Commit graph

3840 commits

Author SHA1 Message Date
RongZhang
67ffd8e923 Add etcd-events cluster for kube-apiserver (#2385)
Add etcd-events cluster for kube-apiserver
2018-03-01 11:39:14 +03:00
Chad Swenson
af7edf4dff
Merge pull request #2369 from eviln1/fix-insecure-apiserver-port
fix apiserver manifest when disabling insecure_port
2018-02-28 17:48:08 -06:00
Spencer Smith
0fd3b9f7af
Merge pull request #2391 from Miouge1/latest-helm
Install latest version of Helm
2018-02-28 15:04:41 -05:00
Matthew Mosesohn
7ef9f4dfdd
Revert "Add pre-upgrade task for moving credentials file" (#2393) 2018-02-28 22:41:52 +03:00
Brad Beam
6ce507f39f
Merge pull request #2345 from mattymo/credentials_upgrade_fix
Add pre-upgrade task for moving credentials file
2018-02-28 12:39:02 -06:00
Brad Beam
34cab91e86
Merge pull request #2366 from z1nkum/bump_dashboard_tag
Bump dashboard from 1.8.1 to 1.8.3 because of reload bug
2018-02-28 12:38:34 -06:00
Brad Beam
63de9bdba3
Merge pull request #2363 from whereismyjetpack/default-kube-proxy
default kube_proxy_mode in kubernetes-defaults
2018-02-28 12:37:46 -06:00
Brad Beam
afb6e7dfc3
Merge pull request #2362 from mattymo/calico_ignore_extra_pools_again
Use CNI to assign kube_pods_subnet for calico
2018-02-28 12:36:50 -06:00
Brad Beam
ad89d1c876 Update pre_upgrade.yml 2018-02-28 19:07:44 +03:00
Simon Li
6b80ac6500
Fix indexing of supplementary DNS in openssl.conf 2018-02-28 16:04:52 +00:00
Miouge1
2257dc9baa Install latest version of Helm 2018-02-28 16:29:38 +01:00
Andrew Greenwood
a40d9f3c72 Document a silent killer... (#2373)
Adding this into the default example inventory so it has less of a chance of biting others after weeks of random failures (as etcd does not  express that it has run out of RAM it just stalls).. 512MB was not  enough for us to run one of our products.
2018-02-28 15:36:51 +03:00
Dmitry Vlasov
977e7ae105 remove obsolete init image, bump dashboard version 1.8.1 -> 1.8.3 2018-02-28 12:52:59 +03:00
Matthew Mosesohn
bc0fc5df98
Use node cert for etcd tasks instead of delegating to first etcd (#2386)
For etcdctl commands, use admin cert instead of node because this file
doesn't exist on etcd only hosts.
2018-02-27 22:23:51 +03:00
Brad Beam
810c10a0e9
Merge pull request #2382 from chechiachang/replace-tab-with-space-and-remove-redundant-spaces
Remove redundant spaces
2018-02-27 10:39:57 -06:00
Matthew Mosesohn
bb469005b2 Add pre-upgrade task for moving credentials file 2018-02-27 17:35:15 +03:00
Brad Beam
89ade65ad6 Fixing etcd certs for calico rr (#2374) 2018-02-27 17:34:07 +03:00
RongZhang
128d3ef94c Fix run kubectl error (#2199)
* Fix run kubectl error

Fix run kubectl error when first master doesn't work

* if access_ip is define use first_kube_master
else different master use a different ip

* Delete set first_kube_master and use kube_apiserver_access_address
2018-02-27 16:32:20 +03:00
RongZhang
b7e06085c7 Upgrade to Kubernetes v1.9.3 (#2323)
Upgrade to Kubernetes v1.9.3
2018-02-27 14:31:59 +03:00
David Chang
8875e25fe9 Replace tab with space. Remove redundant spaces 2018-02-27 14:34:58 +08:00
Chad Swenson
44f9739750
Merge pull request #2326 from merwan/patch-1
Fix link markdown markup
2018-02-26 18:40:11 -06:00
Chad Swenson
9e85a023c1
Merge pull request #2360 from mattymo/reset_fixes
retry unmount kubelet dirs
2018-02-26 18:30:38 -06:00
Drew Leske
b6698e686a
Update README.md with minor fixes/clarifications 2018-02-23 16:54:13 -08:00
Drew Leske
66bd570584
Update README.md with minor fixes and cleanup 2018-02-23 15:05:29 -08:00
Drew Leske
e2c5a3895b Rename sample inventory directory to be less awkward 2018-02-23 14:39:31 -08:00
Drew Leske
fe719c1bc1 Update OpenStack contrib to use per-cluster inventory layout
Supports Kubespray workspace with multiple OpenStack-deployed k8s
clusters.

* Create sample inventory directory for template
* Moved broken `group_vars` symlink to sample directory
* Created sample cluster Terraform file
* Updated documentation
2018-02-23 12:08:45 -08:00
Drew Leske
89fe6505f9 Correct use of deprecated argument to TF/OpenStack module
https://www.terraform.io/docs/providers/openstack/r/networking_router_v2.html#external_gateway
2018-02-22 22:41:19 -08:00
Brad Beam
4b5f780ff0
Merge pull request #2357 from octarinesec/eyeofthefrog/set_TasksMax_infinity_for_ubuntu
Set TasksMax to infinity on any OS with systemd
2018-02-22 21:31:10 -06:00
Brad Beam
31659efe13 Fixing cert name in calico/canal for etcd check (#2358) 2018-02-22 17:37:07 +03:00
Nedim Haveric
2bd3776ddb fix apiserver manifest when disabling insecure_port 2018-02-22 14:00:32 +01:00
Brad Beam
c874f16c02 Fixing credential lookup for fe proxy and vault (#2361) 2018-02-22 15:09:26 +03:00
Maxim Krasilnikov
ba91304636 Fixed generate front proxy client certs with vault (#2359)
* Fixed generate front proxy client certs with vault

* fix vault cert management

* Distrebute etcd node certs to vault hosts
2018-02-22 15:08:50 +03:00
Andreas Krüger
42a0f46268 Add health check to kube proxy (#2356)
Adding health checking to kube proxy. Fixes #2308
2018-02-21 23:14:45 +03:00
Andreas Krüger
d84ff06f73 Set filemode to 0640 (#2315)
* Set filemode to 0640

weave-net.yml file is readable by all users on the host. It however contains the weave_password to encrypt all pod communication. It should only be readable by root.

* Set mode 0640 on users_file with basic auth
2018-02-21 23:13:46 +03:00
Matthew Mosesohn
87f33a4644 Use CNI to assign kube_pods_subnet for calico
Now calico can be deployed if there are other existing pools
and not confuse IPAM and end up with pods in the wrong pools.
2018-02-21 20:32:28 +03:00
Dann Bohn
2d69b05c77 set local_release_dir in downloads to match others 2018-02-21 11:35:34 -05:00
Dann Bohn
2eb57ee5cd default kube_proxy_mode in kubernetes-defaults 2018-02-21 11:33:25 -05:00
Chris Mildebrandt
85c69c2a4a Add check for atomic hosts in template 2018-02-21 08:26:18 -08:00
Matthew Mosesohn
c20f38b89c retry unmount kubelet dirs 2018-02-21 14:41:57 +03:00
Aivars Sterns
bfe196236f
Merge pull request #2033 from ArchiFleKs/terraform-fix-cred
Update Terraform docs and authentication method
2018-02-21 12:16:24 +02:00
Wong Hoi Sing Edison
d4c61d2628 Fixup for gce_centos7-flannel-addons 2018-02-21 13:41:25 +08:00
Wong Hoi Sing Edison
deef47c923 Upgrade Local Volume Provisioner Addon to v2.0.0 2018-02-21 13:41:25 +08:00
Chris Mildebrandt
c19d8994b9 Set TasksMax to infinity on any OS with systemd 2018-02-20 11:55:13 -08:00
Chad Swenson
2de6da25a8
Merge pull request #2312 from woopstar/patch-7
Added iptables lock fix and ajusted oom-score
2018-02-19 22:47:07 -06:00
melkosoft
f13e76d022 Added cilium support (#2236)
* Added cilium support

* Fix typo in debian test config

* Remove empty lines

* Changed cilium version from <latest> to <v1.0.0-rc3>

* Add missing changes for cilium

* Add cilium to CI pipeline

* Fix wrong file name

* Check kernel version for cilium

* fixed ci error

* fixed cilium-ds.j2 template

* added waiting for cilium pods to run

* Fixed missing EOF

* Fixed trailing spaces

* Fixed trailing spaces

* Fixed trailing spaces

* Fixed too many blank lines

* Updated tolerations,annotations in cilium DS template

* Set cilium_version to iptables-1.9 to see if bug is fixed in CI

* Update cilium image tag to v1.0.0-rc4

* Update Cilium test case CI vars filenames

* Add optional prometheus flag, adjust initial readiness delay

* Update README.md with cilium info
2018-02-16 21:37:47 -06:00
Dann Bohn
95e2bde15b set nodeName to "{{ inventory_hostname }}" in kubeadm-config 2018-02-16 16:20:08 -05:00
Antoine Legrand
5c0a41a6e0
Merge pull request #2340 from eduardobaitello/patch-1
Fix typo in aws.md docs
2018-02-16 19:03:14 +01:00
David Miller
6424928ba3 Update typo in the tag necessary for the ELB role (#2330) 2018-02-16 17:20:03 +01:00
Miouge1
4c280e59d4 Use legacy policy config to apply the scheduler policy 2018-02-16 13:43:35 +01:00
Antoine Legrand
56b7400dac
Merge pull request #2325 from kubernetes-incubator/ci_two_stages
rollback to a two stage CI
2018-02-15 23:27:45 +01:00