0e3b7127b5
Merge pull request #1167 from mattymo/dnsmasq_when_deploying_master
Change wait for dnsmasq to skip if there are no kube-nodes in play
7 years ago
04746fc4d8
Merge pull request #1163 from mattymo/kvm_setup
Add KVM hypervisor playbook to contrib
7 years ago
463ef3f8bc
Merge pull request #1168 from mattymo/disable_download_delegate
Disable download_run_once and download_localhost for most CI scenarios
7 years ago
3889c2e01c
Add KVM hypervisor playbook to contrib
Optional Ansible playbook for preparing a host for running Kargo.
This includes creation of a user account, some basic packages,
and sysctl values required to allow CNI networking on a libvirt network.
7 years ago
1887e984a0
Change wait for dnsmasq to skip if there are no kube-nodes in play
Also changed unnecessary delay to a max timeout (now defaulting to 1s sleep
between tries)
Also rename play_hosts to ansible_play_hosts
7 years ago
a495bbc1db
Disable download_run_once and download_localhost for most CI scenarios
This adds time to deployment, so we should only test it sparingly during
daily master.
7 years ago
cd429d3654
Merge pull request #1159 from holser/etcd_backup_restore
Backup etcd
7 years ago
771aef0b44
Merge pull request #1162 from holser/bump_coreos_ci
Bump CoreOS stable to latest version
7 years ago
f7ef452d8a
Merge pull request #1160 from mattymo/simpler_idempotency
Make reset check on idempotency check optional
7 years ago
0f64f8db90
Merge pull request #1155 from mattymo/helm
Add helm deployment
7 years ago
c04a6254b9
Backup etcd data before restarting etcd
etcd is crucial part of kubernetes cluster. Ansible restarts etcd on
reconfiguration. Backup helps operator to restore cluster manually in
case of any issues.
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
7 years ago
485e17d6ed
Bump CoreOS stable to latest version
1298.6.0 fixes some sporadic network issues. It also includes docker
1.12.6 which includes several stability fixes for kubernetes.
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
7 years ago
bbb524018e
Make reset check on idempotency check optional
By default we do not test reset.yml now.
7 years ago
859c08620b
Merge pull request #1105 from VincentS/aws_deployment
AWS Terraform for Kargo
7 years ago
f6cd42e6e0
Merge pull request #1158 from rutsky/patch-6
limit jinja2 version to <2.9
7 years ago
61ee67d612
limit jinja2 version to <2.9
Ansible 2.2.1 requires jinja2<2.9, see <https://github.com/ansible/ansible/blob/v2.2.1.0-1/setup.py#L25 >,
but without explicit limiting upper jinja2 version here pip ignores
Ansible requirements and installs latest available jinja2
(pip is not very smart here), which is incompatible with with
Ansible 2.2.1.
With incompatible jinja2 version "ansible-vault create" (and probably other parts)
fails with:
ERROR! Unexpected Exception: The 'jinja2<2.9' distribution was not found
and is required by ansible
This upper limit should be removed in 2.2.2 release, see:
<978311bf3f
7 years ago
939c1def5d
Merge pull request #1152 from mattymo/redhat_weave
Fix weave on RHEL deployment
7 years ago
b7ab80e8ea
Merge pull request #1149 from mattymo/centos-retries
Retry yum/apt/rpm download commands
7 years ago
b69d4b0ecc
Add helm deployment
7 years ago
2f437d7452
Merge pull request #1157 from rutsky/remove-change-k8s-version
remove obsolete script
7 years ago
d761216ec1
remove obsolete script
Currently Kubernetes version can be selected using "kube_version" variable.
7 years ago
088e9be931
Merge pull request #1156 from rutsky/patch-5
fix jinja package name
7 years ago
32ecac6464
fix jinja package name
Jinja 2.* releases are published under `Jinja2` name.
7 years ago
7760c3e4aa
Retry yum/apt/rpm download commands, fix succeeded filter
7 years ago
3cfb76e57f
Merge pull request #1146 from mattymo/resolvconf_optimize
Condense resolvconf sources before starting loop
7 years ago
e1faeb0f6c
Fix weave on RHEL deployment
Reduce retry delay checking weave
Always load br_netfilter module
7 years ago
25bff851dd
Merge pull request #1136 from adidenko/fix-calico-policy-order
Move calico-policy-controller into separate role
7 years ago
3a39904011
Move calico-policy-controller into separate role
By default Calico CNI does not create any network access policies
or profiles if 'policy' is enabled in CNI config. And without any
policies/profiles network access to/from PODs is blocked.
K8s related policies are created by calico-policy-controller in
such case. So we need to start it as soon as possible, before any
real workloads.
This patch also fixes kube-api port in calico-policy-controller
yaml template.
Closes #1132
7 years ago
7e1fbfba64
Merge pull request #1147 from mattymo/calico-update
Update calico to 1.1.0-rc8
7 years ago
a52064184e
Condense resolvconf sources before starting loop
7 years ago
b4a1ba828a
Merge pull request #1148 from VincentS/patch-1
Fixed Formatting / Ansbile-Playbook Command Upgrade Cluster
7 years ago
c8c6105ee2
Fixed Formatting / Ansbile-Playbook Command
- added -b and fixed typo in ansible-playbook command
- fixed formatting issue
7 years ago
0b49eeeba3
Update calico to 1.1.0-rc8
Fixes bug in CentOS/RHEL in felix related to overlayfs driver.
7 years ago
b0830f0cd7
Merge pull request #1087 from bradbeam/openstack
Adding openstack domain id
7 years ago
565d4a53b0
Merge pull request #1108 from idcrook/issue_1107-docker-versioning
Adding Docker CE 'stable' and 'edge' version packages
7 years ago
9624662bf6
Merge pull request #1141 from mattymo/idempotency2
More idempotency fixes
7 years ago
8195957461
Merge branch 'master' into idempotency2
7 years ago
02fed4a082
Merge pull request #1138 from mattymo/idempotency-fixes
Idempotency fixes for etcd certs and resolvconf tasks
7 years ago
34ecf4ea51
Merge pull request #1109 from pcm32/feature/fixTerraformOS
Restores working order of contrib/terraform/openstack
7 years ago
a422ad0d50
More idempotency fixes
Fixed sync_tokens fact
Fixed sync_certs for k8s tokens fact
Disabled register docker images changability
Fixed CNI dir permission
Fix idempotency for etcd pre upgrade checks
7 years ago
096d96e344
Merge pull request #1137 from holser/bug/1135
Turn on iptables for flannel
7 years ago
e61310bc89
Merge pull request #1140 from VincentS/jinja28
Added Jinja 2.8 to Docs
7 years ago
111ca9584e
Added Jinja 2.8 to Docs
Added Jinja 2.8 Requirements to docs and pip requirements file which
is needed to run the current Ansible Playbooks.
7 years ago
7d35c4592c
Merge pull request #1139 from VincentS/docu_fix
Fix for CoreOS Docu
7 years ago
3e8386cbf3
Fixed CoreOS Docu
CoreOS docu was referencing outdated bootstrap playbook that
is now part of kargo itself.
7 years ago
4354162067
Merge pull request #1080 from VincentS/Granular_Auth_Control
Granular authentication Control
7 years ago
a62a444229
Merge pull request #1117 from mattymo/etcd3-upgrade
Migrate k8s data to etcd3 api store
7 years ago
f6b72fa830
Make resolvconf preinstall idempotent
7 years ago
9667e8615f
Turn on iptables for flannel
Closes : #1135
Closes : #1026
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
7 years ago
026da060f2
Granular authentication Control
It is now possible to deactivate selected authentication methods
(basic auth, token auth) inside the cluster by adding
removing the required arguments to the Kube API Server and generating
the secrets accordingly.
The x509 authentification is currently not optional because disabling it
would affect the kubectl clients deployed on the master nodes.
7 years ago
Matthew Mosesohn
Sergii Golovatiuk
Antoine Legrand
Vladimir Rutsky
Vladimir Rutsky
Aleksandr Didenko
Vincent Schwarzer
Bogdan Dobrelya