C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
3350 commits 17 branches 66 tags 141 MiB
Commit graph

2124 commits

Author SHA1 Message Date
Rong Zhang f453567cce
Merge pull request #3144 from riverzhang/fix-audit-log 
Fix install audit failed
 2018-08-23 14:41:37 +08:00
rongzhang 5a4352657d Fix install audit failed 
1.fix audit log not write
2.fix Parameter not recognized
3.delete kubedm futuregates auditing and use apiServerExtraArgs
 2018-08-23 01:47:15 +08:00
Erwan Miran a6a14e7f77 create the service account and roles even if the rbac is not enabled. it will just be ignored 2018-08-22 18:17:11 +02:00
Erwan Miran 80cfeea957 psp, roles and rbs for PodSecurityPolicy when podsecuritypolicy_enabled is true 2018-08-22 18:16:13 +02:00
Antoine Legrand 4eea7f7eb9
Merge pull request #3152 from johnzheng1975/cilium_1.2.0 
new cilium stable version: 1.2.0
 2018-08-22 17:11:42 +02:00
Wong Hoi Sing Edison c3b3572025 Always create service account even rbac_enabled = false 2018-08-22 11:41:29 +08:00
john 6df71956c4 new cilium stable version: 1.2.0 2018-08-22 10:52:24 +08:00
Mark Eisenblaetter 0c0a2138d9 allow '.' in hostnames 
we use FQDN as inventory_hostname
 2018-08-21 08:24:33 +02:00
Andreas Krüger 497db69c9f
Merge pull request #3130 from riverzhang/add-control-plane 
Add kubeadm controlplaneEndpoint
 2018-08-20 10:43:50 +02:00
Andreas Krüger c7de737551
Merge pull request #3133 from mirwan/auditlog_to_stdout_w_kubeadm 
Audit log to stdout with kubeadm
 2018-08-20 10:43:22 +02:00
Andreas Krüger 69749a5b7b
Merge pull request #3132 from mirwan/custom_audit_policy 
Custom audit policy
 2018-08-20 10:42:38 +02:00
Andreas Krüger b3e32c1393
Merge pull request #3094 from hedayat/master 
Add --dns-loop-detect to dnsmasq used in kube-dns
 2018-08-20 09:27:15 +02:00
Erwan Miran fc38b6d0ca Ability to define custom audit polcy rules 2018-08-20 07:04:56 +02:00
Erwan Miran c34900e569 Define apiserver flags directly instead of relying on auditPolicy section in order to have the ability to redirect audit log to stdout with kubeadm 2018-08-20 07:00:53 +02:00
Rong Zhang 855f2a55cb
Merge pull request #3135 from ishitatsuyuki/patch-1 
Add bad hostname preflight check
 2018-08-20 12:08:02 +08:00
Wong Hoi Sing Edison 71fdc257bc cephfs-provisioner: Upgrade to v2.0.1-k8s1.11 2018-08-20 11:55:04 +08:00
Rong Zhang fd16f77e20
Merge pull request #3017 from seungkyua/fix_kubeadm_client_conf 
Fix kubeadm client conf
 2018-08-20 10:51:02 +08:00
Tatsuyuki Ishi 3eef8dc8d0 Add bad hostname preflight check 
Hostname must be a valid DNS name, which is checked as https://github.com/kubernetes/apimachinery/blob/master/pkg/util/validation/validation.go#L115

The situation I have encountered is that my hostname contained underscore which is disallowed and apiserver refused to start.
 2018-08-20 09:09:00 +09:00
rongzhang 59176ebbb9 Add kubeadm controlplaneEndpoint 
Nginx LB(default)
Other LB by kubeadm controlplane
 2018-08-20 00:57:13 +08:00
rongzhang b421d0ed5b Fix install nss 2018-08-20 00:07:31 +08:00
rongzhang 35efc387c4 Fix pull dns image error 2018-08-19 22:47:17 +08:00
Rong Zhang fb309ca446
Merge pull request #3128 from riverzhang/delete-kubeadm 
Remove unused configuration
 2018-08-19 10:01:33 +08:00
Antoine Legrand 1d4f88eea8
Fix typo in image url 2018-08-19 01:30:54 +02:00
rongzhang 095ccef8bd Remove unused configuration 2018-08-19 01:23:20 +08:00
Rong Zhang 0df969ad19
Merge pull request #3117 from mirwan/audit_usecases 
Audit support improvement
 2018-08-19 01:13:22 +08:00
Antoine Legrand 3e5b6a5481
Merge pull request #3105 from mirwan/remove_cilium_device_at_reset_plus_move_network_to_network_plugin_roles 
Move network_plugin specific reset tasks to its role directory
 2018-08-17 22:27:16 +02:00
Antoine Legrand c36744e96d
Merge pull request #3120 from alvistack/cephfs-provisioner-v2.0.0-k8s1.11 
cephfs-provisioner: Upgrade to v2.0.0-k8s1.11
 2018-08-17 22:11:15 +02:00
Antoine Legrand e51c5dc0a6
Merge pull request #3123 from mathieuherbert/until-restart-etcd 
add until option for etcd backup commands
 2018-08-17 22:09:08 +02:00
Antoine Legrand d297b82e82
Merge pull request #3126 from LuckySB/etcd_restart_on_update 
add etcd version to etcd environment file to trigger a reload
 2018-08-17 22:05:34 +02:00
Erwan Miran 98b818bbaf comply with ansible syntax consistency guideline 2018-08-17 16:37:33 +02:00
Antoine Legrand 26bf719a02
Merge branch 'master' into multi-arch-support 2018-08-17 16:35:50 +02:00
Antoine Legrand 7e37aa4aca
Merge pull request #2103 from xd007/docker_aarch64_pkg 
Update docker package info for aarch64
 2018-08-17 16:26:56 +02:00
Sergey Bondarev ce6854e726 add version to environment file 
Trigger reboot handler when version upgrade during update script
 2018-08-17 17:25:35 +03:00
Antoine Legrand ac49bbb336
Merge pull request #2168 from xd007/docker_arm64 
fix docker opts incompatible running on aarch64 Redhat/Centos
 2018-08-17 16:24:07 +02:00
Antoine Legrand 6c7eabb53b
Merge pull request #2001 from b0r1sp/patch-3 
Quote false and yes, otherwise they'll be transformed to 'False', 'Yes'
 2018-08-17 15:52:15 +02:00
Antoine Legrand 7a0f0126f7
Merge pull request #1295 from xuhuilong/master 
fix curl get calico status error ( error in tls version, centos 7.3 1611)
 2018-08-17 14:29:01 +02:00
Mathieu Herbert 59d89a37cc add until option for etcd backup commands 2018-08-17 11:05:57 +02:00
Wong Hoi Sing Edison 1a07c87af7 cephfs-provisioner: Upgrade to v2.0.0-k8s1.11 
Upstream Changes:

-   cephfs-provisioner v2.0.0-k8s1.11 (https://github.com/kubernetes-incubator/external-storage/releases/tag/cephfs-provisioner-v2.0.0-k8s1.11)
-   Update ClusterRole

Our Changes:

-   Fix typo in defaults/main.yml (rs -> deploy)
-   Manifests cleanup
 2018-08-17 12:41:56 +08:00
Seungkyu Ahn 29894293eb Fix kubeadm client conf 
Fix DiscoveryTokenCACertHashes key to discoveryTokenCACertHashes in kubeadm-client.conf
 2018-08-17 04:40:08 +00:00
Erwan Miran 7f16b46ed5 Reset tasks specific to a network_plugin moved inside its role directory + Reset tasks specific to cilium 2018-08-16 17:34:33 +02:00
Antoine Legrand 58ee5f1cc9
Merge pull request #3089 from mattymo/cloudconfig 
Remove erroneous cloud-config task
 2018-08-16 16:17:01 +02:00
Antoine Legrand 253dc4f606
Merge pull request #3114 from woopstar/coredns-1.2.0 
Update CoreDNS to 1.2.0
 2018-08-16 16:14:13 +02:00
Erwan Miran 54548d3b95 kubeadm mounts the hostpaths itself 2018-08-16 13:17:30 +02:00
Erwan Miran 58d4d65fab minor variable fix and reuse + handle auditlog redirected to stdout 2018-08-16 12:51:09 +02:00
Rong Zhang 364ab2a6b7
Merge pull request #3113 from riverzhang/support-audit 
Support audit
 2018-08-16 15:33:43 +08:00
rongzhang 2ffc1afe40 Support audit 2018-08-16 14:38:07 +08:00
Wong Hoi Sing Edison 18612b3501 cert-manager: Upgrade to 0.4.1 
Upstream Changes:

-   cert-manager 0.4.1 (https://github.com/jetstack/cert-manager/releases/tag/v0.4.1)

Our Changes:

-   Better templates sync with upstream manifests
-   Remove fancy resources requests/limits customization
 2018-08-16 08:47:01 +08:00
Andreas Kruger 9da5d67728 Update CoreDNS to 1.2.0 2018-08-15 13:39:05 +02:00
Wong Hoi Sing Edison bd413e36a3 ingress-nginx: Upgrade to 0.18.0 
Upstream Changes:

-   ingress-nginx 0.18.0 (https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.18.0)
 2018-08-15 11:40:42 +08:00
Chad Swenson 2c5781ace1
Merge pull request #2932 from wiremind/efk-fluentd-no-nodeselector 
fluentd daemonset: do not set old nodeSelector.
 2018-08-14 13:48:30 -05:00