Junho Suh
076f254a67
Add cilium_tunnel_mode variable to the cilium config ( #5295 )
2019-11-11 03:19:42 -08:00
Dmitry Chusovitin
45d151a69d
containerd installation on Debian ( #5326 )
2019-11-11 02:41:41 -08:00
Matthew Mosesohn
bd014c409b
Skip coredns image when evaluating kubeadm images ( #5327 )
...
It will be enabled correctly in downloads
Change-Id: Ief0b7aa2a8ee2ba6a6849820802f8542584b2c04
Related-story: PRODX-1171
2019-11-09 00:51:39 -08:00
Matthew Mosesohn
1c25ed669c
Remove unnecessary and risky reload network for resolvconf propagation ( #5322 )
...
Change-Id: I54d706f7941b4b86c4c6cd45340295577155b884
2019-11-06 10:11:52 -08:00
Matthew Mosesohn
a005d19f6f
Enable systemd-resolved DNS resolution mode ( #5318 )
...
Change-Id: If3e253a40782e03cde7fc4a91493517ae31fda17
2019-11-06 03:33:52 -08:00
Matthew Mosesohn
471589f1f4
Scale down coredns created by kubeadm upgrade to 0 replicas ( #5308 )
...
Change-Id: I128b0f9c1acbb956d9a6c4e5510b45a36e296af7
2019-11-05 03:34:38 -08:00
Ali Sanhaji
b0ee1f6cc6
Deploy Cinder CSI driver to provision volumes over OpenStack ( #5184 )
...
* Deploy Cinder CSI driver to provision volumes over OpenStack
* Deploy Cinder CSI StorageClass
* Cinder CSI doc
2019-11-01 00:59:24 -07:00
Matthew Mosesohn
186ec13579
Fix incorrect suggestion to enable old k8s apis ( #5292 )
...
Change-Id: If965cc6aa0daaca232dcf2ca0efd649aa097497f
2019-10-30 01:58:53 -07:00
Matthew Mosesohn
2c4e6b65d7
Raise delay and retry for rotate tokens ( #5304 )
...
Change-Id: I87844b43b9a18064e7a99567ce57c1ca1ffcc4a8
2019-10-30 01:56:52 -07:00
Matthew Mosesohn
94d4ce5a6f
Retry cleaning up calico-node container ( #5302 )
...
Change-Id: Iad27b107860213759c7ae51f0891d7e5e7c6d96b
2019-10-28 05:11:25 -07:00
Matthew Mosesohn
81da231b1e
Set cluster DNS in kubeadm config for kubelet dynamic config ( #5293 )
...
Change-Id: I23116efefe8626d361d1904fc6fb8448f66cf3c5
2019-10-25 02:23:40 -07:00
Matthew Mosesohn
a1fff30bd9
Generate TLS certs for calico typha ( #5258 )
...
* Generate TLS certs for calico typha
Change-Id: I3883f49c124c52d0fc5b900ca2b44e4e2ed0d707
* Add group vars note
Change-Id: I63550dfef616e884efdbd42010a90b2c04c5eb69
2019-10-17 07:02:38 -07:00
Sergey
81d57fe658
set calico_datastore default value in role kubespray-default ( #5259 )
2019-10-17 05:58:38 -07:00
Sergey
3118437e10
check on all cluster node - kubelet_max_pods <= (2 ** (32 - kube_network_node_prefix | int)) - 2 ( #5279 )
2019-10-17 05:48:38 -07:00
Sergey
65e461a7c0
download container always been on download_delegate host ( #5177 )
...
* download container always been on download_delegate host
* fix also check pull required
2019-10-17 05:38:38 -07:00
Michael Oglesby
c672681ce5
Revert Pull Request #5084 ( #5120 )
...
Kubespray Pull Request #5084 (https://github.com/kubernetes-sigs/kubespray/pull/5084 ) caused more problems than it solved due to limitations with the synchronize module. See comments on Kubespray Issues #5059 (https://github.com/kubernetes-sigs/kubespray/issues/5059 ) and #5116 (https://github.com/kubernetes-sigs/kubespray/issues/5116 ). Details from Ansible documentation: "Currently, synchronize is limited to elevating permissions via passwordless sudo. This is because rsync itself is connecting to the remote machine and rsync doesn’t give us a way to pass sudo credentials in. ... Currently there are only a few connection types which support synchronize (ssh, paramiko, local, and docker) because a sync strategy has been determined for those connection types. Note that the connection for these must not need a password as rsync itself is making the connection and rsync does not provide us a way to pass a password to the connection. ..." Thus, reverting Pull Request #5084 .
2019-10-17 05:26:37 -07:00
yelhouti
d332a254ee
install python3 instead of python2 for fedora >= 30 fixes 5056, fixes 4802 ( #5111 )
2019-10-17 05:04:38 -07:00
Matthew Rapa
3debb8aab5
add KUBELET_VOLUME_PLUGIN to kubelet.env ( #5128 )
2019-10-16 20:08:38 -07:00
YichenWong
aada6e7e40
Add etcd_data_dir variable to the kubeadm config ( #5263 )
2019-10-16 19:50:39 -07:00
Matthew Mosesohn
ac60786c6f
Add support for restart handlers for control plane on crio/containerd ( #5250 )
...
* Add support for restart handlers for control plane on crio/containerd
Change-Id: I8343cc4e9df7f55b732628ed01cc6e7ea5dcee85
* Update main.yml
2019-10-16 18:58:39 -07:00
Hugo Blom
db33dc6938
Add support for Kubernetes 1.16.2 ( #5272 )
...
* Add support for Kubernetes 1.16.1
* Defaults to 1.16.1
* add 1.16.2 checksums and set new version as default
* correct 1.16.2 checksums and add 1.15.5 checksums
2019-10-16 18:34:38 -07:00
Hugo Blom
9dfb25cafd
fix typo ( #5275 )
2019-10-16 18:26:38 -07:00
Maxime Guyot
df8d2285b6
Update ingress-nginx to v0.26.1 ( #5268 )
2019-10-16 18:22:39 -07:00
Matthew Mosesohn
af6456d1ea
Fix selector for calico-typha deployment ( #5253 )
...
Change-Id: I79f43379cbe1c495cb416f0572e65f695d5ec2b8
2019-10-16 07:53:42 -07:00
Maxime Guyot
6f57f7dd2f
Update nginx image to latest ( #5270 )
2019-10-16 04:37:42 -07:00
Xiaodu
bec23c8a41
Add k8s v1.15.4 hashes ( #5235 )
2019-10-16 04:33:41 -07:00
Robin Elfrink
faaff8bd72
Add RotateCertificates to kubelet config if kubelet_rotate_certificates is set. ( #5152 )
...
Signed-off-by: Robin Elfrink <robin.elfrink@eu.equinix.com>
2019-10-16 04:31:41 -07:00
andreyshestakov
8031c6c1e7
Update template for dashboard to support v2.x ( #5187 )
...
Secrets and ConfigMap should be created before dashboard pod run.
2019-10-16 04:29:41 -07:00
Erwan Miran
9d8fc8caad
Fix getting nameserver and search for /etc/resolv.conf with comments ( #5197 )
2019-10-16 04:27:40 -07:00
Qingkun Li
a51b729817
add ignore_errors to the kube-proxy deletion task ( #5236 )
...
When using cluster.yml or scale.yml to add/scale nodes in the existing
k8s cluster, the `kubeadm init` wouldn't run. As a result, kube-proxy
wouldn't be created, and therefore the kube-proxy deletion task would
fail, e.g. in the case where kube-router is used and "kube_proxy_remove"
is set to true. As a workaround, add ignore_errors to the kube-proxy
deletion task.
2019-10-16 04:23:40 -07:00
Maxime Guyot
19bc79b1a6
Update cert-manager to v0.11.0 ( #5269 )
2019-10-16 04:21:40 -07:00
Sergey
932935ecc7
fix wrong path in include install_host.yml in etcd role ( #5256 )
2019-10-13 18:16:34 -07:00
BenoitBOULANGER
e01118d36d
Fix issue in remove-node/post-remove task ( #5185 ) ( #5186 )
2019-10-10 05:17:43 -07:00
Matthew Mosesohn
dea9304968
Enable openstack_cacert to be either file or base64 string ( #5243 )
2019-10-09 02:19:49 -07:00
Matthew Mosesohn
2864e13ff9
Reset between kubeadm secondary control plane join attempts ( #5240 )
...
Change-Id: Ic9425bf90552d7e3d42b02409af9773d99376384
2019-10-08 00:15:12 -07:00
Erwan Miran
0ba336b04e
install helm client separately ( #5212 )
2019-10-04 05:14:02 -07:00
Matthew Mosesohn
89f1223f64
Fix selector workaround for helm install ( #5237 )
...
Change-Id: I826337b59814674c3feb4cd6a4904d9d53e01652
2019-10-03 23:41:56 -07:00
陈谭军
8bc0710073
clean up document ( #5214 )
2019-10-02 04:41:07 -07:00
Matthew Mosesohn
fb591bf232
Apply workaround for NetworkManager and calico ( #5230 )
...
Change-Id: I5cb2bdf1a57707c1b8da3e5ac0c80e5c353480a4
2019-10-02 04:37:07 -07:00
Matthew Mosesohn
a43e0d3f95
Switch to Kubernetes v1.16.0 ( #5189 )
...
* Switch to Kubernetes v1.16.0
Change-Id: I5d6a9528b2d443750fc5e031aff15ad3ffead158
* Fix download localhost cached file path
Change-Id: I65e79b70e3d1b37265ebc60f41b460cf4b0a0d47
* fix kubeadm etcd for v1.16
Change-Id: I6888a00fd48b530a38b0b31c4095492476af42d2
* disable tf packet jobs
Change-Id: I075c4666547fdea4c50ec04864f38e2cfaa79154
* Disable contiv packet jobs. Fix kube-router
Change-Id: I3170e8789e60711d4cee8faf65f2094480b79b8d
* bump sonobuoy version
Change-Id: Ib946905629c7c53ed88f08fb2f41c454457a0097
2019-10-02 02:21:07 -07:00
陈谭军
99dbc6d780
clean-up doc,spelling mistakes ( #5206 )
2019-09-26 04:25:08 -07:00
Richard Scott
75e4cc2fd9
Updated kubectl.sh ( #5156 )
...
The script is not usable unless you are in the '.vagrant/provisioners/ansible/inventory/artifacts' folder.
This update makes this usable from anywhere.
2019-09-26 04:23:07 -07:00
Etienne Champetier
81cb302399
MetalLB: fail if kube_proxy_strict_arp is false ( #5180 )
...
When using IPVS, kube_proxy_strict_arp = true is required
https://github.com/danderson/metallb/issues/153#issuecomment-518651132
Add kube_proxy_strict_arp to inventory/sample
2019-09-26 04:21:06 -07:00
陈谭军
3bcdf46937
fix-up some spelling mistakes ( #5202 )
2019-09-25 23:27:08 -07:00
Sergey
1cf6a99df4
generate kubeadm download image list with options useHyperKubeImage ( #5203 )
2019-09-25 18:03:06 -07:00
Erwan Miran
f18e77f1db
Blocksize for calico default pool should be configurable ( #5198 )
2019-09-25 04:44:00 -07:00
陈谭军
2fc02ed456
fix-typo ( #5199 )
2019-09-25 04:04:00 -07:00
pando85
9db61c45ed
Upgrade nodelocaldns to 1.15.5 ( #5191 )
2019-09-22 20:13:22 -07:00
Sergey
8cb54cd74d
fix broken scale procedure: ( #5193 )
...
- do not run etcd role when etcd_kubeadm_enabled == true
- remove default value 'systemd' for cgroup driver in containerd role.
this value override autodetect in kubelet_cgroup_driver_detected from docker info
2019-09-22 01:07:22 -07:00
Florent Monbillard
a3f1ce25f8
Add support for k8s v1.14.6 ( #5182 )
2019-09-18 02:53:30 -07:00