088e9be931
Merge pull request #1156 from rutsky/patch-5
fix jinja package name
7 years ago
32ecac6464
fix jinja package name
Jinja 2.* releases are published under `Jinja2` name.
7 years ago
7760c3e4aa
Retry yum/apt/rpm download commands, fix succeeded filter
7 years ago
3cfb76e57f
Merge pull request #1146 from mattymo/resolvconf_optimize
Condense resolvconf sources before starting loop
7 years ago
e1faeb0f6c
Fix weave on RHEL deployment
Reduce retry delay checking weave
Always load br_netfilter module
7 years ago
25bff851dd
Merge pull request #1136 from adidenko/fix-calico-policy-order
Move calico-policy-controller into separate role
7 years ago
3a39904011
Move calico-policy-controller into separate role
By default Calico CNI does not create any network access policies
or profiles if 'policy' is enabled in CNI config. And without any
policies/profiles network access to/from PODs is blocked.
K8s related policies are created by calico-policy-controller in
such case. So we need to start it as soon as possible, before any
real workloads.
This patch also fixes kube-api port in calico-policy-controller
yaml template.
Closes #1132
7 years ago
7e1fbfba64
Merge pull request #1147 from mattymo/calico-update
Update calico to 1.1.0-rc8
7 years ago
a52064184e
Condense resolvconf sources before starting loop
7 years ago
b4a1ba828a
Merge pull request #1148 from VincentS/patch-1
Fixed Formatting / Ansbile-Playbook Command Upgrade Cluster
7 years ago
c8c6105ee2
Fixed Formatting / Ansbile-Playbook Command
- added -b and fixed typo in ansible-playbook command
- fixed formatting issue
7 years ago
0b49eeeba3
Update calico to 1.1.0-rc8
Fixes bug in CentOS/RHEL in felix related to overlayfs driver.
7 years ago
b0830f0cd7
Merge pull request #1087 from bradbeam/openstack
Adding openstack domain id
7 years ago
565d4a53b0
Merge pull request #1108 from idcrook/issue_1107-docker-versioning
Adding Docker CE 'stable' and 'edge' version packages
7 years ago
9624662bf6
Merge pull request #1141 from mattymo/idempotency2
More idempotency fixes
7 years ago
8195957461
Merge branch 'master' into idempotency2
7 years ago
02fed4a082
Merge pull request #1138 from mattymo/idempotency-fixes
Idempotency fixes for etcd certs and resolvconf tasks
7 years ago
34ecf4ea51
Merge pull request #1109 from pcm32/feature/fixTerraformOS
Restores working order of contrib/terraform/openstack
7 years ago
a422ad0d50
More idempotency fixes
Fixed sync_tokens fact
Fixed sync_certs for k8s tokens fact
Disabled register docker images changability
Fixed CNI dir permission
Fix idempotency for etcd pre upgrade checks
7 years ago
096d96e344
Merge pull request #1137 from holser/bug/1135
Turn on iptables for flannel
7 years ago
e61310bc89
Merge pull request #1140 from VincentS/jinja28
Added Jinja 2.8 to Docs
7 years ago
111ca9584e
Added Jinja 2.8 to Docs
Added Jinja 2.8 Requirements to docs and pip requirements file which
is needed to run the current Ansible Playbooks.
7 years ago
7d35c4592c
Merge pull request #1139 from VincentS/docu_fix
Fix for CoreOS Docu
7 years ago
3e8386cbf3
Fixed CoreOS Docu
CoreOS docu was referencing outdated bootstrap playbook that
is now part of kargo itself.
7 years ago
4354162067
Merge pull request #1080 from VincentS/Granular_Auth_Control
Granular authentication Control
7 years ago
a62a444229
Merge pull request #1117 from mattymo/etcd3-upgrade
Migrate k8s data to etcd3 api store
7 years ago
f6b72fa830
Make resolvconf preinstall idempotent
7 years ago
9667e8615f
Turn on iptables for flannel
Closes : #1135
Closes : #1026
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
7 years ago
026da060f2
Granular authentication Control
It is now possible to deactivate selected authentication methods
(basic auth, token auth) inside the cluster by adding
removing the required arguments to the Kube API Server and generating
the secrets accordingly.
The x509 authentification is currently not optional because disabling it
would affect the kubectl clients deployed on the master nodes.
7 years ago
3feab1cb2d
Merge pull request #1134 from mattymo/1.6-support
Explicitly set cni-bin-dir
7 years ago
804e9a09c0
Migrate k8s data to etcd3 api store
Default backend is now etcd3 (was etcd2).
The migration process consists of the following steps:
* check if migration is necessary
* stop etcd on first etcd server
* run migration script
* start etcd on first etcd server
* stop kube-apiserver until configuration is updated
* update kube-apiserver
* purge old etcdv2 data
7 years ago
4c6829513c
Fix etcd idempotency
7 years ago
4038954f96
Merge pull request #1078 from VincentS/oidc_support
Added Support for OpenID Connect Authentication
7 years ago
52a6dd5427
Explicitly set cni-bin-dir
7 years ago
c301dd5d94
Merge pull request #1118 from mattymo/noderolelabels
Add node labels in kubelet
7 years ago
28473e919f
Fixed nova command to get available flavors
The nova command for getting the flavors is not
nova list-flavors
but
nova flavor-list
7 years ago
69636d2453
Adding /O=system:masters to admin certificate
Issue #1125 . Make RBAC authorization plugin work out of the box.
"When bootstrapping, superuser credentials should include the system:masters group, for example by creating a client cert with /O=system:masters. This gives those credentials full access to the API and allows an admin to then set up bindings for other users."
7 years ago
7cb7eee29d
Merge pull request #1116 from kubernetes-incubator/contrib_docs
Reference external documentation sources
7 years ago
a52e1069ce
updated debian and ubuntu package names based on testing
docker-ce is not the .deb package until the repositories are switched over to new "downloads" docker webserver
7 years ago
a8e5002aeb
removed irrelevant comments
7 years ago
c515a351c6
Merge branch 'master' into issue_1107-docker-versioning
7 years ago
7777b30693
Merge pull request #1120 from bradbeam/fixtags
Removing cloud_provider tag to fix scenario where cloud_provider is n…
7 years ago
d04fbf3f78
Removing cloud_provider tag to fix scenario where cloud_provider is not defined
7 years ago
54207877bd
Add node labels in kubelet
Related-issue: https://github.com/kubernetes/community/issues/300
Upgraded nodes do not obtain labels automatically.
See https://github.com/kubernetes/kubernetes/pull/29459 for more details.
7 years ago
3c6b1480b8
Rewrote AWS Terraform for Kargo
Rewrote AWS Terraform deployment for AWS Kargo. It supports now
multiple Availability Zones, AWS Loadbalancer for Kubernetes API,
Bastion Host, ...
For more information see README
7 years ago
b075960e3b
Added Support for OpenID Connect Authentication
To use OpenID Connect Authentication beside deploying an OpenID Connect
Identity Provider it is necesarry to pass additional arguments to the Kube API Server.
These required arguments were added to the kube apiserver manifest.
7 years ago
85596c2610
Merge pull request #1045 from bradbeam/vsphere
Adding vsphere cloud provider support
7 years ago
0613e3c24d
Reference external documentation sources
7 years ago
ee5f009b95
Merge pull request #1112 from mattymo/skip_vault_if_disabled
Disable vault role properly on ansible 2.2.0
7 years ago
d76816d043
Merge pull request #1115 from mattymo/etcd-phases
Remove standalone etcd specific play, cleanup host mode
7 years ago
Matthew Mosesohn
Vladimir Rutsky
Aleksandr Didenko
Vincent Schwarzer
Bogdan Dobrelya
Sergii Golovatiuk
Connz
Cesarini, Daniele
Antoine Legrand
David Crook
Brad Beam