C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
1413 commits 17 branches 66 tags 141 MiB
Commit graph

1413 commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matthew Mosesohn f5e27f1a21 Merge pull request #1021 from holser/remove_deprecated 
Replace always_run with check_mode
 2017-02-14 11:25:58 +03:00
Matthew Mosesohn bb6415ddc4 Merge pull request #1015 from holser/rkt_ssl_ca_dirs 
Set ssl_ca_dirs for rkt based on fact
 2017-02-14 11:25:17 +03:00
Antoine Legrand e877cd2874 Merge pull request #1024 from holser/bug/961 
Install pip on Ubuntu
 2017-02-13 17:53:57 +01:00
Matthew Mosesohn 203ddfcd43 Merge pull request #1023 from mattymo/fix_dnsmasq_cleanup 
Clean up dnsmasq purge task
 2017-02-13 19:50:01 +03:00
Sergii Golovatiuk 732ae69d22 Install pip on Ubuntu 
Closes: #961
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
 2017-02-13 16:27:09 +01:00
Antoine Legrand 9667ac3baf Merge pull request #1022 from kubernetes-incubator/ant31-patch-1 
Document gitlab-runner.sh
 2017-02-13 15:40:34 +01:00
Matthew Mosesohn b5be335db3 Clean up dnsmasq purge task 2017-02-13 17:30:15 +03:00
Antoine Legrand d33945780d Document gitlab-runner.sh 2017-02-13 15:04:35 +01:00
Sergii Golovatiuk 5f4cc3e1de Replace always_run with check_mode 
always_run was deprecated in Ansible 2.2 and will be removed in 2.4
ansible logs contain "[DEPRECATION WARNING]: always_run is deprecated.
Use check_mode = no instead". This patch fix deprecation.
 2017-02-13 15:00:56 +01:00
Sergii Golovatiuk aeadaa1184 Set ssl_ca_dirs for rkt based on fact 
Since systemd kubelet.service has {{ ssl_ca_dirs }}, fact should be
gathered before writing kubelet.service.

Closes: #1007
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
 2017-02-13 13:28:29 +01:00
Matthew Mosesohn 2f0f0006e3 Merge pull request #988 from mattymo/feat/rolling3 
Add CI cases for testing upgrade from v2.0.1 release
 2017-02-10 18:09:43 +03:00
Matthew Mosesohn de047a2b8c Merge pull request #983 from vwfs/centos_kernel_upgrade 
Add kernel upgrade for CentOS
 2017-02-10 14:40:27 +03:00
Antoine Legrand 86a35652bb Merge pull request #1009 from mattymo/dnsmasq_updates 
Enable reset of dnsmasq if manifest or config changes
 2017-02-10 11:43:09 +01:00
Matthew Mosesohn 6ae70e03cb fixup upgrades for canal and weave 2017-02-10 13:27:41 +03:00
Matthew Mosesohn 779f20d64e Merge pull request #1010 from bogdando/fixes 
Fix misleading HA docs
 2017-02-10 13:01:29 +03:00
Bogdan Dobrelya 89ae9f1f88 Merge pull request #1002 from code0x9/master 
use ansible sysctl module for config ip forwarding
 2017-02-10 10:40:18 +01:00
Bogdan Dobrelya ed1ab11001 Fix misleading HA docs 
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
 2017-02-10 10:28:27 +01:00
Alexander Block d2e010cbe1 Add kernel upgrade for CentOS 2017-02-10 09:29:12 +01:00
Matthew Mosesohn a44a0990f5 Enable reset of dnsmasq if manifest or config changes 2017-02-10 10:40:07 +04:00
Matthew Mosesohn 2f88c9eefe Merge pull request #989 from holser/kubelet_remedy 
Kubernetes Reliability Improvements
 2017-02-10 09:29:29 +03:00
Matthew Mosesohn 60f1936a62 Merge pull request #1004 from galthaus/kubelet-load-modules 
Allow kubelet to load kernel modules
 2017-02-10 09:28:16 +03:00
Matthew Mosesohn ee15f99dd7 Add CI cases for testing upgrade from v2.0.1 release 
These are manual trigger jobs, but should be run if any PR
impacts upgrades.
 2017-02-10 10:20:58 +04:00
Matthew Mosesohn b0ee27ba46 Merge pull request #1006 from mattymo/fix_weave_upgrade 
Enable weave upgrade from previous versions
 2017-02-10 09:03:49 +03:00
Antoine Legrand 067bbaa473 Merge pull request #1001 from idcrook/kargo-issue-1000-efk-enable 
removed explicit role for efk in cluster.yml
 2017-02-10 03:03:18 +01:00
Sergii Golovatiuk c07d60bc90 Kubernetes Reliability Improvements 
- Exclude kubelet CPU/RAM (kube-reserved) from cgroup. It decreases a
  chance of overcommitment
- Add a possibility to modify Kubelet node-status-update-frequency
- Add a posibility to configure node-monitor-grace-period,
  node-monitor-period, pod-eviction-timeout for Kubernetes controller
  manager
- Add Kubernetes Relaibility Documentation with recomendations for
  various scenarios.

Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
 2017-02-09 23:54:08 +01:00
Matthew Mosesohn 29fd957352 Enable weave upgrade from previous versions 
Raise readiness probe initial time to 60 (was 30)
 2017-02-09 21:39:31 +03:00
Matthew Mosesohn ef10ce04e2 Merge pull request #1005 from rutsky/patch-2 
fix kube_apiserver_ip/kube_apiserver_port description
 2017-02-09 21:08:15 +03:00
Vladimir Rutsky f0269b28f4 fix kube_apiserver_ip/kube_apiserver_port description 2017-02-09 21:47:36 +04:00
Matthew Mosesohn 0a7c6eb9dc Merge pull request #998 from mattymo/fix_upgrade_daemonsets 
Fix upgrade for all daemonset type resources
 2017-02-09 20:02:21 +03:00
Greg Althaus 3f0c13af8a Make kubelet_load_modules always present but false. 
Update code and docs for that assumption.
 2017-02-09 10:25:44 -06:00
Greg Althaus fcd78eb1f7 Due to the nsenter and other reworks, it appears that 
kubelet lost the ability to load kernel modules.  This
puts that back by adding the lib/modules mount to kubelet.

The new variable kubelet_load_modules can be set to true
to enable this item.  It is OFF by default.
 2017-02-09 10:02:26 -06:00
Matthew Mosesohn 17dfae6d4e Merge pull request #999 from holser/decrease_weave_ram_limits 
Lower weave RAM settings.
 2017-02-09 13:19:12 +03:00
Mark Lee e414c25fd7 follow sysctl.conf file symlink if linked 2017-02-09 18:16:52 +09:00
Mark Lee 34a71554ae use ansible sysctl module for config ip forwarding 2017-02-09 17:28:44 +09:00
Bogdan Dobrelya 3b1a196c75 Merge pull request #902 from insequent/master 
Adding vault role
 2017-02-09 09:24:52 +01:00
Bogdan Dobrelya 105dbf471e Merge pull request #993 from code0x9/master 
enable proxy support on docker repository
 2017-02-09 09:21:01 +01:00
David Crook d4d9f27a8d removed explicit role for efk in cluster.yml 2017-02-08 20:48:28 -07:00
Antoine Legrand 68df0d4909 Merge pull request #986 from vwfs/dnsmasq_system_nameservers 
Also add the system nameservers to upstream servers in dnsmasq
 2017-02-08 23:21:54 +01:00
Antoine Legrand 9c572fe54b Merge pull request #984 from rutsky/patch-2 
fix typo: "explicetely"
 2017-02-08 23:19:01 +01:00
Josh Conant 245e05ce61 Vault security hardening and role isolation 2017-02-08 21:41:36 +00:00
Josh Conant f4ec2d18e5 Adding the Vault role 2017-02-08 21:31:28 +00:00
Sergii Golovatiuk 4124d84c00 Lower weave RAM settings. 
- Since Weave 1.8.x was rewritten in Golang we may decrease RAM settings
  to continue using g1-small for CI
 2017-02-08 18:50:36 +01:00
Matthew Mosesohn 3c713a3f53 Fix upgrade for all daemonset type resources 
Daemonsets cannot be simply upgraded through a single API call,
regardless of any kubectl documentation. The resource must be
purged and then recreated in order to make any changes.
 2017-02-08 18:16:00 +03:00
Alexander Block 89e570493a Also add the system nameservers to upstream servers in dnsmasq 
Also make no-resolv unconditional again. Otherwise, we may end up in
a resolver loop. The resolver loop was the cause for the piling up
parallel queries.
 2017-02-08 14:38:55 +01:00
Matthew Mosesohn 16674774c7 Merge pull request #994 from mattymo/docker_save 
Change docker save compress level to 1
 2017-02-08 15:13:15 +03:00
Matthew Mosesohn 0180ad7f38 Merge pull request #990 from mattymo/fix_cert_upgrade 
Fix check for node-NODEID certs existence
 2017-02-08 14:44:09 +03:00
Matthew Mosesohn bfd1ea1da1 Merge pull request #971 from bradbeam/efk 
Adding EFK logging stack
 2017-02-08 14:28:04 +03:00
Mark Lee 3eacd0c871 Update rh_docker.repo.j2 2017-02-08 20:03:51 +09:00
Matthew Mosesohn d587270293 Merge pull request #992 from vwfs/host_mount_dev 
Host mount /dev for kubelet
 2017-02-08 13:45:22 +03:00
Matthew Mosesohn 3eb13e83cf Change docker save compress level to 1 
Faster gzip improves CI deploy times by at least 2 mins.

Fixes #982
 2017-02-08 13:25:11 +03:00