Tree: 0fe5f120a3

floryut-patch-1

lean/pre-commit-hook-2

master

packet-test

pre-commit-hook

reduce-vm-requests

release-2.10

release-2.11

release-2.12

release-2.13

release-2.14

release-2.15

release-2.16

release-2.17

release-2.18

release-2.19

release-2.20

release-2.21

release-2.22

release-2.23

release-2.24

release-2.25

release-2.26

release-2.7

release-2.8

release-2.9

test-CI

test-precommit

update-approvers-ant31

1.3.0

1.3.0_k1.1.3

1.4.0

1.5.0

test-tag-1

v1.0

v1.0.0

v1.0.1

v1.1

v1.1.0

v1.1.3

v2.0.0

v2.0.1

v2.1.0

v2.1.1

v2.1.2

v2.10.0

v2.10.3

v2.10.4

v2.11.0

v2.11.1

v2.11.2

v2.12.0

v2.12.1

v2.12.10

v2.12.2

v2.12.3

v2.12.4

v2.12.5

v2.12.6

v2.12.7

v2.12.8

v2.12.9

v2.13.0

v2.13.1

v2.13.2

v2.13.3

v2.13.4

v2.14.0

v2.14.1

v2.14.2

v2.15.0

v2.15.1

v2.16.0

v2.17.0

v2.17.1

v2.18.0

v2.18.1

v2.18.2

v2.19.0

v2.19.1

v2.2.0

v2.2.1

v2.20.0

v2.21.0

v2.22.0

v2.22.1

v2.22.2

v2.23.0

v2.23.1

v2.23.2

v2.23.3

v2.24.0

v2.24.1

v2.24.2

v2.24.3

v2.25.0

v2.25.1

v2.26.0

v2.3.0

v2.4.0

v2.5.0

v2.6.0

v2.7.0

v2.8.0

v2.8.1

v2.8.2

v2.8.3

v2.8.4

v2.8.5

v2.9.0

Branches Tags

${ item.name }

Create branch ${ searchTerm }

from '0fe5f120a3'

${ noResults }

Commit Graph

862 Commits (0fe5f120a3bbe539282125a0f5e6346e5bb7cbc2)

Author	SHA1	Message	Date
Matthew Mosesohn	07cc981971	refactor vault role (#2733) * Move front-proxy-client certs back to kube mount We want the same CA for all k8s certs * Refactor vault to use a third party module The module adds idempotency and reduces some of the repetitive logic in the vault role Requires ansible-modules-hashivault on ansible node and hvac on the vault hosts themselves Add upgrade test scenario Remove bootstrap-os tags from tasks * fix upgrade issues * improve unseal logic * specify ca and fix etcd check * Fix initialization check bump machine size	6 years ago
Maxime Gaillard	00db751646	Add Openstack tenant name	6 years ago
Tomasz Majchrowski	59789ae02a	ISSUE-2706: Provide consistent usage of supplementary_addresses_in_ssl_keys across vault and script mode (#2707)	6 years ago
mirwan	06cdb260f6	labelvalue must be formatted to handle non string values (#2722)	6 years ago
mirwan	c3c5817af6	sysctl file should be in defaults so that it can be overriden (#2475) * sysctl file should be in defaults so that it can be overriden * Change sysctl_file_path to be consistent with roles/kubernetes/preinstall/defaults/main.yml	6 years ago
Markos Chandras	9168c71359	Revert "Revert "Add openSUSE support" (#2697)" (#2699) This reverts commit 51f4e6585a.	6 years ago
Matthew Mosesohn	1a14f1ecc1	Fix vol format for local volume provisioner in rkt (#2698)	6 years ago
Matthew Mosesohn	51f4e6585a	Revert "Add openSUSE support" (#2697)	6 years ago
Suzuka Asagiri	f81e6d2ccf	Add oidc-user-prefix and oidc-group-prefix args	6 years ago
Romain DEQUIDT	80dd230a65	sync certs tasks (fix #2596 #2667)	6 years ago
Paul Montero	75950344fb	run_once pre_upgrade tasks which are executing in localhost	6 years ago
Matthew Mosesohn	f73717ea35	Mount local volume provisioner dirs for containerized kubelet (#2648)	6 years ago
Chad Swenson	d87b6fd9f3	Use dedicated front-proxy-ca for front-proxy-client	6 years ago
Markos Chandras	d07f75b389	roles: kubernetes: secrets: Add SUSE support Add path for certificate location for SUSE distributions. Also make sure the 'update-ca-certificates' command is executed on SUSE hosts as well.	6 years ago
Nirmoy Das	45eac53ec7	roles: kubernetes: preinstall: Install openssl-1.1.0 on Tumbleweed The openssl package on Tumbleweed is actually a virtual package covering openssl-1.0.0 and openssl-1.1.0 implementations. It defaults to 1.1.0 so when trying to install it and openssl-1.0.0 is installed, zypper fails with conflicts. As such, lets explicitly pull the package that we need which also updates the virtual one. Co-authored-by: Markos Chandras <mchandras@suse.de>	6 years ago
Markos Chandras	e42203a13e	roles: kubernetes: preinstall: Add SUSE support Add support for installing package dependencies and refreshing metadata on SUSE distributions Co-authored-by: Nirmoy Das <ndas@suse.de>	6 years ago
Christian Phu	3535c29e59	Fix apiserver manifest for kube version < 1.9	6 years ago
Marcelo Grebois	88765f62e6	Updating order https://kubernetes.io/docs/admin/admission-controllers/#is-there-a-recommended-set-of-admission-controllers-to-use	6 years ago
Robin Skahjem-Eriksen	0f35e17e23	Fix new envvar for setting openstack_tenant_id (#2641) Changed from OS_PROJECT_ID to OS_PROJECT_NAME.	6 years ago
Brad Beam	77b3f9bb97	Removing default for volume-plugins mountpoint (#2618) All checks test if this is defined meaning there is no way to undefine it.	6 years ago
Matthew Mosesohn	45f15bf753	Revert "Fix new envvar for setting openstack_tenant_id" (#2640)	6 years ago
Robin Skahjem-Eriksen	0c0f6b755d	Fix new envvar for setting openstack_tenant_id Changed from OS_PROJECT_ID to OS_PROJECT_NAME.	6 years ago
Marcelo Grebois	4c12b273ac	Enabling MutatingAdmissionWebhook for Istio Automatic sidecar injection https://istio.io/docs/setup/kubernetes/sidecar-injection.html#automatic-sidecar-injection	6 years ago
Atoms	b68854f79d	fix kubectl download location and kubectl.sh helper owner/group remove	6 years ago
Matthew Mosesohn	f954bc0a5a	Remove jinja2 dependency of do While `do` looks cleaner, forcing this extra option in ansible.cfg seems to be more invasive. It would be better to keep the traditional approach of `set dummy = ` instead.	6 years ago
Brad Beam	dfc46f02d7	Adding missing service-account certificate for vault Missed in #2554	6 years ago
Daniel Hoherd	ca40d51bc6	Fix typos (no logic changes)	6 years ago
Chen Hong	973e7372b4	content: |	6 years ago
Chen Hong	b54e091886	Persist ip_vs modules	6 years ago
georgejdli	76bb5f8d75	check if dedicated service account token signing key exists	6 years ago
Matthew Mosesohn	3004791c64	Add pre-upgrade task for moving credentials file (#2394) * Add pre-upgrade task for moving credentials file This reverts commit 7ef9f4dfdd. * add python interpreter workaround for localhost	6 years ago
Wong Hoi Sing Edison	5fe144aa0f	ingress-nginx: container download related things should defined in the download role	6 years ago
Wong Hoi Sing Edison	195d6d791a	Integrate jetstack/cert-manager 0.2.3 to Kubespray	6 years ago
avoidik	aa301c31d1	Move credential checks into proper folder	6 years ago
avoidik	15efdf0c16	Move credential checks	6 years ago
avoidik	ab8760cc83	Move credentials pre-check	6 years ago
avoidik	b6da596ec1	Move default configuration parameters for cloud-config	6 years ago
avoidik	3c12c6beb3	Move cloud config configurations to proper location	6 years ago
Erwan Miran	8ece922ef0	node_labels documentation + kube-ingress label handling as role_node_label	6 years ago
georgejdli	572ab650db	copy dedicated service account token signing key for kubeadm migration	6 years ago
avoidik	72c2a8982b	Fix kubecert_node.results indexes	6 years ago
Matthew Mosesohn	03bcfa7ff5	Stop templating kube-system namespace and creating it (#2545) Kubernetes makes this namespace automatically, so there is no need for kubespray to manage it.	6 years ago
Andreas Kruger	af5f376163	Revert	6 years ago
woopstar	004b0a3fcf	Fix merge conflict	6 years ago
陈宏	4d85e3765e	remove redundancy code	6 years ago
Kuldip Madnani	daeeae1a91	Added retries in pre-upgrade.yml and retries while applying kube-dns.yml (#2553) * Added retries in pre-upgrade.yml and retries while applying kube-dns.yml * Removed trailing spaces	6 years ago
georgejdli	c8f857eae4	configure kubespray to sign service account tokens with a dedicated and stable key	6 years ago
Kuldip Madnani	9ebbf1c3cd	Added a fix in openssl.conf template to check if IP of loadbalncer is available or not.	6 years ago
woopstar	0b5404b2b7	Fix	6 years ago
woopstar	0df32b03ca	Update openssl.conf to count better and work with Jinja 2.9	6 years ago