Commit graph

3350 commits

Author SHA1 Message Date
Rong Zhang
f453567cce
Merge pull request #3144 from riverzhang/fix-audit-log
Fix install audit failed
2018-08-23 14:41:37 +08:00
rongzhang
5a4352657d Fix install audit failed
1.fix audit log not write
2.fix Parameter not recognized
3.delete kubedm futuregates auditing and use apiServerExtraArgs
2018-08-23 01:47:15 +08:00
Antoine Legrand
7a2cfb8578
Merge pull request #3102 from mirwan/psp
PodSecurityPolicy admission controller support
2018-08-22 18:37:40 +02:00
Erwan Miran
a6a14e7f77 create the service account and roles even if the rbac is not enabled. it will just be ignored 2018-08-22 18:17:11 +02:00
Erwan Miran
80cfeea957 psp, roles and rbs for PodSecurityPolicy when podsecuritypolicy_enabled is true 2018-08-22 18:16:13 +02:00
Antoine Legrand
4eea7f7eb9
Merge pull request #3152 from johnzheng1975/cilium_1.2.0
new cilium stable version: 1.2.0
2018-08-22 17:11:42 +02:00
Antoine Legrand
3c59657f59
Merge pull request #3165 from hadrien-toma/patch-1
Update ansible.md
2018-08-22 16:58:29 +02:00
Hadrien TOMA
6598beb804
Update ansible.md 2018-08-22 16:40:17 +02:00
Antoine Legrand
32049efbc2
Merge pull request #3162 from kubernetes-incubator/add-ubuntu1804-ci
Add ubuntu18 ci job
2018-08-22 16:27:19 +02:00
Antoine Legrand
78be27e18f Add ubuntu18 job 2018-08-22 16:02:07 +02:00
Antoine Legrand
7eb4d7bb19
Merge pull request #3155 from alvistack/rbac_enabled
Always create service account even rbac_enabled = false
2018-08-22 13:26:20 +02:00
john
7e2e3ddd32 update new cilium version 1.2.0 in README.md 2018-08-22 15:29:42 +08:00
Wong Hoi Sing Edison
c3b3572025 Always create service account even rbac_enabled = false 2018-08-22 11:41:29 +08:00
john
6df71956c4 new cilium stable version: 1.2.0 2018-08-22 10:52:24 +08:00
Antoine Legrand
7398858572
Merge pull request #3141 from qeqar/bad-hostname
allow '.' in hostnames for verify bad hostnames
2018-08-21 11:39:49 +02:00
Mark Eisenblaetter
0c0a2138d9 allow '.' in hostnames
we use FQDN as inventory_hostname
2018-08-21 08:24:33 +02:00
Mark Eisenblätter
08353f291b scaling: issue etcd certs for new nodes (#3125) 2018-08-20 14:40:44 +03:00
Andreas Krüger
497db69c9f
Merge pull request #3130 from riverzhang/add-control-plane
Add kubeadm controlplaneEndpoint
2018-08-20 10:43:50 +02:00
Andreas Krüger
c7de737551
Merge pull request #3133 from mirwan/auditlog_to_stdout_w_kubeadm
Audit log to stdout with kubeadm
2018-08-20 10:43:22 +02:00
Andreas Krüger
69749a5b7b
Merge pull request #3132 from mirwan/custom_audit_policy
Custom audit policy
2018-08-20 10:42:38 +02:00
Andreas Krüger
b3e32c1393
Merge pull request #3094 from hedayat/master
Add --dns-loop-detect to dnsmasq used in kube-dns
2018-08-20 09:27:15 +02:00
Erwan Miran
fc38b6d0ca Ability to define custom audit polcy rules 2018-08-20 07:04:56 +02:00
Erwan Miran
c34900e569 Define apiserver flags directly instead of relying on auditPolicy section in order to have the ability to redirect audit log to stdout with kubeadm 2018-08-20 07:00:53 +02:00
Rong Zhang
855f2a55cb
Merge pull request #3135 from ishitatsuyuki/patch-1
Add bad hostname preflight check
2018-08-20 12:08:02 +08:00
Rong Zhang
ea35e6be9b
Merge pull request #3139 from alvistack/cephfs-provisioner-v2.0.1-k8s1.11
cephfs-provisioner: Upgrade to v2.0.1-k8s1.11
2018-08-20 12:04:53 +08:00
Wong Hoi Sing Edison
71fdc257bc cephfs-provisioner: Upgrade to v2.0.1-k8s1.11 2018-08-20 11:55:04 +08:00
Rong Zhang
fd16f77e20
Merge pull request #3017 from seungkyua/fix_kubeadm_client_conf
Fix kubeadm client conf
2018-08-20 10:51:02 +08:00
Tatsuyuki Ishi
3eef8dc8d0 Add bad hostname preflight check
Hostname must be a valid DNS name, which is checked as https://github.com/kubernetes/apimachinery/blob/master/pkg/util/validation/validation.go#L115

The situation I have encountered is that my hostname contained underscore which is disallowed and apiserver refused to start.
2018-08-20 09:09:00 +09:00
rongzhang
59176ebbb9 Add kubeadm controlplaneEndpoint
Nginx LB(default)
Other LB by kubeadm controlplane
2018-08-20 00:57:13 +08:00
Rong Zhang
3663061b38
Merge pull request #3137 from riverzhang/packages
Fix install nss
2018-08-20 00:47:53 +08:00
rongzhang
b421d0ed5b Fix install nss 2018-08-20 00:07:31 +08:00
Rong Zhang
f7097fbe07
Merge pull request #3134 from riverzhang/image
Fix pull dns image error
2018-08-19 23:29:57 +08:00
rongzhang
35efc387c4 Fix pull dns image error 2018-08-19 22:47:17 +08:00
Rong Zhang
fb309ca446
Merge pull request #3128 from riverzhang/delete-kubeadm
Remove unused configuration
2018-08-19 10:01:33 +08:00
Antoine Legrand
c833a8872b
Merge pull request #3131 from 3cky/patch-1
Fix k8s-dns-dnsmasq-nanny repo path
2018-08-19 01:31:45 +02:00
Antoine Legrand
1d4f88eea8
Fix typo in image url 2018-08-19 01:30:54 +02:00
Victor Antonovich
e9b8c8956d
Fix k8s-dns-dnsmasq-nanny repo path 2018-08-19 00:01:19 +03:00
rongzhang
095ccef8bd Remove unused configuration 2018-08-19 01:23:20 +08:00
Rong Zhang
0df969ad19
Merge pull request #3117 from mirwan/audit_usecases
Audit support improvement
2018-08-19 01:13:22 +08:00
Antoine Legrand
3e5b6a5481
Merge pull request #3105 from mirwan/remove_cilium_device_at_reset_plus_move_network_to_network_plugin_roles
Move network_plugin specific reset tasks to its role directory
2018-08-17 22:27:16 +02:00
Antoine Legrand
3201f17058
Merge pull request #3119 from hoatle/improvements/ansible-ignored-patterns
add ignore_patterns to ansible.cfg
2018-08-17 22:13:16 +02:00
Antoine Legrand
c36744e96d
Merge pull request #3120 from alvistack/cephfs-provisioner-v2.0.0-k8s1.11
cephfs-provisioner: Upgrade to v2.0.0-k8s1.11
2018-08-17 22:11:15 +02:00
Antoine Legrand
e51c5dc0a6
Merge pull request #3123 from mathieuherbert/until-restart-etcd
add until option for etcd backup commands
2018-08-17 22:09:08 +02:00
Antoine Legrand
d297b82e82
Merge pull request #3126 from LuckySB/etcd_restart_on_update
add etcd version to etcd environment file to trigger a reload
2018-08-17 22:05:34 +02:00
Antoine Legrand
ca649b57e6
Merge pull request #1942 from jerrypeng/patch-1
SERIOUS Bug in download main.yml
2018-08-17 18:23:05 +02:00
Antoine Legrand
2c587f9ea5
Merge pull request #2104 from xd007/multi-arch-support
add support for non-amd64 arch gcr.io images
2018-08-17 16:38:14 +02:00
Erwan Miran
98b818bbaf comply with ansible syntax consistency guideline 2018-08-17 16:37:33 +02:00
Antoine Legrand
26bf719a02
Merge branch 'master' into multi-arch-support 2018-08-17 16:35:50 +02:00
Antoine Legrand
7e37aa4aca
Merge pull request #2103 from xd007/docker_aarch64_pkg
Update docker package info for aarch64
2018-08-17 16:26:56 +02:00
Sergey Bondarev
ce6854e726 add version to environment file
Trigger reboot handler when version upgrade during update script
2018-08-17 17:25:35 +03:00