Commit graph

1997 commits

Author SHA1 Message Date
Andreas Krüger
d73d60c9b0
Merge pull request #2600 from maximegaillard/master
Add Openstack tenant name
2018-05-08 12:03:01 +02:00
Andreas Krüger
004b4a0436
Merge pull request #2729 from Ashon/issues/fix-python-compat
Use 'items()' for python compatibility
2018-05-08 12:02:28 +02:00
Andreas Krüger
67ce8925e4
Merge pull request #2742 from woopstar/coredns-update
Update CoreDNS to version 1.1.2
2018-05-08 12:01:42 +02:00
Michal Rostecki
066016cd3e opensuse: Fix OpenSSL package name
OpenSSL 1.1 package in openSUSE Tumbleweed is named openssl-1_1,
not openssl-1_1_0.
2018-05-08 10:03:30 +02:00
Andreas Krüger
28d6eb6af1
Merge pull request #2644 from cp3hu/master
Fix apiserver manifest and kubelet for kube version < 1.9
2018-05-08 09:22:36 +02:00
woopstar
1a47a9b850 Update CoreDNS to version 1.1.2 2018-05-08 09:14:01 +02:00
Miouge1
70e0998a70 Update kube-scheduler policy 2018-05-03 21:56:51 +02:00
Chad Swenson
595e96ebf1
Merge pull request #2693 from romaindequidt/sync-certs-tasks-fix
sync certs tasks (fix #2596 #2667)
2018-05-02 12:17:23 -05:00
woopstar
4c81cd2a71 Merge branch 'master' of https://github.com/kubernetes-incubator/kubespray into etcd-fix-4 2018-05-02 14:45:58 +02:00
Andreas Kruger
32a8ea8094 Fix wrong var used 2018-05-02 12:44:05 +02:00
ashon
fb465f8b4b Use 'items()' for python compatibility 2018-05-01 16:55:50 +09:00
Wong Hoi Sing Edison
3501eb6916 ingress-nginx: Upgrade to 0.14.0 2018-05-01 15:42:07 +08:00
Maxime Gaillard
00db751646 Add Openstack tenant name 2018-05-01 09:21:37 +02:00
Tomasz Majchrowski
59789ae02a ISSUE-2706: Provide consistent usage of supplementary_addresses_in_ssl_keys across vault and script mode (#2707) 2018-04-30 14:48:17 +03:00
Andreas Krüger
414e420bd2
Merge pull request #2701 from desaintmartin/netchecker-update
Update netchecker to v1.2.2.
2018-04-30 10:55:18 +02:00
Andreas Krüger
03de4c0806
Merge pull request #2695 from suzutan/add-oidc-prefix-args
Add oidc-user-prefix and oidc-group-prefix args
2018-04-30 09:17:02 +02:00
Andreas Krüger
4fb8e6d455
Merge pull request #2653 from kidk/fixed-incorrect-mem-tag
Replaced 'mem' with 'memory/ in elasticsearch and kibana deployment
2018-04-30 09:14:15 +02:00
mirwan
06cdb260f6 labelvalue must be formatted to handle non string values (#2722) 2018-04-29 19:02:14 +03:00
mirwan
c3c5817af6 sysctl file should be in defaults so that it can be overriden (#2475)
* sysctl file should be in defaults so that it can be overriden

* Change sysctl_file_path to be consistent with roles/kubernetes/preinstall/defaults/main.yml
2018-04-27 18:50:58 +03:00
Markos Chandras
9168c71359 Revert "Revert "Add openSUSE support" (#2697)" (#2699)
This reverts commit 51f4e6585a.
2018-04-26 12:52:06 +03:00
Matthew Mosesohn
1a14f1ecc1
Fix vol format for local volume provisioner in rkt (#2698) 2018-04-24 20:32:08 +03:00
Cédric de Saint Martin
44cb126e7d Update netchecker to v1.2.2.
Using official image from mirantis at dockerhub.
2018-04-24 09:13:56 +02:00
Matthew Mosesohn
51f4e6585a
Revert "Add openSUSE support" (#2697) 2018-04-23 14:28:24 +03:00
Suzuka Asagiri
f81e6d2ccf
Add oidc-user-prefix and oidc-group-prefix args 2018-04-23 12:23:59 +09:00
Romain DEQUIDT
80dd230a65 sync certs tasks (fix #2596 #2667) 2018-04-22 10:00:31 +02:00
Paul Montero
75950344fb
run_once pre_upgrade tasks which are executing in localhost 2018-04-19 11:38:13 -05:00
Matthew Mosesohn
0945eb990a
Make it possible to skip docker role as a var (#2686) 2018-04-19 16:47:20 +03:00
Andreas Krüger
a498cc223b
Merge pull request #2673 from hswong3i/cephfs-provisioner-a71a49d4
cephfs-provisioner: Upgrade to a71a49d4
2018-04-19 11:39:10 +02:00
Andreas Krüger
9707aa8091
Merge pull request #2677 from woopstar/bootstrap-fix-1
Properly check need_pip, always run pip to check if needed
2018-04-19 09:23:26 +02:00
Spencer Smith
49c6bf8fa6 support custom env vars for etcd 2018-04-18 14:03:24 -04:00
Samuel Vandamme
296b92dbd4 Replaced 'mem' with 'memory/ in elasticsearch and kibana deployment 2018-04-18 11:25:29 +02:00
Andreas Krüger
b2756d148a
Merge pull request #2671 from hswong3i/cert-manager-0.2.4
cert-manager: Upgrade to v0.2.4
2018-04-18 10:17:39 +02:00
woopstar
756af57787 Properly check need_pip, always run pip to check if needed
pip was always being downloaded on subsequent runs, This PR always runs the pip command, and checks the rc of it before downloading pip

Fix in favor of #2582
2018-04-18 10:15:46 +02:00
Andreas Krüger
cb7096f2ec
Merge pull request #2672 from hswong3i/ingress-nginx-0.13.0
ingress-nginx: Upgrade to 0.13.0
2018-04-18 10:10:13 +02:00
Wong Hoi Sing Edison
d435e17681 cephfs-provisioner: Upgrade to a71a49d4 2018-04-17 13:41:34 +08:00
Wong Hoi Sing Edison
23e9737b85 ingress-nginx: Upgrade to 0.13.0 2018-04-17 12:19:44 +08:00
Wong Hoi Sing Edison
54beb27eaa cert-manager: Upgrade to v0.2.4 2018-04-17 12:08:10 +08:00
Wong Hoi Sing Edison
7968437a65 Weave: Upgrade to 2.3.0 2018-04-17 08:51:24 +08:00
Aivars Sterns
4b4786f75d
Merge pull request #2381 from vikas027/inventory_fixes
Replaced ansible_ssh_host with ansible_host in sample inventory file and fixed usage of bastion
2018-04-16 10:06:19 +03:00
Matthew Mosesohn
02cd5418c2
Weave limits (#2660)
* Raise limits for weave

* Adjust weave limits
2018-04-15 18:32:49 +03:00
Matthew Mosesohn
49e3665d96
Remove prometheus operator from Kubespray (#2658)
Kubespray should not install any helm charts. This is a task
that a user should do on his/her own through ansible or another
tool. It opens the door to wrapping installation of any helm
chart.
2018-04-13 18:53:39 +03:00
Matthew Mosesohn
e95ba800ea
Define local volume provisioner dirs in defaults (#2656) 2018-04-13 17:23:10 +03:00
Aivars Sterns
5d9bb300d7
Merge pull request #2646 from Atoms/fix-sync-container
move when condition to main.yml
2018-04-13 09:10:21 +03:00
Matthew Mosesohn
f73717ea35
Mount local volume provisioner dirs for containerized kubelet (#2648) 2018-04-12 22:55:13 +03:00
Aivars Sterns
1967963702
Merge pull request #2380 from hwoarang/add-opensuse-support
Add openSUSE support
2018-04-12 20:28:50 +03:00
Chad Swenson
d87b6fd9f3 Use dedicated front-proxy-ca for front-proxy-client 2018-04-12 11:03:22 -05:00
Chad Swenson
a6a47dbc96
Merge pull request #2617 from bradbeam/savaultcert
Adding missing service-account certificate for vault
2018-04-12 11:02:24 -05:00
Matthew Mosesohn
61791bbb3d Remove condition for docker pull when using download delegate 2018-04-12 19:01:13 +03:00
Aivars Sterns
298c6cb790
Merge pull request #2633 from grebois/patch-3
Enabling MutatingAdmissionWebhook for Istio Automatic sidecar injection
2018-04-12 11:53:58 +03:00
Matthew Mosesohn
3fa7468d54 Copy ca-key.pem to etcd and kube-masters accordingly 2018-04-12 10:17:54 +03:00
Markos Chandras
02bf742e15 roles: rkt: Add support for SUSE distributions
The RPM file that's provided by upstream can be used for SUSE
distributions as well. Moreover we simplify the playbook to use
the 'package' module to install packages across different distros.

Link: https://github.com/rkt/rkt/pull/3904
2018-04-11 20:55:20 +01:00
Markos Chandras
d07f75b389 roles: kubernetes: secrets: Add SUSE support
Add path for certificate location for SUSE distributions. Also make sure
the 'update-ca-certificates' command is executed on SUSE hosts as well.
2018-04-11 20:55:02 +01:00
Markos Chandras
2d34781259 roles: etcd: Add support for SUSE distributions
Add path for certificate location for SUSE distributions. Also make sure
the 'update-ca-certificates' command is executed on SUSE hosts as well.
2018-04-11 20:53:43 +01:00
Markos Chandras
cdb63a8c49 roles: docker: Ensure service is started if docker is already installed
If the 'docker' package is already installed, then the handlers will not
run and the service will not be (re-)started. As such, lets make sure
that the service is started even if the packages are already installed.
2018-04-11 17:46:14 +01:00
Markos Chandras
44a0626fc8 roles: docker: Add support for SUSE distributions
Add support for installing Docker on SUSE distributions. The Docker
repository at https://yum.dockerproject.org/repo/main/ does not support
recent openSUSE distributions so the only alternative is to use the
packages from the distro repositories. This however renders the
'docker_version' Ansible variable useless on SUSE.
2018-04-11 17:46:14 +01:00
Nirmoy Das
45eac53ec7 roles: kubernetes: preinstall: Install openssl-1.1.0 on Tumbleweed
The openssl package on Tumbleweed is actually a virtual package covering
openssl-1.0.0 and openssl-1.1.0 implementations. It defaults to 1.1.0 so
when trying to install it and openssl-1.0.0 is installed, zypper fails
with conflicts. As such, lets explicitly pull the package that we need
which also updates the virtual one.

Co-authored-by: Markos Chandras <mchandras@suse.de>
2018-04-11 17:46:14 +01:00
Markos Chandras
e42203a13e roles: kubernetes: preinstall: Add SUSE support
Add support for installing package dependencies and refreshing metadata
on SUSE distributions

Co-authored-by: Nirmoy Das <ndas@suse.de>
2018-04-11 17:46:14 +01:00
Nirmoy Das
4ba25326ed roles: bootstrap-os: Use 'hostname' command on Tumbleweed
openSUSE Tumbleweed is having the same problems with CoreOS when it
comes to using the hostname ansible module (#1588, #1600) so we need
to apply a similar workaround.

Co-authored-by: Markos Chandras <mchandras@suse.de>
Link: http://bugzilla.opensuse.org/show_bug.cgi?id=997614
2018-04-11 17:46:14 +01:00
Markos Chandras
dca4777347 roles: bootstrap-os: Add support for SUSE distributions
Install some required packages when running on SUSE distributions.
2018-04-11 17:46:14 +01:00
Atoms
6c954df636 move when condition to main.yml 2018-04-11 12:05:33 +03:00
Christian Phu
3535c29e59 Fix apiserver manifest for kube version < 1.9 2018-04-10 18:17:56 +02:00
Marcelo Grebois
88765f62e6
Updating order
https://kubernetes.io/docs/admin/admission-controllers/#is-there-a-recommended-set-of-admission-controllers-to-use
2018-04-10 17:17:39 +02:00
Robin Skahjem-Eriksen
0f35e17e23 Fix new envvar for setting openstack_tenant_id (#2641)
Changed from OS_PROJECT_ID to OS_PROJECT_NAME.
2018-04-10 17:23:31 +03:00
Brad Beam
77b3f9bb97 Removing default for volume-plugins mountpoint (#2618)
All checks test if this is defined meaning there is no way to undefine it.
2018-04-10 17:19:25 +03:00
Matthew Mosesohn
45f15bf753
Revert "Fix new envvar for setting openstack_tenant_id" (#2640) 2018-04-10 14:37:24 +03:00
Aivars Sterns
913cc5a9af
Merge pull request #2639 from ironhouzi/openstack_tenant_id_fix
Fix new envvar for setting openstack_tenant_id
2018-04-10 14:35:28 +03:00
Aivars Sterns
a46acfcdd8
Merge pull request #2627 from mattymo/no_more_do_do
Remove jinja2 dependency of do
2018-04-10 14:32:29 +03:00
Robin Skahjem-Eriksen
0c0f6b755d Fix new envvar for setting openstack_tenant_id
Changed from OS_PROJECT_ID to OS_PROJECT_NAME.
2018-04-10 13:30:48 +02:00
Vikas Kumar
94eb18b3d9 Replaced ansible_ssh_host with ansible_host in sample inventory file as the former is deprecated since Ansible v2.0
Fixed the reference of ansible_user in kubespray-defaults role

References:
 - http://docs.ansible.com/ansible/latest/intro_inventory.html
2018-04-10 15:21:40 +10:00
Marcelo Grebois
4c12b273ac
Enabling MutatingAdmissionWebhook for Istio Automatic sidecar injection
https://istio.io/docs/setup/kubernetes/sidecar-injection.html#automatic-sidecar-injection
2018-04-09 12:49:05 +02:00
Atoms
b68854f79d fix kubectl download location and kubectl.sh helper owner/group remove 2018-04-09 13:19:26 +03:00
Matthew Mosesohn
f954bc0a5a Remove jinja2 dependency of do
While `do` looks cleaner, forcing this extra option in ansible.cfg
seems to be more invasive. It would be better to keep the traditional
approach of `set dummy = ` instead.
2018-04-09 12:27:53 +03:00
rongzhang
66b61866cd Fix check docker error for atomic
Fix issues #2611
2018-04-08 17:53:16 +08:00
Brad Beam
dfc46f02d7 Adding missing service-account certificate for vault
Missed in #2554
2018-04-06 15:29:52 -05:00
Daniel Hoherd
ca40d51bc6 Fix typos (no logic changes) 2018-04-05 15:54:58 -07:00
Chen Hong
973e7372b4 content: | 2018-04-04 23:05:27 +08:00
Chen Hong
b54e091886 Persist ip_vs modules 2018-04-04 18:18:51 +08:00
Andreas Krüger
6c220e4e4b
Merge pull request #2495 from holmsten/rotate-provisioner-token
Rotate local-volume-provisioner token
2018-04-04 10:21:12 +02:00
Andreas Krüger
2511e14289
Merge pull request #2346 from Miouge1/kube-scheduler-mode
Use legacy policy config to apply the scheduler policy
2018-04-04 10:20:51 +02:00
Andreas Krüger
0f5ea5474c
Merge pull request #2593 from vterdunov/fix-check-vsphere_cloud_provider
Properly check vsphere_cloud_provider.rc
2018-04-03 20:35:59 +02:00
Andreas Krüger
6567b8e012
Merge pull request #2590 from hswong3i/istio-download
istio: container download related things should defined in the download role
2018-04-03 13:57:43 +02:00
Wong Hoi Sing Edison
428a554ddb istio: container download related things should defined in the download role 2018-04-03 14:29:50 +08:00
Xiaoxi He
32f4194cf8 Bump ingress-nginx-controller to version 0.12.0 2018-04-03 10:39:17 +08:00
georgejdli
76bb5f8d75 check if dedicated service account token signing key exists 2018-04-02 10:57:24 -05:00
vterdunov
4b98537f79
Properly check vsphere_cloud_provider.rc 2018-04-02 18:45:42 +03:00
Andreas Krüger
cac2196ad5
Merge pull request #2575 from hswong3i/local-volume-provisioner-download
local-volume-provisioner: container download related things should defined in the download role
2018-04-02 10:32:43 +02:00
Andreas Krüger
ba24fe3226
Merge pull request #2570 from avoidik/transfer-cloud-configs
Move cloud config configurations to proper location
2018-04-02 10:31:38 +02:00
Matthew Mosesohn
3004791c64
Add pre-upgrade task for moving credentials file (#2394)
* Add pre-upgrade task for moving credentials file

This reverts commit 7ef9f4dfdd.

* add python interpreter workaround for localhost
2018-04-02 11:19:23 +03:00
Wong Hoi Sing Edison
b1a7889ff5 local-volume-provisioner: container download related things should defined in the download role 2018-04-02 13:50:11 +08:00
woopstar
86e3506ae6 Etcd cluster setup makeover
The current way to setup the etc cluster is messy and buggy.

- It checks for cluster is healthy before the cluster is even created.
- The unit files are started on handlers, not in the task, so you mess with "flush handlers".
- The join_member.yml is not used.
- etcd events cluster is not configured for kubeadm
- remove duplicate runs between running the role on etcd nodes and k8s nodes
2018-04-01 21:38:33 +02:00
Wong Hoi Sing Edison
4f714b07b8 cephfs-provisioner: container download related things should defined in the download role 2018-04-01 20:35:44 +08:00
Wong Hoi Sing Edison
4c0e9ba890 registry: container download related things should defined in the download role 2018-04-01 06:51:57 +08:00
Andreas Krüger
deac627dc7
Merge pull request #2571 from hswong3i/ingress-nginx-download
ingress-nginx: container download related things should defined in the download role
2018-03-31 20:51:50 +02:00
bobahspb
16961f69f2
Merge branch 'master' into master 2018-03-31 21:48:39 +03:00
Andreas Krüger
b9b028a735 Update etcd deployment to use correct cert and key (#2572)
* Update etcd deployment to use correct cert and key

* Update to use admin cert for etcdctl commands

* Update handler to use admin cert too
2018-03-31 14:06:09 -04:00
Wong Hoi Sing Edison
5fe144aa0f ingress-nginx: container download related things should defined in the download role 2018-04-01 00:22:33 +08:00
Andreas Krüger
5b0da4279f
Merge pull request #2543 from hswong3i/cert-manager-0.2.3
Integrate jetstack/cert-manager 0.2.3 to Kubespray
2018-03-31 18:15:25 +02:00
Andreas Krüger
1ac978b8fa
Merge pull request #2567 from mirwan/node_labels_doc_plus_kube_ingress_handling
node_labels documentation and kube-ingress label definition as role_node_label
2018-03-31 18:05:52 +02:00
Wong Hoi Sing Edison
195d6d791a Integrate jetstack/cert-manager 0.2.3 to Kubespray 2018-03-31 19:29:11 +08:00
avoidik
aa301c31d1 Move credential checks into proper folder 2018-03-31 13:29:00 +03:00
Andreas Krüger
d9418b1dc4
Merge pull request #2554 from georgejdli/fix-sa-token-signing
Fix kubespray's ServiceAccount token signing keys
2018-03-31 09:59:22 +02:00
Andreas Krüger
2c89a02db3 Only download container/file if host is in defined group (#2565)
* Only download container/file if host is in defined group

* Set correct when clause

* Fix last entries

* Update download groups
2018-03-30 22:40:01 -04:00
Chad Swenson
0ca08e03af
Merge pull request #2566 from woopstar/etcd-fix-2
Fix etcd from import task to include task
2018-03-30 20:53:32 -04:00
avoidik
15efdf0c16 Move credential checks 2018-03-31 03:26:37 +03:00
avoidik
ab8760cc83 Move credentials pre-check 2018-03-31 03:24:57 +03:00
avoidik
b6da596ec1 Move default configuration parameters for cloud-config 2018-03-31 03:18:23 +03:00
avoidik
3c12c6beb3 Move cloud config configurations to proper location 2018-03-31 02:59:59 +03:00
Erwan Miran
8ece922ef0 node_labels documentation + kube-ingress label handling as role_node_label 2018-03-31 00:36:11 +02:00
Andreas Krüger
887a468d32
Merge pull request #2562 from avoidik/fix-indexes-pr-2251
Fix kubecert_node.results indexes
2018-03-31 00:16:11 +02:00
woopstar
859a7f32fb Fix import task. Has to be include task to evalutate etcd_cluster_setup variable at run time 2018-03-31 00:06:34 +02:00
Andreas Krüger
1f28764ca1
Merge pull request #2512 from woopstar/hyperkube-fix-1
Switch hyperkube from CoreOS to Google
2018-03-30 21:58:03 +02:00
Andreas Krüger
76cb37d6b5
Merge pull request #2544 from woopstar/cert-fix-2
Update openssl.conf to count better and work with Jinja 2.9
2018-03-30 21:57:17 +02:00
Andreas Krüger
7ddd4cd38c
Merge pull request #2561 from rsmitty/no_proxy
only set no_proxy if other proxy vars are defined
2018-03-30 21:43:23 +02:00
Andreas Krüger
c1eb975545
Merge pull request #2557 from chenhonggc/vault_health_check_delay
Maybe vault health check needs delay
2018-03-30 21:39:15 +02:00
georgejdli
572ab650db copy dedicated service account token signing key for kubeadm migration 2018-03-30 13:03:32 -05:00
avoidik
72c2a8982b Fix kubecert_node.results indexes 2018-03-30 17:24:50 +03:00
Spencer Smith
13c57147eb only set no_proxy if other proxy vars are defined 2018-03-30 09:48:55 -04:00
Matthew Mosesohn
03bcfa7ff5
Stop templating kube-system namespace and creating it (#2545)
Kubernetes makes this namespace automatically, so there is
no need for kubespray to manage it.
2018-03-30 14:29:13 +03:00
Andreas Kruger
af5f376163 Revert 2018-03-30 11:42:20 +02:00
woopstar
004b0a3fcf Fix merge conflict 2018-03-30 11:38:59 +02:00
Andreas Kruger
4bb7d2b566 Merge branch 'master' of https://github.com/kubernetes-incubator/kubespray into cert-fix-2 2018-03-30 11:34:05 +02:00
Andreas Krüger
f619eb08b1
Merge pull request #2350 from whereismyjetpack/kubeadm-nodename
set nodeName to "{{ inventory_hostname }}" in kubeadm-config
2018-03-30 11:15:52 +02:00
Andreas Krüger
55195fe546
Merge pull request #2500 from gorazio/patch-1
Add prometheus annotations to spec in ingress
2018-03-30 11:02:31 +02:00
RongZhang
5711074c5a
Merge pull request #2290 from mirwan/node_labels_from_inventory
Node labels definition in kubelet params from inventory
2018-03-30 03:42:52 -05:00
Chen Hong
4a705b3fba May vault health check needs delay 2018-03-30 16:42:08 +08:00
陈宏
4d85e3765e remove redundancy code 2018-03-30 09:19:00 +08:00
Vladimir Vasilkin
f0a04b4d65 wait 5 * 4 secs until Tiller starts 2018-03-30 00:09:36 +03:00
Vladimir Vasilkin
760ca1c3a9 adding checking for prometheus_operator_enabled 2018-03-29 23:03:43 +03:00
Vladimir Vasilkin
23b3833806 running on the first master only. 2018-03-29 22:51:46 +03:00
Kuldip Madnani
daeeae1a91 Added retries in pre-upgrade.yml and retries while applying kube-dns.yml (#2553)
* Added retries in pre-upgrade.yml and retries while applying kube-dns.yml

* Removed trailing spaces
2018-03-29 11:37:32 -05:00
georgejdli
c8f857eae4 configure kubespray to sign service account tokens with a dedicated and stable key 2018-03-29 09:50:31 -05:00
Andreas Krüger
270d21f5c1
Merge pull request #2540 from mattymo/cloud_config_timing
Write cloud-config during kubelet configuration
2018-03-29 09:12:18 +02:00
Andreas Kruger
bf29198efd Fix merge conflict 2018-03-29 09:11:13 +02:00
Kuldip Madnani
9ebbf1c3cd Added a fix in openssl.conf template to check if IP of loadbalncer is available or not. 2018-03-28 16:34:26 -05:00
Chad Swenson
ef7f5edbb3
Remove old docker packages and other docker upgrade fixes (#2536)
* Remove old docker packages

This removes docker packages that are obsolete if docker-ce packages are to be installed, which fixes some package conflict issues that can occur during upgrades.

* Add support for setting obsoletes=0 when installing docker with yum
2018-03-28 15:10:39 -05:00
woopstar
0b5404b2b7 Fix 2018-03-28 20:28:04 +02:00
Vladimir Vasilkin
19e1b11d98 prometheus operator, metrics for k8s cluster
install using Helm:
- Prometheus Operator
- metrics for k8s cluster including: grafana dashboard, alertmanager, node exporters

base project:
https://github.com/coreos/prometheus-operator

the issue:
https://github.com/kubernetes-incubator/kubespray/issues/2042

Previous PR, raw ansible without Helm:
https://github.com/kubernetes-incubator/kubespray/pull/2499
2018-03-28 21:23:30 +03:00
woopstar
0df32b03ca Update openssl.conf to count better and work with Jinja 2.9 2018-03-28 17:48:56 +02:00
Matthew Mosesohn
72a4223884 Write cloud-config during kubelet configuration
This file should only be updated during kubelet upgrade so that
master components are not accidentally restarted first during
preinstall stage.
2018-03-28 16:26:36 +03:00
Andreas Krüger
03117d9572
Merge pull request #2488 from LuckySB/ingress-nginx-node-role
Dedicated node for ingress nginx controller
2018-03-28 14:07:40 +02:00
Wong Hoi Sing Edison
848fc323db Fixup for #2523:
- Rename template for /etc/cni/net.d/00-weave.conflist to 00-weave.conflist.j2
- Apply resources requests/limits to both container weave and weave-npc
2018-03-28 11:16:42 +08:00
Brad Beam
015ea62e92
Merge pull request #2262 from tmjd/calico-canal-v2-6-7
Update Calico and Canal
2018-03-27 21:07:28 -05:00
Andreas Krüger
2ca7087018
Merge pull request #2524 from avoidik/systemd_user_kubelet
Set exact user for Kubelet services
2018-03-27 16:41:10 +02:00
Andreas Krüger
d665f14682
Merge pull request #2526 from mzehrer/patch-1
Remove  kibana_base_url
2018-03-27 12:40:31 +02:00
avoidik
e375678674 Set exact user for Kubelet services 2018-03-27 11:13:52 +03:00
Sergey Bondarev
4f7479d94d add etc tunning options
https://coreos.com/etcd/docs/latest/tuning.html

etcd_snapshot_count
and
ionice priority
2018-03-26 17:25:51 +03:00
Michael Zehrer
b8d1652baf
Remove kibana_base_url
The default for kibana_base_url does not make sense an makes kibana unusable. The default path forces a 404 when you try to open kibana in the browser. Not setting kibana_base_url works just fine.
2018-03-25 16:08:07 +02:00
Andreas Krüger
f7dc73b830
Merge pull request #2521 from f84anton/patch-1
optional calico_ip_auto_method variable with IP_AUTODETECTION_METHOD
2018-03-24 18:37:03 +01:00
Dann Bohn
1d0415a6cf fixes typo in kube_override_hostname for kubeadm 2018-03-24 13:29:07 -04:00
Wong Hoi Sing Edison
3f5c60886b Upgrade Weave to 2.2.1
- Fix #2414, so namespace isolation should now works
- Update weave-net.yml.j2 as per latest https://cloud.weave.works/k8s/net
- Other minor fixup
2018-03-24 17:27:12 +08:00