Andrew Greenwood
8a86acf75d
Update kubespray-defaults kubernetes to v1.8.2
7 years ago
abelgana
d738acf638
Update kubelet.kubeadm.env.j2 ( #1901 )
7 years ago
tanshanshan
84d92aa3c7
fix-bug ( #1900 )
7 years ago
Andrew Greenwood
dd01cabcdc
Update to kubernetes 1.8.2
7 years ago
Andrew Greenwood
c383c7e2c1
Update kubedns image to latest
7 years ago
Andrew Greenwood
958bb5285d
Update kubedns image to latest
7 years ago
Chad Swenson
256bbb1a8a
Parameterize apt repo endpoints
This allows overriding of apt repo endpoints when internet sources are not accessible. Additionally, switch to using the dockerproject.org gpg key url for apt instead of keyservers.net
7 years ago
mkrasilnikov
2c7c956be9
Disable swap in vagrant vms
7 years ago
Matthew Mosesohn
fe81bba08d
Force kubelet certificates to be generated as lowercase ( #1886 )
All nodes get converted to lowercase, so certs should set
CN with lowercase as well.
7 years ago
Matthew Mosesohn
564de07963
fix indentation for network policy option
7 years ago
Aivars Sterns
84cf6fbe83
change ssh_args/bastion configuration ( #1883 )
7 years ago
abelgana
d9160f19c0
Sysctl reload if needed after IP forward enabling
Add reload yes to reload sysctl if the value of net.ipv4.ip_forward changes.
- name: Enable ip forwarding
sysctl:
sysctl_file: "{{sysctl_file_path}}"
name: net.ipv4.ip_forward
value: 1
state: present
reload: yes
tags:
- bootstrap-os
7 years ago
Matthew Mosesohn
b0f04d925a
Update network policy setting for Kubernetes 1.8 ( #1879 )
It is now enabled by default in 1.8 with the api changed
to networking.k8s.io/v1 instead of extensions/v1beta1.
7 years ago
Matthew Mosesohn
ec53b8b66a
Move cluster roles and system namespace to new role
This should be done after kubeconfig is set for admin and
before network plugins are up.
7 years ago
ArchiFleKs
6e949bf951
update flannel
7 years ago
Matthew Mosesohn
86fb669fd3
Idempotency fixes ( #1838 )
7 years ago
Matthew Mosesohn
7123956ecd
update checksum for kubeadm ( #1869 )
7 years ago
Matthew Mosesohn
a52bc44f5a
Fix broken CI jobs ( #1854 )
* Fix broken CI jobs
Adjust image and image_family scenarios for debian.
Checkout CI file for upgrades
* add debugging to file download
* Fix download for alternate playbooks
* Update ansible ssh args to force ssh user
* Update sync_container.yml
7 years ago
Matthew Mosesohn
acb63a57fa
Only limit etcd memory on small hosts ( #1860 )
Also disable oom killer on etcd
7 years ago
Flavio Percoco Premoli
5b08277ce4
Access dict item's value keys using .value ( #1865 )
7 years ago
Chiang Fong Lee
5dc56df64e
Fix ordering of kube-apiserver admission control plug-ins ( #1841 )
7 years ago
Matthew Mosesohn
33c4d64b62
Make ClusterRoleBinding to admit all nodes with right cert ( #1861 )
This is to work around #1856 which can occur when kubelet
hostname and resolvable hostname (or cloud instance name)
do not match.
7 years ago
Matthew Mosesohn
25de6825df
Update Kubernetes to v1.8.1 ( #1858 )
7 years ago
Peter Lee
0b60201a1e
fix etcd health check bug ( #1480 )
7 years ago
Haiwei Liu
cfea99c4ee
Fix scale.yml to supoort kubeadm ( #1863 )
Signed-off-by: Haiwei Liu <carllhw@gmail.com>
7 years ago
Matthew Mosesohn
cea41a544e
Use include instead of import tasks to support v2.3 ( #1855 )
Eventually 2.3 support will be dropped, so this is
a temporary change.
7 years ago
pmontanari
8371a060a0
Update main.yml
Match kubedns_version with roles/download/defaults/main.yml:kubedns_version: 1.14.5
7 years ago
Matthew Mosesohn
7ed140cea7
Update refs to kubernetes version to v1.8.0 ( #1845 )
7 years ago
Matthew Mosesohn
0b4fcc83bd
Fix up warnings and deprecations ( #1848 )
7 years ago
Matthew Mosesohn
514359e556
Improve etcd scale up ( #1846 )
Now adding unjoined members to existing etcd cluster
occurs one at a time so that the cluster does not
lose quorum.
7 years ago
Matthew Mosesohn
fc9a65be2b
Refactor downloads to use download role directly ( #1824 )
* Refactor downloads to use download role directly
Also disable fact delegation so download delegate works acros OSes.
* clean up bools and ansible_os_family conditionals
7 years ago
Jan Jungnickel
49dff97d9c
Relabel controler-manager to kube-controller-manager ( #1830 )
Fixes #1129
7 years ago
Matthew Mosesohn
4efb0b78fa
Move CI vars out of gitlab and into var files ( #1808 )
7 years ago
Hassan Zamani
c9fe8fde59
Use fail-swap-on flag only for kube_version >= 1.8 ( #1829 )
7 years ago
Matthew Mosesohn
16462292e1
Properly skip extra SANs when not specified for kubeadm ( #1831 )
7 years ago
pmontanari
20d80311f0
Update main.yml ( #1822 )
* Update main.yml
Needs to set up resolv.conf before updating Yum cache otherwise no name resolution available (resolv.conf empty).
* Update main.yml
Removing trailing spaces
7 years ago
Hassan Zamani
3acc42c5b3
Use etcd_access_addresses for vault_etcd_url
7 years ago
Tennis Smith
54320c5b09
set to 3 digit version number ( #1817 )
7 years ago
Seungkyu Ahn
291b71ea3b
Changing default value string to boolean. ( #1669 )
When downloading containers or files, use boolean
as a default value.
7 years ago
Rémi de Passmoilesel
356515222a
Add possibility to insert more ip adresses in certificates ( #1678 )
* Add possibility to insert more ip adresses in certificates
* Add newline at end of files
* Move supp ip parameters to k8s-cluster group file
* Add supplementary addresses in kubeadm master role
* Improve openssl indexes
7 years ago
Aivars Sterns
688e589e0c
fix #1788 lock dashboard version to 1.6.3 version while 1.7.x is not working ( #1805 )
7 years ago
刘旭
6c98201aa4
remove kube-dns versions and images in kubernetes-apps/ansible/defaults/main.yaml ( #1807 )
7 years ago
Matthew Mosesohn
d4b10eb9f5
Fix path for calico get node names ( #1816 )
7 years ago
Jiří Stránský
728d56e74d
Only write bastion ssh config when needed ( #1810 )
This will allow running Kubespray when the user who runs it doesn't
have write permissions to the Kubespray dir, at least when not using
bastion.
7 years ago
neith00
77f1d4b0f1
Revert "Update roadmap" ( #1809 )
* Revert "Debian jessie docs (#1806 )"
This reverts commit d78577c810
.
* Revert "[contrib/network-storage/glusterfs] adds service for glusterfs endpoint (#1800 )"
This reverts commit 5fb6b2eaf7
.
* Revert "[contrib/network-storage/glusterfs] bootstrap for glusterfs nodes (#1799 )"
This reverts commit 404caa111a
.
* Revert "Fixed kubelet standard log environment (#1780 )"
This reverts commit b838468500
.
* Revert "Add support for fedora atomic host (#1779 )"
This reverts commit f2235be1d3
.
* Revert "Update network-plugins to use portmap plugin (#1763 )"
This reverts commit 6ec45b10f1
.
* Revert "Update roadmap (#1795 )"
This reverts commit d9879d8026
.
7 years ago
Seungkyu Ahn
b838468500
Fixed kubelet standard log environment ( #1780 )
Change KUBE_LOGGING to KUBE_LOGTOSTDERR, when installing kubelet
as host type.
7 years ago
Jason Brooks
f2235be1d3
Add support for fedora atomic host ( #1779 )
* don't try to install this rpm on fedora atomic
* add docker 1.13.1 for fedora
* built-in docker unit file is sufficient, as tested on both fedora and centos atomic
7 years ago
Kevin Lefevre
6ec45b10f1
Update network-plugins to use portmap plugin ( #1763 )
Portmap allow to use hostPort with CNI plugins. Should fix #1675
7 years ago
Matthew Mosesohn
d9879d8026
Update roadmap ( #1795 )
7 years ago
Matthew Mosesohn
d487b2f927
Security best practice fixes ( #1783 )
* Disable basic and token auth by default
* Add recommended security params
* allow basic auth to fail in tests
* Enable TLS authentication for kubelet
7 years ago