Wong Hoi Sing Edison
428a554ddb
istio: container download related things should defined in the download role
6 years ago
Xiaoxi He
32f4194cf8
Bump ingress-nginx-controller to version 0.12.0
6 years ago
georgejdli
76bb5f8d75
check if dedicated service account token signing key exists
6 years ago
vterdunov
4b98537f79
Properly check vsphere_cloud_provider.rc
6 years ago
Matthew Mosesohn
3004791c64
Add pre-upgrade task for moving credentials file ( #2394 )
* Add pre-upgrade task for moving credentials file
This reverts commit 7ef9f4dfdd
.
* add python interpreter workaround for localhost
6 years ago
Wong Hoi Sing Edison
b1a7889ff5
local-volume-provisioner: container download related things should defined in the download role
6 years ago
woopstar
86e3506ae6
Etcd cluster setup makeover
The current way to setup the etc cluster is messy and buggy.
- It checks for cluster is healthy before the cluster is even created.
- The unit files are started on handlers, not in the task, so you mess with "flush handlers".
- The join_member.yml is not used.
- etcd events cluster is not configured for kubeadm
- remove duplicate runs between running the role on etcd nodes and k8s nodes
6 years ago
Wong Hoi Sing Edison
4f714b07b8
cephfs-provisioner: container download related things should defined in the download role
6 years ago
Wong Hoi Sing Edison
4c0e9ba890
registry: container download related things should defined in the download role
6 years ago
Andreas Krüger
b9b028a735
Update etcd deployment to use correct cert and key ( #2572 )
* Update etcd deployment to use correct cert and key
* Update to use admin cert for etcdctl commands
* Update handler to use admin cert too
6 years ago
Wong Hoi Sing Edison
5fe144aa0f
ingress-nginx: container download related things should defined in the download role
6 years ago
Wong Hoi Sing Edison
195d6d791a
Integrate jetstack/cert-manager 0.2.3 to Kubespray
6 years ago
avoidik
aa301c31d1
Move credential checks into proper folder
6 years ago
Andreas Krüger
2c89a02db3
Only download container/file if host is in defined group ( #2565 )
* Only download container/file if host is in defined group
* Set correct when clause
* Fix last entries
* Update download groups
6 years ago
avoidik
15efdf0c16
Move credential checks
6 years ago
avoidik
ab8760cc83
Move credentials pre-check
6 years ago
avoidik
b6da596ec1
Move default configuration parameters for cloud-config
6 years ago
avoidik
3c12c6beb3
Move cloud config configurations to proper location
6 years ago
Erwan Miran
8ece922ef0
node_labels documentation + kube-ingress label handling as role_node_label
6 years ago
woopstar
859a7f32fb
Fix import task. Has to be include task to evalutate etcd_cluster_setup variable at run time
6 years ago
georgejdli
572ab650db
copy dedicated service account token signing key for kubeadm migration
6 years ago
avoidik
72c2a8982b
Fix kubecert_node.results indexes
6 years ago
Spencer Smith
13c57147eb
only set no_proxy if other proxy vars are defined
6 years ago
Matthew Mosesohn
03bcfa7ff5
Stop templating kube-system namespace and creating it ( #2545 )
Kubernetes makes this namespace automatically, so there is
no need for kubespray to manage it.
6 years ago
Andreas Kruger
af5f376163
Revert
6 years ago
woopstar
004b0a3fcf
Fix merge conflict
6 years ago
Chen Hong
4a705b3fba
May vault health check needs delay
6 years ago
陈宏
4d85e3765e
remove redundancy code
6 years ago
Vladimir Vasilkin
f0a04b4d65
wait 5 * 4 secs until Tiller starts
6 years ago
Vladimir Vasilkin
760ca1c3a9
adding checking for prometheus_operator_enabled
6 years ago
Vladimir Vasilkin
23b3833806
running on the first master only.
6 years ago
Kuldip Madnani
daeeae1a91
Added retries in pre-upgrade.yml and retries while applying kube-dns.yml ( #2553 )
* Added retries in pre-upgrade.yml and retries while applying kube-dns.yml
* Removed trailing spaces
6 years ago
georgejdli
c8f857eae4
configure kubespray to sign service account tokens with a dedicated and stable key
6 years ago
Kuldip Madnani
9ebbf1c3cd
Added a fix in openssl.conf template to check if IP of loadbalncer is available or not.
6 years ago
Chad Swenson
ef7f5edbb3
Remove old docker packages and other docker upgrade fixes ( #2536 )
* Remove old docker packages
This removes docker packages that are obsolete if docker-ce packages are to be installed, which fixes some package conflict issues that can occur during upgrades.
* Add support for setting obsoletes=0 when installing docker with yum
6 years ago
woopstar
0b5404b2b7
Fix
6 years ago
Vladimir Vasilkin
19e1b11d98
prometheus operator, metrics for k8s cluster
install using Helm:
- Prometheus Operator
- metrics for k8s cluster including: grafana dashboard, alertmanager, node exporters
base project:
https://github.com/coreos/prometheus-operator
the issue:
https://github.com/kubernetes-incubator/kubespray/issues/2042
Previous PR, raw ansible without Helm:
https://github.com/kubernetes-incubator/kubespray/pull/2499
6 years ago
woopstar
0df32b03ca
Update openssl.conf to count better and work with Jinja 2.9
6 years ago
Matthew Mosesohn
72a4223884
Write cloud-config during kubelet configuration
This file should only be updated during kubelet upgrade so that
master components are not accidentally restarted first during
preinstall stage.
6 years ago
Wong Hoi Sing Edison
848fc323db
Fixup for #2523 :
- Rename template for /etc/cni/net.d/00-weave.conflist to 00-weave.conflist.j2
- Apply resources requests/limits to both container weave and weave-npc
6 years ago
avoidik
e375678674
Set exact user for Kubelet services
6 years ago
Sergey Bondarev
4f7479d94d
add etc tunning options
https://coreos.com/etcd/docs/latest/tuning.html
etcd_snapshot_count
and
ionice priority
6 years ago
Michael Zehrer
b8d1652baf
Remove kibana_base_url
The default for kibana_base_url does not make sense an makes kibana unusable. The default path forces a 404 when you try to open kibana in the browser. Not setting kibana_base_url works just fine.
6 years ago
Dann Bohn
1d0415a6cf
fixes typo in kube_override_hostname for kubeadm
6 years ago
Wong Hoi Sing Edison
3f5c60886b
Upgrade Weave to 2.2.1
- Fix #2414 , so namespace isolation should now works
- Update weave-net.yml.j2 as per latest https://cloud.weave.works/k8s/net
- Other minor fixup
6 years ago
Anton Fayzrahmanov
a75598b3f4
IP_AUTODETECTION_METHOD docs
6 years ago
Anton Fayzrahmanov
60a057cace
Update calico-node.yml.j2
6 years ago
Anton Fayzrahmanov
dd9d0c0530
optional calico_ip_auto_method variable with IP_AUTODETECTION_METHOD
can be set to one of
first-found
can-reach
interface
6 years ago
Dann Bohn
9fa995ac9d
only sets nodeName in kubeadm-config when kube_override_hostname is set
6 years ago
Wong Hoi Sing Edison
caec3de364
Updating to use calico-node v2.6.8
6 years ago