mkrasilnikov
bc67deee78
Added missing cephfs_provisioner_enabled to kubespray-defaults vars
6 years ago
Erwan Miran
e9a676951b
storageClass name template as suggested by @eyeofthefrog
6 years ago
Wong Hoi Sing Edison
b25e0f82b1
Add cephfs_provisioner Support for Kubespray
6 years ago
Erwan Miran
e1aaef7d4d
Removal of surnumerary slash
6 years ago
Wong Hoi Sing Edison
1a1d154e14
Support multiple inventory files under individual inventory directory
6 years ago
Erwan Miran
abfb147292
MountDir in configmap and daemonset must be the same
6 years ago
Erwan Miran
44eb03f78a
typo
6 years ago
Erwan Miran
857784747b
local-provisioner:v1.0.1 still expects json configmap
6 years ago
Erwan Miran
7a2cb5e41c
local-provisioner:v1.0.1 still uses VOLUME_CONFIG_NAME env to read ConfigMap
6 years ago
Sébastien Han
34bd47de79
kubernetes-apps: retry get default token name
In some installation, it can take up to 3sec to get the value. Retrying
for 5 sec will ensure the command won't return 1.
Signed-off-by: Sébastien Han <seb@redhat.com>
6 years ago
woopstar
f9df692056
Issue front proxy certs for vault
6 years ago
woopstar
f193b12059
Kubeadm auto creates this
6 years ago
woopstar
2cd254954c
Remove defaults of allowed names. Updated kubeadm
6 years ago
woopstar
4dab92ce69
Rename from aggregator-proxy-client to front-proxy-client to match kubeadm design. Added kubeadm support too. Changed to use variables set and not hardcode paths. Still missing cert generation for Vault
6 years ago
Erwan Miran
ca08614641
yamllint fix
6 years ago
rong.zhang
47adf4bce6
Disalbe install epel-release rpm on Centos/Redhat
1.Disalbe install epel-release rpm on Centos/Redhat
2.Use yum install epel-release
6 years ago
Ryan Zenker
ad9049a49e
baremetal tweaks
* allow installs to not have hostname overriden with fqdn from inventory
* calico-config no longer requires local as and will default to global
* when cloudprovider is not defined, use the inventory_hostname for cni-calico
* allow reset to not restart network (buggy nodes die with this cmd)
* default kube_override_hostname to inventory_hostname instead of ansible_hostname
6 years ago
Erwan Miran
b4e264251f
JSON/YAML syntax fix
6 years ago
Erwan Miran
8006a6cd82
local_volumes_enabled replaced by local_volume_provisioner_enabled
6 years ago
Andreas Krüger
5cd6b0c753
Adding missing defaults for weave
The PR #2203 add's missing defaults for weave, but no signed CLA. So this PR fixes it.
6 years ago
Andreas Krüger
bb339265fc
Set default registry_enabled to false
In PR #2244 the `registry_enabled` is missing in defaults, causing a deployment to fail, if it is not set in k8s-cluster.yml
6 years ago
woopstar
b2d30d68e7
Rename CN for aggreator back. Add flags to apiserver when version is >= 1.9
6 years ago
woopstar
82d10b882c
Added fixes from whereismyjetpack
6 years ago
Maxim Krasilnikov
95b8ac5f62
Added optional controller and scheduler extra args to kubeadm config ( #2205 )
6 years ago
woopstar
0b4168cad4
WIP. Adding metrics-server support for K8s version 1.9
6 years ago
woopstar
3289472e31
Added option to set MTU on Weave
6 years ago
Wong Hoi Sing Edison
4ad53339f6
KubeDNS template should not suffix with .yml.j2
6 years ago
Wong Hoi Sing Edison
a4d3da6a8e
Dashboard template should not suffix with .yml.j2
6 years ago
Wong Hoi Sing Edison
7954ea2525
Migrate Kubernetes v1.9.1 cluster/addons/registry to Kubespray
6 years ago
Wong Hoi Sing Edison
bc2e26d7ef
update apiVersion
6 years ago
Wong Hoi Sing Edison
fd80013917
lint and cleanup local_volume_provisioner
6 years ago
Dann Bohn
dc6c703741
--etcd-quorum-read is depricated in kube >= 1.9
6 years ago
Matthew Mosesohn
16629d0b8e
Vault should use cert auth for etcd
6 years ago
Julian Hübenthal
7f79210ed1
reworked vsphere-cloud-config template
6 years ago
Simon Li
27a1a697e7
supplementary_addresses_in_ssl_keys can be a hostname
7 years ago
Julian Hübenthal
9cdd2214f9
render vsphere_resource_pool only if defined
6 years ago
Julian Hübenthal
989e9174c2
Added vSphere cloud provider config update for Kubernetes >= 1.9.2
6 years ago
rong.zhang
3993e12335
Fix can not be used devicemapper driver
Fix can not be used devicemapper driver
7 years ago
rong.zhang
32d18ca992
remove trailing space
6 years ago
Matthew Mosesohn
2df4b6c5d2
Rename default_resolver to cloud_resolver ( #2209 )
Cloud resolvers are mandatory for hosts on GCE and OpenStack
clouds. The 8.8.8.8 alternative resolver was dropped because
there is already a default nameserver. The new var name
reflects the purpose better.
Also restart apiserver when modifying dns settings.
6 years ago
Andreas Krüger
088d36da09
Increase the idx counter
Fix the idx counter to increase too, or you will end up with two same indexes.
6 years ago
Andreas Krüger
6f36faa4f9
Loadbalancer Apiserver Address is missing
If you configure your external loadbalancer to do a simple tcp pass-through to the api servers, and you do not use a DNS FQDN but just the ip, then you need to add the ip adress to the certificates too.
Example config:
```
## External LB example config
apiserver_loadbalancer_domain_name: "10.50.63.10"
loadbalancer_apiserver:
address: 10.50.63.10
port: 8383
```
6 years ago
RongZhang
3846384d56
Bump kube-dns to 1.14.8 ( #2204 )
Bump kube-dns to 1.14.8
6 years ago
Dmitri Rubinstein
331f141f63
Fix DNS entries in etcd's openssl.conf by adding a newline. ( #2208 )
DNS entries generated from 'etcd_cert_alt_names' variable in etcd's
openssl.conf are not terminated by a newline.
This fixes issue #2207 .
6 years ago
Matthew Mosesohn
62dd3d2a9d
Add missing group var default values to kubespray-defaults
6 years ago
Sébastien Han
fa8a128e49
etcd: ability to enable/disable ETCD_PEER_CLIENT_CERT_AUTH
Some installation are failing to authenticate with peers due to
etcd picking up/resoling the wrong node.
By setting 'etcd_peer_client_auth' to "False" you can disable peer client cert
authentication.
Signed-off-by: Sébastien Han <seb@redhat.com>
6 years ago
rong.zhang
b10c308a5a
Support ipvs mode for kube-proxy
Support ipvs mode for kube-proxy
6 years ago
rong.zhang
e22c70e431
Upgrade to Kubernetes v1.9.2
6 years ago
Matthew Mosesohn
dc6a17e092
Use include/import tasks ( #2192 )
import_tasks will consume far less memory, so it should be
used whenever it is compatible.
6 years ago
Miouge1
240d4193ae
Update information about network sizes
6 years ago