Dann Bohn
dc6c703741
--etcd-quorum-read is depricated in kube >= 1.9
6 years ago
Matthew Mosesohn
16629d0b8e
Vault should use cert auth for etcd
6 years ago
Julian Hübenthal
7f79210ed1
reworked vsphere-cloud-config template
6 years ago
Simon Li
27a1a697e7
supplementary_addresses_in_ssl_keys can be a hostname
7 years ago
Aivars Sterns
c1267004ef
Merge pull request #2130 from ArchiFleKs/simplify_os_provider
Simplify and update OpenStack cloud provider
6 years ago
Julian Hübenthal
9cdd2214f9
render vsphere_resource_pool only if defined
6 years ago
Julian Hübenthal
fc29764911
fixed broken variables table
6 years ago
Julian Hübenthal
989e9174c2
Added vSphere cloud provider config update for Kubernetes >= 1.9.2
6 years ago
rong.zhang
3993e12335
Fix can not be used devicemapper driver
Fix can not be used devicemapper driver
7 years ago
Brad Beam
ac4d782937
Merge pull request #2074 from fangzhen/fix-domains-split
Make spliting system_search_domains more robust
6 years ago
rong.zhang
32d18ca992
remove trailing space
6 years ago
Matthew Mosesohn
2df4b6c5d2
Rename default_resolver to cloud_resolver ( #2209 )
Cloud resolvers are mandatory for hosts on GCE and OpenStack
clouds. The 8.8.8.8 alternative resolver was dropped because
there is already a default nameserver. The new var name
reflects the purpose better.
Also restart apiserver when modifying dns settings.
6 years ago
Andreas Krüger
088d36da09
Increase the idx counter
Fix the idx counter to increase too, or you will end up with two same indexes.
6 years ago
Andreas Krüger
6f36faa4f9
Loadbalancer Apiserver Address is missing
If you configure your external loadbalancer to do a simple tcp pass-through to the api servers, and you do not use a DNS FQDN but just the ip, then you need to add the ip adress to the certificates too.
Example config:
```
## External LB example config
apiserver_loadbalancer_domain_name: "10.50.63.10"
loadbalancer_apiserver:
address: 10.50.63.10
port: 8383
```
6 years ago
RongZhang
3846384d56
Bump kube-dns to 1.14.8 ( #2204 )
Bump kube-dns to 1.14.8
6 years ago
Dmitri Rubinstein
331f141f63
Fix DNS entries in etcd's openssl.conf by adding a newline. ( #2208 )
DNS entries generated from 'etcd_cert_alt_names' variable in etcd's
openssl.conf are not terminated by a newline.
This fixes issue #2207 .
6 years ago
Matthew Mosesohn
62dd3d2a9d
Add missing group var default values to kubespray-defaults
6 years ago
Sébastien Han
fa8a128e49
etcd: ability to enable/disable ETCD_PEER_CLIENT_CERT_AUTH
Some installation are failing to authenticate with peers due to
etcd picking up/resoling the wrong node.
By setting 'etcd_peer_client_auth' to "False" you can disable peer client cert
authentication.
Signed-off-by: Sébastien Han <seb@redhat.com>
6 years ago
rong.zhang
b10c308a5a
Support ipvs mode for kube-proxy
Support ipvs mode for kube-proxy
6 years ago
rong.zhang
e22c70e431
Upgrade to Kubernetes v1.9.2
6 years ago
Chad Swenson
f4fe9e3421
Merge pull request #2171 from ArchiFleKs/kubeproxy-lvs
Add lib/modules to kube-proxy to enable LVS
6 years ago
Brad Beam
da173615e4
Merge pull request #2048 from xizhibei/master
Fix: always only one container got synced after download
6 years ago
Matthew Mosesohn
dc6a17e092
Use include/import tasks ( #2192 )
import_tasks will consume far less memory, so it should be
used whenever it is compatible.
6 years ago
Antoine Legrand
f4180503c8
Merge pull request #2196 from Miouge1/network-size-large-deploy
Network size large deploy documentation
6 years ago
Miouge1
240d4193ae
Update information about network sizes
6 years ago
Matthew Mosesohn
ac66e98ae9
Upgrade to Kubernetes v1.9.1 ( #2152 )
Raise drain timeout to 5m
6 years ago
Matthew Mosesohn
d2935ffed0
Optionally ignore the presence of extra calico pools ( #2190 )
6 years ago
Chad Swenson
c6e0fcea31
Merge pull request #1948 from sgmitchell/secured-etcd
Enable etcd secure client to prevent etcdctl access without cert and key
6 years ago
Chad Swenson
5d014d986b
Merge pull request #1992 from manics/flannel-hairpin
Enable flannel hairpin mode
6 years ago
mirwan
714994cad8
iptables: flush nat table as well as filter table upon reset ( #2174 )
* iptables: flush nat table as well as filter table upon reset
* Indentation fix
6 years ago
Brad Beam
08fe61e058
Merge pull request #2071 from riverzhang/dashboard
Update dashboard version to v1.8.1
6 years ago
Brad Beam
0c8bed21ee
Merge pull request #2019 from chadswen/disable-api-insecure-port
Support for disabling apiserver insecure port (the sequel)
6 years ago
Brad Beam
98eb845f8c
Merge pull request #2173 from mirwan/hardcoded_dnsmasq-autoscaler_image
Dnsmasq autoscaler image should be a variable
6 years ago
Brad Beam
98300e3165
Merge pull request #2155 from brutus333/fix/pvc
Fix for Issue #2141
6 years ago
Matthew Mosesohn
bf1411060e
Add optional manual dns_mode ( #2178 )
6 years ago
Virgil Chereches
a4d142368b
Renamed variable from disable_volume_zone_conflict to volume_cross_zone_attachment and removed cloud provider condition; fix identation
6 years ago
Brad Beam
eb80f9b606
Merge pull request #2154 from tdihp/proxy-conf-restart-docker
Restart docker when http-proxy.conf changed.
6 years ago
Stanislav Makar
ae47b617e3
Fix 'no such host' problem ( #2148 )
Fix 'no such host' problem reported by commands *kubectl logs* and *kubectl exec*
when cloud_provider is OpenStack
Closes : #2147
6 years ago
Bogdan Dobrelya
c116b8022e
Update rpm spec and pbr setup configs ( #2170 )
* Update rpm spec and pbr setup configs
* Rename package to kubespray
* Do not break Fedora's FHS and install to /usr/share instead
* Remove the vendor tag
* Update source0 for better artifacts' names
* Fix missing files build errors
* Make version/release to auto match from git and fit PEP 440
Co-authored-by: Matthias Runge <mrunge@redhat.com>
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
* Add package paths to roles search in ansible conf
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
* Poke jinja2 requirements in rpm spec file
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
6 years ago
Erwan Miran
5b98e15613
Merge branch 'hardcoded_dnsmasq-autoscaler_image' of github.com:mirwan/kubespray into hardcoded_dnsmasq-autoscaler_image
6 years ago
Erwan Miran
e5b4011aa4
move hardcoded dnsmasq autoscaler image to its own variable
6 years ago
Virgil Chereches
3125f93b3f
Added disable_volume_zone_conflict variable
6 years ago
Spencer Smith
f19c8e8c1d
Merge pull request #2132 from PhilippeChepy/flex-volumes
Add support for flex volumes plugins.
6 years ago
Dave Carley
752fba1691
Fix spelling mistakes in group_vars ( #2166 )
6 years ago
ArchiFleKs
637604d08f
Add lib/modules to kube-proxy to enable LVS
kube-proxy is complaining of missing modules at startup. There is a plan
to also support an LVS implementation of kube-proxy in additon to
userspace and iptables
6 years ago
Erwan Miran
1a9989ade9
move hardcoded dnsmasq autoscaler image to its own variable
6 years ago
Jonas Kongslund
11844c987c
Make the Kubelet read-only port configurable and disable it by default. Fixes #2159 .
6 years ago
Virgil Chereches
8c45c88d15
Fix for Issue #2141 - added policy file
6 years ago
Virgil Chereches
c87bb2f239
Fix for Issue #2141
6 years ago
heping
32eeb9a0e0
Restart docker when http-proxy.conf changed.
6 years ago