Matthew Mosesohn
b0830f0cd7
Merge pull request #1087 from bradbeam/openstack
Adding openstack domain id
7 years ago
Matthew Mosesohn
565d4a53b0
Merge pull request #1108 from idcrook/issue_1107-docker-versioning
Adding Docker CE 'stable' and 'edge' version packages
7 years ago
Matthew Mosesohn
9624662bf6
Merge pull request #1141 from mattymo/idempotency2
More idempotency fixes
7 years ago
Matthew Mosesohn
8195957461
Merge branch 'master' into idempotency2
7 years ago
Matthew Mosesohn
02fed4a082
Merge pull request #1138 from mattymo/idempotency-fixes
Idempotency fixes for etcd certs and resolvconf tasks
7 years ago
Bogdan Dobrelya
34ecf4ea51
Merge pull request #1109 from pcm32/feature/fixTerraformOS
Restores working order of contrib/terraform/openstack
7 years ago
Matthew Mosesohn
a422ad0d50
More idempotency fixes
Fixed sync_tokens fact
Fixed sync_certs for k8s tokens fact
Disabled register docker images changability
Fixed CNI dir permission
Fix idempotency for etcd pre upgrade checks
7 years ago
Matthew Mosesohn
096d96e344
Merge pull request #1137 from holser/bug/1135
Turn on iptables for flannel
7 years ago
Bogdan Dobrelya
e61310bc89
Merge pull request #1140 from VincentS/jinja28
Added Jinja 2.8 to Docs
7 years ago
Vincent Schwarzer
111ca9584e
Added Jinja 2.8 to Docs
Added Jinja 2.8 Requirements to docs and pip requirements file which
is needed to run the current Ansible Playbooks.
7 years ago
Matthew Mosesohn
7d35c4592c
Merge pull request #1139 from VincentS/docu_fix
Fix for CoreOS Docu
7 years ago
Vincent Schwarzer
3e8386cbf3
Fixed CoreOS Docu
CoreOS docu was referencing outdated bootstrap playbook that
is now part of kargo itself.
7 years ago
Matthew Mosesohn
4354162067
Merge pull request #1080 from VincentS/Granular_Auth_Control
Granular authentication Control
7 years ago
Matthew Mosesohn
a62a444229
Merge pull request #1117 from mattymo/etcd3-upgrade
Migrate k8s data to etcd3 api store
7 years ago
Matthew Mosesohn
f6b72fa830
Make resolvconf preinstall idempotent
7 years ago
Sergii Golovatiuk
9667e8615f
Turn on iptables for flannel
Closes : #1135
Closes : #1026
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
7 years ago
Vincent Schwarzer
026da060f2
Granular authentication Control
It is now possible to deactivate selected authentication methods
(basic auth, token auth) inside the cluster by adding
removing the required arguments to the Kube API Server and generating
the secrets accordingly.
The x509 authentification is currently not optional because disabling it
would affect the kubectl clients deployed on the master nodes.
7 years ago
Matthew Mosesohn
3feab1cb2d
Merge pull request #1134 from mattymo/1.6-support
Explicitly set cni-bin-dir
7 years ago
Matthew Mosesohn
804e9a09c0
Migrate k8s data to etcd3 api store
Default backend is now etcd3 (was etcd2).
The migration process consists of the following steps:
* check if migration is necessary
* stop etcd on first etcd server
* run migration script
* start etcd on first etcd server
* stop kube-apiserver until configuration is updated
* update kube-apiserver
* purge old etcdv2 data
7 years ago
Matthew Mosesohn
4c6829513c
Fix etcd idempotency
7 years ago
Matthew Mosesohn
4038954f96
Merge pull request #1078 from VincentS/oidc_support
Added Support for OpenID Connect Authentication
7 years ago
Matthew Mosesohn
52a6dd5427
Explicitly set cni-bin-dir
7 years ago
Matthew Mosesohn
c301dd5d94
Merge pull request #1118 from mattymo/noderolelabels
Add node labels in kubelet
7 years ago
Antoine Legrand
7cb7eee29d
Merge pull request #1116 from kubernetes-incubator/contrib_docs
Reference external documentation sources
7 years ago
David Crook
a52e1069ce
updated debian and ubuntu package names based on testing
docker-ce is not the .deb package until the repositories are switched over to new "downloads" docker webserver
7 years ago
David Crook
a8e5002aeb
removed irrelevant comments
7 years ago
David Crook
c515a351c6
Merge branch 'master' into issue_1107-docker-versioning
7 years ago
Antoine Legrand
7777b30693
Merge pull request #1120 from bradbeam/fixtags
Removing cloud_provider tag to fix scenario where cloud_provider is n…
7 years ago
Brad Beam
d04fbf3f78
Removing cloud_provider tag to fix scenario where cloud_provider is not defined
7 years ago
Matthew Mosesohn
54207877bd
Add node labels in kubelet
Related-issue: https://github.com/kubernetes/community/issues/300
Upgraded nodes do not obtain labels automatically.
See https://github.com/kubernetes/kubernetes/pull/29459 for more details.
7 years ago
Vincent Schwarzer
3c6b1480b8
Rewrote AWS Terraform for Kargo
Rewrote AWS Terraform deployment for AWS Kargo. It supports now
multiple Availability Zones, AWS Loadbalancer for Kubernetes API,
Bastion Host, ...
For more information see README
7 years ago
Vincent Schwarzer
b075960e3b
Added Support for OpenID Connect Authentication
To use OpenID Connect Authentication beside deploying an OpenID Connect
Identity Provider it is necesarry to pass additional arguments to the Kube API Server.
These required arguments were added to the kube apiserver manifest.
7 years ago
Antoine Legrand
85596c2610
Merge pull request #1045 from bradbeam/vsphere
Adding vsphere cloud provider support
7 years ago
Antoine Legrand
0613e3c24d
Reference external documentation sources
7 years ago
Antoine Legrand
ee5f009b95
Merge pull request #1112 from mattymo/skip_vault_if_disabled
Disable vault role properly on ansible 2.2.0
7 years ago
Antoine Legrand
d76816d043
Merge pull request #1115 from mattymo/etcd-phases
Remove standalone etcd specific play, cleanup host mode
7 years ago
Matthew Mosesohn
45274560ec
Disable vault role properly on ansible 2.2.0
when condition does not seem to work correctly at playbook
level for ansible 2.2.0.
7 years ago
Matthew Mosesohn
02a8e78902
Remove standalone etcd specific play, cleanup host mode
Now etcd role can optionally disable etcd cluster setup for faster
deployment when it is combined with etcd role.
7 years ago
Matthew Mosesohn
8f3d9e93ce
Merge pull request #1111 from mattymo/use_find_for_certs
Use find module for checking for certificates
7 years ago
Matthew Mosesohn
a244aca6a4
Merge pull request #1113 from VincentS/AWS_IAM_PROFILES
Added Missing AWS IAM Profiles and Policies
7 years ago
Vincent Schwarzer
5ae85b9de5
Added Missing AWS IAM Profiles and Policies
The AWS IAM profiles and policies required to run Kargo on AWS
are no longer hosted in the kubernetes main repo since kube-up got
deprecated. Hence we have to move the files into the kargo repository.
7 years ago
Matthew Mosesohn
d176818c44
Use find module for checking for certificates
Also generate certs only when absent on master (rather than
when absent on target node)
7 years ago
Bogdan Dobrelya
aeec0f9a71
Merge pull request #1071 from vijaykatam/atomic_host
Add support for atomic host
7 years ago
Matthew Mosesohn
08a02af833
Merge pull request #1075 from VincentS/loadbalancer_aws
Possibility to add Loadbalancers without static IP (e.g. AWS ELB) #1074
7 years ago
Pablo Moreno
cf26585cff
Restores working order of contrib/terraform/openstack, includes vault group and avoids group_vars/k8s-cluster.yml
7 years ago
David Crook
3f4a375ac4
first pass at adding 'stable' and 'edge' version packages
- Only have ubuntu to test on
- fedora and redhat are placeholders/guesses
- the "old" package repositories seem to have the "new" CE version which is `1.13.1` based
- `docker-ce` looks like it is named as a backported `docker-engine` package in some
places
- Did not change the `defaults` version anywhere, so should work as before
- Did not point to new package repositories, as existing ones have the new packages.
7 years ago
Matthew Mosesohn
cc632f2713
Merge pull request #1099 from rutsky/patch-4
fix inline verbatim blocks formatting in markdown
7 years ago
Matthew Mosesohn
5ebc9a380c
Merge pull request #1060 from holser/etcdv3
Allow to specify etcd backend for kube-api
7 years ago
Matthew Mosesohn
6453650895
Merge pull request #1093 from mattymo/scaledns
Add autoscalers for dnsmasq and kubedns
7 years ago
Matthew Mosesohn
9cb12cf250
Add autoscalers for dnsmasq and kubedns
By default kubedns and dnsmasq scale when installed.
Dnsmasq is no longer a daemonset. It is now a deployment.
Kubedns is no longer a replicationcluster. It is now a deployment.
Minimum replicas is two (to enable rolling updates).
Reduced memory erquirements for dnsmasq and kubedns
7 years ago