Rong Zhang
7850bce254
Merge pull request #2994 from DBLaci/master
...
dashboard_token_ttl option override possibility with default
2018-08-07 17:16:25 +08:00
Rong Zhang
3d19e03294
Merge pull request #3015 from podnov/kube_proxy_healthz_bind_address
...
Variablize kube_proxy_healthz_bind_address
2018-08-07 17:10:33 +08:00
Rong Zhang
b1f8bfdf7c
Merge pull request #3055 from reverson/17.09-docker
...
Add support for docker 17.09
2018-08-07 16:57:50 +08:00
Wong Hoi Sing Edison
0f400a113c
cert-manager: Upgrade to 0.4.0
...
Upstream Changes:
- cert-manager 0.4.0 (https://github.com/jetstack/cert-manager/releases/tag/v0.4.0 )
2018-08-07 14:29:28 +08:00
Aleksey Shirokih
e8447e3d71
Service file binary place mismatch
...
According to cluster/binary.yml vault binary will be placed to `{{ bin_dir }}` and according to `inventory/sample/group_vars/all.yml` that is
`inventory/sample/group_vars/all.yml`
2018-08-06 14:44:13 +03:00
rongzhang
ac644ed049
Fix yaml roles error
2018-08-05 18:48:07 +08:00
Rong Zhang
453fea1977
Merge pull request #3034 from cornelius-keller/library_fix
...
fix missing libraries on newer coreos versions
2018-08-05 12:54:03 +08:00
cornelius-keller
4b5cb1185f
fix missing libraries on newer coreos versions
2018-08-03 15:29:05 +02:00
Robert Everson
275cdc1ce3
Add support for docker 17.09
2018-08-02 11:35:16 -07:00
DBLaci
d43f09081e
Merge pull request #1 from kubernetes-incubator/master
...
Follow upstream
2018-08-01 16:34:10 +02:00
woosley.xu
72074f283b
set local for growpart part 2
2018-07-31 06:56:09 +08:00
woosley.xu
a5db3dbea9
set locale for growpart
2018-07-31 06:52:56 +08:00
Alexandre Ardhuin
9b349a9049
Fix label of registry in README
2018-07-27 11:42:21 +02:00
Seungkyu Ahn
0366600b45
Remove double slash
...
Even without this PR, the operation works well.
However, it is better to use a single slash rather than
a double slash in the path.
2018-07-20 07:34:33 +00:00
Evan Zeimet
6a4ce96b7d
Variablize kube_proxy_healthz_bind_address
...
This fixes #3014
2018-07-19 14:19:09 -05:00
DBLaci
b61c64a8ea
token-ttl default value is int in seconds
2018-07-19 12:15:47 +02:00
Takashi Okamoto
37ccf7e405
Fixed kubectl path.
2018-07-13 15:32:08 +00:00
DBLaci
cb91003cea
dashboard_token_ttl option override possibility with default
2018-07-13 15:26:18 +02:00
Matthew Mosesohn
97e0de7e29
Fix vault file owner issues and k8s apiserver cert creation ( #2985 )
...
apiserver cert should be created only once
2018-07-11 14:58:02 +03:00
Rong Zhang
cf445fd4fe
Merge pull request #2930 from alvistack/ingress-nginx-0.16.1
...
ingress-nginx: Upgrade to 0.16.2
2018-07-10 14:42:37 +08:00
Aivars Sterns
72f053d9bb
Merge pull request #2972 from mattymo/force_cni_cp
...
Force copy cni files
2018-07-10 09:40:10 +03:00
Wong Hoi Sing Edison
a0defefb3f
ingress-nginx: Upgrade to 0.16.2
...
ingress-nginx 0.16.2 (https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.16.2 )
This patch simplify ingress-nginx deployment by default deploy on
master, with customizable options; on the other hand, remove the
additional Ansible group "kube-ingress" and its k8s node label
injection.
Reference to https://kubernetes.io/docs/concepts/services-networking/ingress/#prerequisites :
GCE/Google Kubernetes Engine deploys an ingress controller on the master.
By changing `ingress_nginx_nodeselector` plus custom k8s node
label, user could customize the DaemonSet deployment target.
If `ingress_nginx_nodeselector` is empty, will deploy DaemonSet on
every k8s node.
2018-07-10 12:26:06 +08:00
Wong Hoi Sing Edison
62b1166911
cert-manager: Upgrade to 0.3.2
...
Upstream Changes:
- cert-manager 0.3.2 (https://github.com/jetstack/cert-manager/releases/tag/v0.3.2 )
Our Changes:
- Remove legacy addon dir, manifests and namespace before upgrade
2018-07-10 08:48:44 +08:00
Rong Zhang
810596c6d8
Merge pull request #2974 from alvistack/cephfs-provisioner-1.1.0-k8s1.10
...
cephfs-provisioner: Upgrade to 1.1.0-k8s1.10
2018-07-09 13:53:07 +08:00
Rong Zhang
a488d55c2c
Merge pull request #2975 from daohoangson/remove_force_disable_kube_basic_auth
...
Remove step that disables `kube_basic_auth`.
2018-07-08 21:18:36 +08:00
Alexandru Bogdan Pica
e63bc65a9d
Fix 2976
...
Fix failure when the container attribute is not set for a download
2018-07-08 13:36:47 +03:00
Dao Hoang Son
d306c9708c
Remove step that force disable kube_basic_auth
.
...
The referenced issue (https://github.com/kubernetes/kubeadm/issues/441 ) has already been fixed.
2018-07-08 16:57:43 +07:00
Wong Hoi Sing Edison
6a65345ef3
cephfs-provisioner: Upgrade to 1.1.0-k8s1.10
...
Upstream Changes:
- Update CEPH_VERSION to mimic (https://github.com/kubernetes-incubator/external-storage/pull/841 )
Our Changes:
- Using image from official repo which contain latest changes (https://quay.io/repository/external_storage/cephfs-provisioner )
2018-07-08 00:37:08 +08:00
Matthew Mosesohn
1a3b9dd864
Force copy cni files
2018-07-06 16:39:42 +03:00
elementyang
8fee1ab102
change create to apply
2018-07-06 19:36:19 +08:00
Matthew Mosesohn
5c617c5a8b
Add tags to deploy components by --tags option ( #2960 )
...
* Add tags for cert serial tasks
This will help facilitate tag-based deployment of specific components.
* fixup kubernetes node
2018-07-06 09:12:13 +03:00
Matthew Mosesohn
0b939a495b
Improve vault etcd initialization check ( #2959 )
2018-07-05 12:27:45 +03:00
Aivars Sterns
4092f96dd8
Merge pull request #2946 from Miouge1/remove-pid-predicate
...
CheckNodePIDPressure is not supported in v1.10
2018-07-04 18:30:19 +03:00
Rong Zhang
77c870b7d0
Merge pull request #2951 from alvistack/cephfs-provisioner-06fddbe2
...
cephfs-provisioner: Upgrade to 06fddbe2
2018-07-03 19:36:42 +08:00
Rong Zhang
32a6ca4fd6
Merge pull request #2948 from qeqar/remove-node-limit
...
move node selection from --limit to --extra-vars=node<nodename>"
2018-07-03 18:41:57 +08:00
Wong Hoi Sing Edison
728024e8ff
cephfs-provisioner: Upgrade to 06fddbe2
...
- cephfs-provisioner 06fddbe2 (https://github.com/kubernetes-incubator/external-storage/tree/06fddbe2/ceph/cephfs )
Noteable changes from upstream:
- Added storage class parameters to specify a root path within the backing cephfs and, optionally, use deterministic directory and user names (https://github.com/kubernetes-incubator/external-storage/pull/696 )
- Support capacity (https://github.com/kubernetes-incubator/external-storage/pull/770 )
- Enable metrics server (https://github.com/kubernetes-incubator/external-storage/pull/797 )
Other noteable changes:
- Clean up legacy manifests file naming
- Remove legacy manifests, namespace and storageclass before upgrade
- `cephfs_provisioner_monitors` simplified as string
- Default to new deterministic naming
- Add `reclaimPolicy` support in StorageClass
With legacy non-deterministic naming style (where $UUID are generated ramdonly):
- cephfs_provisioner_claim_root: /volumes/kubernetes
- cephfs_provisioner_deterministic_names: false
- Generated CephFS volume: /volumes/kubernetes/kubernetes-dynamic-pvc-$UUID
- Generated CephFS user: kubernetes-dynamic-user-$UUID
With new default deterministic naming style (where $NAMESPACE and $PVC are predictable):
- cephfs_provisioner_claim_root: /volumes
- cephfs_provisioner_deterministic_names: true
- Generated CephFS volume: /volumes/$NAMESPACE/$PVC
- Generated CephFS user: k8s.$NAMESPACE.$PVC
2018-07-03 10:15:24 +08:00
Mark Eisenblaetter
b548f6f320
move node selection from --limit to --extra-vars=node<nodename>"
2018-07-02 20:04:36 +02:00
Nicolas Trangez
8bcad4f5ef
Fix coreos_dual
-> coredns_dual
typo
...
See: e40368ae2b
2018-07-02 17:19:35 +02:00
Rong Zhang
31e6c44b07
Merge pull request #2924 from elementyang/make-ssl-etcd-pr
...
fix the time of ca files are changed in make-ssl-etcd
2018-07-02 20:44:20 +08:00
Matthew Mosesohn
77c910c1c3
Fixup vault etcd check ( #2938 )
...
* Fixup vault etcd
* Update main.yml
2018-07-02 15:37:37 +03:00
Matthew Mosesohn
c20196f9a0
Remove modprobe binary from kubelet rkt deployment ( #2917 )
2018-07-02 15:37:24 +03:00
Rong Zhang
f6a15b1829
Merge pull request #2918 from elementyang/fix-pr
...
fix add etcd_events_access_address
2018-06-30 11:55:38 +08:00
elementyang
7c22def422
add etcd_events_access_address
2018-06-30 07:32:29 +08:00
Rong Zhang
87e49f0055
Merge pull request #2921 from elementyang/index-out-of-range-pr
...
fix template index out of range for pull images
2018-06-30 00:53:53 +08:00
Matthew Mosesohn
a36e3fbec3
Add rkt gc task ( #2945 )
2018-06-29 19:53:21 +03:00
Miouge1
2a279e30b0
CheckNodePIDPressure is not supported in v1.10
2018-06-28 20:10:38 +02:00
southquist
c685dc493f
allow for setting the cacert on openstack cloud provider
2018-06-28 16:00:13 +02:00
Andreas Krüger
e24f888bc4
Merge pull request #2923 from bradbeam/vaultrkt
...
Adding uuidfile for rkt based vault to properly cleanup after itself
2018-06-27 11:18:39 +02:00
Cédric de Saint Martin
a260412c7e
fluentd daemonset: do not set arbitrary nodeSelector.
2018-06-25 15:19:56 +02:00
neith00
a643f72d93
No need to install rkt on CoreOS
2018-06-25 09:38:24 +02:00
Aivars Sterns
73a2a18006
Merge pull request #2795 from gfkse/baremetal-override-calico-hostname
...
Make Calico nodename overridable on bare metal
2018-06-25 08:45:09 +03:00
Rong Zhang
2ef05fb3b7
Merge pull request #2763 from ameukam/update_efk_stack
...
Update efk stack
2018-06-24 19:01:32 +08:00
Rong Zhang
e06d02365e
Merge pull request #2338 from southquist/template-openstack-storage-class
...
allow for configurable openstack storage class
2018-06-24 18:42:29 +08:00
elementyang
d6f2dbc723
fix the time of ca files are changed in make-ssl-etcd
2018-06-24 13:05:43 +08:00
Brad Beam
20dba8b388
Adding uuidfile for rkt based vault to properly cleanup after itself
2018-06-23 15:14:40 -05:00
Rong Zhang
f624ba47fb
Merge pull request #2922 from riverzhang/remove-node
...
Add run_once to remove-node
2018-06-23 15:09:16 +08:00
rongzhang
94aa062d51
Add run_once to remove-node
2018-06-23 07:05:24 +00:00
elementyang
c0935e161b
fix template index out of range for pull images
2018-06-23 05:32:44 +08:00
elementyang
70fbc01cc1
fix etcd_events_access_addresses
2018-06-23 00:04:19 +08:00
Yumo Yang
6c2f169ea2
update test-pr2 ( #2911 )
2018-06-22 13:22:26 +03:00
Rong Zhang
1aee6ec371
Merge pull request #2903 from riverzhang/swap
...
Add manage swap on the worker node
2018-06-21 22:20:23 +08:00
Erwan Miran
d3fdfee211
Only subdirectories in /var/lib/kubelet should be unmounted
2018-06-21 11:50:02 +02:00
rongzhang
3232e2743e
Add manage swap on the worker node
2018-06-21 08:15:01 +00:00
Andreas Krüger
cbb959151c
Merge pull request #2737 from Miouge1/update-scheduler
...
Update kube-scheduler policy
2018-06-19 14:53:22 +02:00
Andreas Krüger
c3d8b131db
Merge pull request #2801 from dvazar/bugfix/undefined__network_plugin__variable
...
Fixed "network_plugin" variable
2018-06-19 10:01:06 +02:00
Andreas Krüger
236d1a448d
Merge pull request #2898 from kubernetes-incubator/default_true_authtoken
...
Enable by default the kubelet token auth
2018-06-19 09:56:32 +02:00
Matthew Mosesohn
61e97251a5
Improve variable handling for disabling etcd events cluster
2018-06-18 16:58:29 +03:00
Antoine Legrand
c192a01b20
Enable by default the kubelet token auth
2018-06-18 14:20:05 +02:00
Julien Mailleret
6aaaf4a272
Limit the maximum number of revisions saved per helm release ( #2894 )
...
* Limit the maximum number of revisions saved per helm release
2018-06-15 12:50:18 +02:00
Andreas Krüger
cd64f41524
Merge pull request #2844 from chechiachang/fix-inconsistent-variable-in-task-name-and-msg
...
Fix inconsistent variables in task name and task message
2018-06-15 09:19:31 +02:00
Andreas Krüger
df279b1ff6
Merge pull request #2890 from drekle/bugfix/dns-domain-incorrect-for-coredns
...
CoreDNS uses cluster_name instead of dns_domain
2018-06-15 09:06:11 +02:00
Andreas Krüger
6ac601fd2d
Merge pull request #2876 from neith00/docker_iptables
...
parametrized iptables options for docker daemon
2018-06-14 22:23:27 +02:00
Andreas Krüger
3a569c9dcb
Merge pull request #2750 from w-leads/feature/add-vmname-to-vcp-config
...
Add vm_name option to vsphere cloud provider config
2018-06-14 22:22:34 +02:00
neith00
f2f1e7f9d1
parametrized iptables options for docker daemon
2018-06-14 12:16:16 +02:00
Rong Zhang
0686b8452e
Merge pull request #2860 from alvistack/cert-manager-0.3.0
...
cert-manager: Upgrade to v0.3.0
2018-06-14 10:35:23 +08:00
Derek Lemon
1e98e8444e
Using dns domain instead of cluster name for coredns, incase they differ
2018-06-13 18:52:35 +00:00
Wong Hoi Sing Edison
291dd1aca8
Fixup #2545 , cephfs-provisioner: Individual Namespace for Add-on
2018-06-13 21:52:58 +08:00
Wong Hoi Sing Edison
38da0adead
cert-manager: Upgrade to v0.3.0
2018-06-13 21:47:44 +08:00
Rong Zhang
81b3343796
Merge pull request #2857 from alvistack/ingress-nginx-0.15.0
...
ingress-nginx: Upgrade to 0.15.0
2018-06-13 21:16:17 +08:00
Brad Beam
3d819a6edd
Adding cluster_name to api cert alt name for vault
2018-06-12 14:15:07 -05:00
rongzhang
20bd656975
Reconfigure kube-proxy to access kube-apiserver via the LB(kubeadm)
2018-06-12 12:53:50 +00:00
Frank Ritchie
cfe939ff08
Tolerate NoSchedule by default
2018-06-11 20:10:13 -04:00
Wong Hoi Sing Edison
9f245dd9b2
ingress-nginx: Upgrade to 0.15.0
2018-06-08 16:05:15 +08:00
Rong Zhang
10c9fe96b0
Merge pull request #2859 from riverzhang/nginx
...
Fix nginx-proxy HA when kubeadm enable
2018-06-08 01:10:01 +08:00
Rong Zhang
42b24616ac
Merge pull request #2856 from alvistack/kubernetes-1.10.4
...
Upgrade Kubernetes to 10.0.4 and etcd to 3.2.18
2018-06-07 23:54:03 +08:00
rongzhang
f9ccb93825
Fix nginx-proxy HA when kubeadm enable
2018-06-07 14:27:19 +00:00
Aivars Sterns
daeea75fbb
Merge pull request #2835 from oracle/bm_fix-apiserver-access-ip
...
roles/kubernetes/client: kubeconfig template should use access_ip
2018-06-07 11:50:57 +03:00
Wong Hoi Sing Edison
0ad0202e8f
Upgrade Kubernetes to 10.0.4 and etcd to 3.2.18
2018-06-07 16:20:29 +08:00
Brad Beam
1f02cc70f1
Merge pull request #2825 from dshuvar/dshuvar/docker-options.conf
...
Changed /etc/systemd/system/docker.service.d/docker-options.conf file for successful parsing mount aguments
2018-06-06 12:56:18 -05:00
Brad Beam
fe010504aa
Merge pull request #2851 from bradbeam/vaultnotify
...
Adding wait for vault up handler in service restart
2018-06-06 12:49:03 -05:00
Brad Beam
63a458063b
Adding missing rkt template for etcd-events
2018-06-06 10:43:30 -05:00
Brad Beam
a8715f9f0f
Adding wait for vault up handler in service restart
2018-06-06 10:40:27 -05:00
Matthew Mosesohn
59be578842
Revert "wip pr for improved cert sync" ( #2849 )
2018-06-06 17:22:25 +03:00
Aivars Sterns
cb0a257349
Merge pull request #2819 from oleh-ozimok/fix-cidr-assert
...
Fix enough network address space assert
2018-06-06 07:32:16 +03:00
Di Xu
1081f620d2
add support for non-amd64 arch gcr.io images
...
Currently all the gcr.io images used in kubespray can only run on x86.
Also gcr.io has not fully support multi-arch docker images.
Add extra var "image_arch" (default is amd64) to support running other
platforms, like arm64.
Change-Id: I8e1c9af533c021cb96ade291a1ce58773b40e271
2018-06-05 17:29:02 +08:00
David Chang
e1cfe83825
Fix inconsistent variables in task name and task message
2018-06-05 16:45:02 +08:00
Di Xu
6019a84fb3
Update docker package info for aarch64
...
Missing corresponding package docker-engine on aarch64, use docker instead.
Change-Id: If5df58337746a81752b5d477e0473600eaee8381
2018-06-05 16:30:28 +08:00
Di Xu
f4d762bb95
fix docker opts incompatible running on aarch64 Redhat/Centos
...
On Aarch64, the default cgroup driver for docker is systemd
instead of cgroupfs. Should conform kubelet to use systemd
as cgroup driver as well to keep it consistent with docker.
Without this change, below exception will be raised.
/usr/bin/docker-current: Error response from daemon: shim
error: docker-runc not installed on system.
Change-Id: Id496ec9eaac6580e4da2f3ef1a386c9abc2a5129
2018-06-05 16:17:16 +08:00
Aivars Sterns
69ea28e187
Merge pull request #2827 from mattymo/testpr
...
wip pr for improved cert sync
2018-06-04 12:43:00 +03:00
Ben Meier
2f5a9e180c
kubernetes/client: kubeconfig template should use the access_ip for the chosen master node
2018-06-04 09:51:05 +01:00