( #2139 )
...
* Add support for cert alt names for etcd
* Update gen_certs_vault.yml
2018-01-09 14:37:34 +03:00