Matthew Mosesohn
3f274115b0
Generate individual certificates for k8s hosts
2017-01-11 12:58:07 +03:00
Bogdan Dobrelya
5af2c42bde
Better fix for different CoreOS os family facts
...
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2017-01-05 16:32:08 +01:00
Bogdan Dobrelya
f7447837c5
Rename CoreOS fact
...
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
2017-01-05 14:02:29 +01:00
Matthew Mosesohn
6d9cd2d720
Fix calico-rr to use etcd certs instead of kube certs
2016-12-27 17:04:50 +03:00
Aleksandr Didenko
d57c27ffcf
Add calico/routereflector support
...
Add BGP route reflectors support in order to optimize BGP topology
for deployments with Calico network plugin.
Also bump version of calico/ctl for some bug fixes.
2016-12-14 13:44:10 +01:00
Bogdan Dobrelya
8cc84e132a
Add tags
...
Add tags to allow more granular tasks filtering.
Add generator script for MD formatted tags found.
Add docs for tags how-to.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
2016-12-09 12:14:28 +01:00
Matthew Mosesohn
46ee9faca9
Fix ca certificate loading on CoreOS
2016-11-14 08:47:09 +04:00
Matthew Mosesohn
c7b00caeaa
Use tar+register instead of copy/slurp for distributing tokens and certs
...
Related bug: https://github.com/ansible/ansible/issues/15405
Uses tar and register because synchronize module cannot sudo on the
remote side correctly and copy is too slow.
This patch dramatically cuts down the number of tasks to process
for cert synchronization.
2016-10-26 15:46:18 +03:00
Matthew Mosesohn
0e9d1e09e3
Sync master tokens only with those in play_hosts
2016-10-21 14:43:41 +03:00
Matthew Mosesohn
84052ff0b6
use nginx proxy on non-master nodes to proxy apiserver traffic
...
Also adds all masters by hostname and localhost/127.0.0.1 to
apiserver SSL certificate.
Includes documentation update on how localhost loadbalancer works.
2016-10-05 20:09:10 +03:00
Paul Czarkowski
d8bebcd201
Fix issue with check_certs playbook
...
check_certs task "Check_certs | Set 'sync_certs' to true" was failing
due to the dict not existing, this sets defaults that allows the
correct behavior of the conditionals.
2016-05-15 17:15:59 -05:00
Smana
ae5ff890d4
fix flannel deployment, remove docker bridge before restarting
2016-05-13 18:10:00 +02:00
Smana
1884d89d3b
fixes the certs issue when masters or not in the kube-node group
2016-05-12 10:07:34 +02:00
Smaine Kahlouch
ed95f9ab81
Merge pull request #232 from rsmitty/issue-231
...
Issue 231: ensure ca.pem makes it to multi-masters
2016-05-11 21:24:04 +02:00
Spencer Smith
9f8466a186
ensure ALL certs are synced between masters
2016-05-11 10:09:13 -07:00
Spencer Smith
743ad0eb5c
s/sync_certs/sync_tokens
2016-05-11 09:38:26 -07:00
Spencer Smith
5253b3ec13
ensure ca.pem makes it to multi-masters
2016-05-11 09:06:08 -07:00
Smana
4f627baf71
generate secrets on first master
2016-05-07 21:08:29 +02:00
Smana
48a85ce8f8
use docker repository to install on CentOS
2016-04-11 11:17:14 +02:00
Smana
5c22133492
fix add nodes to the cluster
2016-04-08 07:45:39 +02:00
Smana
850b7466cd
remove deprecation warns and update doc
2016-04-04 10:14:56 +02:00
teuto.net Netzdienste GmbH
457ed11b49
fixed deprecation warnings regarding bare variables
2016-03-30 10:23:43 +02:00
Smana
91fca69aa0
generate secrets on deployment machine
...
test travis with sudo=true instead of required
2016-02-13 06:51:54 +01:00