22 Commits (9e19159547a200b1a0a698b8c35b9c3ef53aadde)

Author SHA1 Message Date
Matthew Mosesohn 07cc981971
refactor vault role (#2733) 6 years ago
Romain DEQUIDT 80dd230a65 sync certs tasks (fix #2596 #2667) 6 years ago
Chad Swenson d87b6fd9f3 Use dedicated front-proxy-ca for front-proxy-client 6 years ago
georgejdli c8f857eae4 configure kubespray to sign service account tokens with a dedicated and stable key 6 years ago
chadswen cd153a1fb3 Fix kubernetes cert permission sync 6 years ago
woopstar 4dab92ce69 Rename from aggregator-proxy-client to front-proxy-client to match kubeadm design. Added kubeadm support too. Changed to use variables set and not hardcode paths. Still missing cert generation for Vault 6 years ago
woopstar 82d10b882c Added fixes from whereismyjetpack 6 years ago
woopstar 0b4168cad4 WIP. Adding metrics-server support for K8s version 1.9 6 years ago
Aivars Sterns 9c86da1403 Normalize tags in all places to prepare for tag fixing in future (#1739) 7 years ago
foxyriver 30b5493fd6 use command module instead of shell module 7 years ago
Maxim Krasilnikov 6eb22c5db2 Change single Vault pki mount to multi pki mounts paths for etcd and kube CA`s (#1552) 7 years ago
Brad Beam 8b151d12b9 Adding yamllinter to ci steps (#1556) 7 years ago
Matthew Mosesohn df28db0066 Fix cert and netchecker upgrade issues (#1543) 7 years ago
jwfang 092bf07cbf basic rbac support 7 years ago
Matthew Mosesohn a422ad0d50 More idempotency fixes 7 years ago
Matthew Mosesohn d176818c44 Use find module for checking for certificates 7 years ago
Matthew Mosesohn a21eb036ee Add no_log to cert tar tasks 7 years ago
Andrew Greenwood ca9ea097df Cleanup legacy syntax, spacing, files all to yml 7 years ago
Matthew Mosesohn 80c0e747a7 Fix references to CoreOS and Container Linux by CoreOS 7 years ago
Vladimir Rutsky 09847567ae set "check_mode: no" for read-only "shell" steps that registers result 7 years ago
Josh Conant 245e05ce61 Vault security hardening and role isolation 7 years ago
Matthew Mosesohn fd30131dc2 Revert "Drop linux capabilities and rework users/groups" 7 years ago
Sergii Golovatiuk 585afef945 Remove nsenter workaround 7 years ago
Matthew Mosesohn 08822ec684 Fix cert distribution at scale 7 years ago
Bogdan Dobrelya cb2e5ac776 Drop linux capabilities and rework users/groups 8 years ago
Greg Althaus 0d44599a63 Add explicit name printing in task names for deletgated task during 7 years ago
Greg Althaus 6c69da1573 This PR adds/or modifies a few tasks to allow for the playbook to 7 years ago
Matthew Mosesohn 80703010bd Use only one certificate for all apiservers 7 years ago
Matthew Mosesohn 3f274115b0 Generate individual certificates for k8s hosts 8 years ago
Bogdan Dobrelya 5af2c42bde Better fix for different CoreOS os family facts 7 years ago
Bogdan Dobrelya f7447837c5 Rename CoreOS fact 7 years ago
Matthew Mosesohn 6d9cd2d720 Fix calico-rr to use etcd certs instead of kube certs 8 years ago
Aleksandr Didenko d57c27ffcf Add calico/routereflector support 8 years ago
Bogdan Dobrelya 8cc84e132a Add tags 8 years ago
Matthew Mosesohn 46ee9faca9 Fix ca certificate loading on CoreOS 8 years ago
Matthew Mosesohn f106bf5bc4 adds ability to have hosts with no floating ips on terraform/openstack (+8 squashed commits) 8 years ago
Matthew Mosesohn c7b00caeaa Use tar+register instead of copy/slurp for distributing tokens and certs 8 years ago
Matthew Mosesohn 84052ff0b6 use nginx proxy on non-master nodes to proxy apiserver traffic 8 years ago
Smana ae5ff890d4 fix flannel deployment, remove docker bridge before restarting 8 years ago
Smana 1884d89d3b fixes the certs issue when masters or not in the kube-node group 8 years ago
Spencer Smith 9f8466a186 ensure ALL certs are synced between masters 8 years ago
Spencer Smith 5253b3ec13 ensure ca.pem makes it to multi-masters 8 years ago
Smana 4f627baf71 generate secrets on first master 8 years ago
Smana 5c22133492 fix add nodes to the cluster 8 years ago
Smana 850b7466cd remove deprecation warns and update doc 8 years ago
teuto.net Netzdienste GmbH 457ed11b49 fixed deprecation warnings regarding bare variables 8 years ago
Smana 91fca69aa0 generate secrets on deployment machine 8 years ago