Matthew Mosesohn
68f441fbdb
Merge pull request #1013 from mattymo/remove_masqerade_all
...
Disable kube_proxy_masquerade_all
2017-02-14 14:00:29 +03:00
Antoine Legrand
4b5f334878
Merge pull request #1027 from hvnsweeting/master
...
Multiples doc fixes
2017-02-14 11:39:22 +01:00
Hung Nguyen Viet
4cb20ca509
Highlight important action
2017-02-14 17:18:25 +07:00
Hung Nguyen Viet
e960a3b567
Fix typo
2017-02-14 17:18:22 +07:00
Antoine Legrand
1cd0d85cc1
Merge pull request #1025 from holser/bug/961
...
Install pip on Ubuntu
2017-02-14 10:31:42 +01:00
Matthew Mosesohn
73a8613e42
Merge pull request #1021 from holser/remove_deprecated
...
Replace always_run with check_mode
2017-02-14 11:25:58 +03:00
Matthew Mosesohn
f671ef5ad2
Merge pull request #1015 from holser/rkt_ssl_ca_dirs
...
Set ssl_ca_dirs for rkt based on fact
2017-02-14 11:25:17 +03:00
Sergii Golovatiuk
07416a329e
Install pip on Ubuntu
...
- Refactor 'Check if bootstrap is needed' as ansible loop. This allows
to add new elements easily without refactoring. Add pip to the list.
- Refactor 'Install python 2.x' task to run once if any of rc
codes != 0. Actually, need_bootstrap is array of hashes, so map will
allow to get single array of rc statuses. So if status is not zero it
will be sorted and the last element will be get, converted to bool.
Closes : #961
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-02-13 19:35:13 +01:00
Antoine Legrand
f7f6cf9948
Merge pull request #1024 from holser/bug/961
...
Install pip on Ubuntu
2017-02-13 17:53:57 +01:00
Matthew Mosesohn
192fc13ff2
Merge pull request #1023 from mattymo/fix_dnsmasq_cleanup
...
Clean up dnsmasq purge task
2017-02-13 19:50:01 +03:00
Vladimir Rutsky
fff8780a51
set "check_mode: no" for read-only "shell" steps that registers result
...
"shell" step doesn't support check mode, which currently leads to failures,
when Ansible is being run in check mode (because Ansible doesn't run command,
assuming that command might have effect, and no "rc" or "output" is registered).
Setting "check_mode: no" allows to run those "shell" commands in check mode
(which is safe, because those shell commands doesn't have side effects).
2017-02-13 18:53:41 +03:00
Sergii Golovatiuk
4b7398f29c
Install pip on Ubuntu
...
Closes : #961
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-02-13 16:27:09 +01:00
Greg Althaus
932629cc38
When resolv.conf changes during host_resolvconf mode, we need to
...
restart the controller to get the new file configuration.
I'm not fond of this form and would like a better way, but this
seems to "work".
2017-02-13 09:20:02 -06:00
Antoine Legrand
ad67517ab1
Merge pull request #1022 from kubernetes-incubator/ant31-patch-1
...
Document gitlab-runner.sh
2017-02-13 15:40:34 +01:00
Matthew Mosesohn
2e12ebb9cb
Clean up dnsmasq purge task
2017-02-13 17:30:15 +03:00
Antoine Legrand
426995fa36
Document gitlab-runner.sh
2017-02-13 15:04:35 +01:00
Sergii Golovatiuk
959517aa62
Replace always_run with check_mode
...
always_run was deprecated in Ansible 2.2 and will be removed in 2.4
ansible logs contain "[DEPRECATION WARNING]: always_run is deprecated.
Use check_mode = no instead". This patch fix deprecation.
2017-02-13 15:00:56 +01:00
Matthew Mosesohn
8afce340c4
Update calico to v1.0.2
...
Also calico-cni to v1.5.6, calico-policy to v0.5.2
Fixes : #1011
2017-02-13 15:39:25 +03:00
Sergii Golovatiuk
5494d608e5
Set ssl_ca_dirs for rkt based on fact
...
Since systemd kubelet.service has {{ ssl_ca_dirs }}, fact should be
gathered before writing kubelet.service.
Closes : #1007
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-02-13 13:28:29 +01:00
Matthew Mosesohn
896307b692
Merge pull request #988 from mattymo/feat/rolling3
...
Add CI cases for testing upgrade from v2.0.1 release
2017-02-10 18:09:43 +03:00
Matthew Mosesohn
543848c41e
Merge pull request #983 from vwfs/centos_kernel_upgrade
...
Add kernel upgrade for CentOS
2017-02-10 14:40:27 +03:00
Antoine Legrand
6bd180eadf
Merge pull request #1009 from mattymo/dnsmasq_updates
...
Enable reset of dnsmasq if manifest or config changes
2017-02-10 11:43:09 +01:00
Matthew Mosesohn
ccd865c564
fixup upgrades for canal and weave
2017-02-10 13:27:41 +03:00
Matthew Mosesohn
21d648ad36
Disable kube_proxy_masquerade_all
...
Fixes #1012
2017-02-10 13:16:39 +03:00
Matthew Mosesohn
298847ffa3
Merge pull request #1010 from bogdando/fixes
...
Fix misleading HA docs
2017-02-10 13:01:29 +03:00
Bogdan Dobrelya
0ddcc74412
Merge pull request #1002 from code0x9/master
...
use ansible sysctl module for config ip forwarding
2017-02-10 10:40:18 +01:00
Bogdan Dobrelya
22cae3c361
Fix misleading HA docs
...
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2017-02-10 10:28:27 +01:00
Alexander Block
aeb12fdc10
Add kernel upgrade for CentOS
2017-02-10 09:29:12 +01:00
Matthew Mosesohn
cfe50795e2
Enable reset of dnsmasq if manifest or config changes
2017-02-10 10:40:07 +04:00
Matthew Mosesohn
14e10988fc
Merge pull request #989 from holser/kubelet_remedy
...
Kubernetes Reliability Improvements
2017-02-10 09:29:29 +03:00
Matthew Mosesohn
729bf56910
Merge pull request #1004 from galthaus/kubelet-load-modules
...
Allow kubelet to load kernel modules
2017-02-10 09:28:16 +03:00
Matthew Mosesohn
c4594022ca
Add CI cases for testing upgrade from v2.0.1 release
...
These are manual trigger jobs, but should be run if any PR
impacts upgrades.
2017-02-10 10:20:58 +04:00
Matthew Mosesohn
9514f32135
Merge pull request #1006 from mattymo/fix_weave_upgrade
...
Enable weave upgrade from previous versions
2017-02-10 09:03:49 +03:00
Antoine Legrand
8898dcda22
Merge pull request #1001 from idcrook/kargo-issue-1000-efk-enable
...
removed explicit role for efk in cluster.yml
2017-02-10 03:03:18 +01:00
Sergii Golovatiuk
c0d2cca45d
Kubernetes Reliability Improvements
...
- Exclude kubelet CPU/RAM (kube-reserved) from cgroup. It decreases a
chance of overcommitment
- Add a possibility to modify Kubelet node-status-update-frequency
- Add a posibility to configure node-monitor-grace-period,
node-monitor-period, pod-eviction-timeout for Kubernetes controller
manager
- Add Kubernetes Relaibility Documentation with recomendations for
various scenarios.
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
2017-02-09 23:54:08 +01:00
Matthew Mosesohn
e0cfea02bf
Enable weave upgrade from previous versions
...
Raise readiness probe initial time to 60 (was 30)
2017-02-09 21:39:31 +03:00
Matthew Mosesohn
372c5beadd
Merge pull request #1005 from rutsky/patch-2
...
fix kube_apiserver_ip/kube_apiserver_port description
2017-02-09 21:08:15 +03:00
Vladimir Rutsky
c1c94c5d21
fix kube_apiserver_ip/kube_apiserver_port description
2017-02-09 21:47:36 +04:00
Matthew Mosesohn
b68afe7efa
Merge pull request #998 from mattymo/fix_upgrade_daemonsets
...
Fix upgrade for all daemonset type resources
2017-02-09 20:02:21 +03:00
Greg Althaus
d6f1f0c88b
Make kubelet_load_modules always present but false.
...
Update code and docs for that assumption.
2017-02-09 10:25:44 -06:00
Greg Althaus
8f00a07bf6
Due to the nsenter and other reworks, it appears that
...
kubelet lost the ability to load kernel modules. This
puts that back by adding the lib/modules mount to kubelet.
The new variable kubelet_load_modules can be set to true
to enable this item. It is OFF by default.
2017-02-09 10:02:26 -06:00
Matthew Mosesohn
b5cfeca474
Merge pull request #999 from holser/decrease_weave_ram_limits
...
Lower weave RAM settings.
2017-02-09 13:19:12 +03:00
Mark Lee
331957c9a8
follow sysctl.conf file symlink if linked
2017-02-09 18:16:52 +09:00
Mark Lee
224e6acb3a
use ansible sysctl module for config ip forwarding
2017-02-09 17:28:44 +09:00
Bogdan Dobrelya
93c562b1bb
Merge pull request #902 from insequent/master
...
Adding vault role
2017-02-09 09:24:52 +01:00
Bogdan Dobrelya
d0f4ab3129
Merge pull request #993 from code0x9/master
...
enable proxy support on docker repository
2017-02-09 09:21:01 +01:00
David Crook
395fee8dbd
removed explicit role for efk in cluster.yml
2017-02-08 20:48:28 -07:00
Antoine Legrand
35a7ad55d0
Merge pull request #986 from vwfs/dnsmasq_system_nameservers
...
Also add the system nameservers to upstream servers in dnsmasq
2017-02-08 23:21:54 +01:00
Antoine Legrand
d28d118b3e
Merge pull request #984 from rutsky/patch-2
...
fix typo: "explicetely"
2017-02-08 23:19:01 +01:00
Josh Conant
764ad6e099
Vault security hardening and role isolation
2017-02-08 21:41:36 +00:00