98d766c68e
Moves apiserver port to bindPort when using controlPlaneEndpoint ( #3449 )
6 years ago
7bec169d58
Fix ansible syntax to avoid ansible deprecation warnings ( #3512 )
* failed
* version_compare
* succeeded
* skipped
* success
* version_compare becomes version since ansible 2.5
* ansible minimal version updated in doc and spec
* last version_compare
6 years ago
76fe84fe93
Use imageRepository instead of the unifiedControlPlaneImage ( #3484 )
6 years ago
d6ebe8c3e7
Sync manifests with kubeadm ( #3383 )
6 years ago
a330b281e8
Check `openstack_cacert` for empty string
6 years ago
cac485756b
Mount basic auth or token auth dirs to support it on kubeadm deployments
6 years ago
c058e7a5ec
Remove audit again from Kubeadm 1.10.x. Write mounts not supported untill 1.11
6 years ago
1c999b2a61
Move kube_kubeadm_controller_extra_args to controllerManagerExtraArgs section. It was placed in controllerManagerExtraVolumes
6 years ago
8e37841a2e
Add audit support to v1alpha1 of Kubeadm
6 years ago
8d1c0c469c
Added missing enable-aggregator-routing option
6 years ago
26d7380c2e
Sync manifests from non-kubeadm to kubeadm deploy
6 years ago
af74d85b7d
Remove --insecure-bind-address when insecure-port=0
6 years ago
97e5f28537
Revert "Remove insecure-port and insecure-bind-address when possible"
6 years ago
a5509fc2ce
Remove insecure-port and insecure-bind-address when possible
6 years ago
435e098751
Fix feature-gates
6 years ago
8e95974930
Fix ports for kubeadm client and master configs for ha setups
6 years ago
16fc22a207
Fix ipvs by kubeadm v1alpha1
6 years ago
35e5adaf0a
Fix kubeadm v1alpha1 configure
6 years ago
9eade647e6
Fix kubeadm lb
6 years ago
bdbfa4d403
Add ipvs support for kubeadm 1.10 or later.
6 years ago
ac639b2a17
Change kubeadm config to run etcd by kubeadm.
6 years ago
cb8be37f72
fix on v1alpha1
6 years ago
e5dd4e1e70
added on v1alpha1
6 years ago
94df70be98
Cloud provider support for OCI (Oracle Cloud Infrastructure)
Signed-off-by: Jeff Bornemann <jeff.bornemann@oracle.com>
6 years ago
59176ebbb9
Add kubeadm controlplaneEndpoint
Nginx LB(default)
Other LB by kubeadm controlplane
6 years ago
a11e1eba9e
Upgrade kubernetes to V1.11.x ( #3078 )
Upgrade Kubernetes to V1.11.2
The kubeadm configuration file version has been upgraded from v1alpha1 to v1alpha2
Add bootstrap kubeadm-config.yaml with external etcd
6 years ago
4eadf3228e
Only add admission plugins if defined
6 years ago
6ed65d762b
Separate out plugins into 2 variables
6 years ago
ac18f6cf8b
Add support for admission controllers in 1.10 and above
6 years ago
c685dc493f
allow for setting the cacert on openstack cloud provider
7 years ago
61e97251a5
Improve variable handling for disabling etcd events cluster
6 years ago
7c93e71801
Upgrade k8s to 1.10.2 ( #2748 )
* Upgrade k8s to 1.10.2
Bumped etcd version to 3.2.16 as recommended
* Add ipvs fix for v1.10
* change flannel addons test to ha
6 years ago
86e3506ae6
Etcd cluster setup makeover
The current way to setup the etc cluster is messy and buggy.
- It checks for cluster is healthy before the cluster is even created.
- The unit files are started on handlers, not in the task, so you mess with "flush handlers".
- The join_member.yml is not used.
- etcd events cluster is not configured for kubeadm
- remove duplicate runs between running the role on etcd nodes and k8s nodes
7 years ago
af5f376163
Revert
7 years ago
004b0a3fcf
Fix merge conflict
7 years ago
1d0415a6cf
fixes typo in kube_override_hostname for kubeadm
7 years ago
9fa995ac9d
only sets nodeName in kubeadm-config when kube_override_hostname is set
7 years ago
13e47e73c8
Update kubeadm-config.yaml.j2
As requested
7 years ago
6c4e5e0e3d
Update kubeadm-config.yaml.j2
7 years ago
40c0f3756b
Encapsulate item instead of casting to string
7 years ago
3d6fd49179
Added option for encrypting secrets to etcd v.2 ( #2428 )
* Added option for encrypting secrets to etcd
* Fix keylength to 32
* Forgot the default
* Rename secrets.yaml to secrets_encryption.yaml
* Fix static path for secrets file to use ansible variable
* Rename secrets.yaml.j2 to secrets_encryption.yaml.j2
* Base64 encode the token
* Fixed merge error
* Changed path to credentials dir
* Update path to secrets file which is now readable inside the apiserver container. Set better file permissions
* Add encryption option to k8s-cluster.yml
7 years ago
788e41a315
Make sure output from extra args is strings
Setting the following:
```
kube_kubeadm_controller_extra_args:
address: 0.0.0.0
terminated-pod-gc-threshold: "100"
```
Results in `terminated-pod-gc-threshold: 100` in the kubeadm config file. But it has to be a string to work.
7 years ago
39d247a238
Add support to kubeadm too
Explicitly defines the --kubelet-preferred-address-types parameter #2418
Fixes #2453
7 years ago
95e2bde15b
set nodeName to "{{ inventory_hostname }}" in kubeadm-config
7 years ago
03c61685fb
Added apiserver extra args variable for kubeadm config ( #2291 )
7 years ago
4e61fb9cd3
Refactored kubeadm join process and fixed uncrodonng for master nodes
7 years ago
f193b12059
Kubeadm auto creates this
7 years ago
2cd254954c
Remove defaults of allowed names. Updated kubeadm
7 years ago
4dab92ce69
Rename from aggregator-proxy-client to front-proxy-client to match kubeadm design. Added kubeadm support too. Changed to use variables set and not hardcode paths. Still missing cert generation for Vault
7 years ago
95b8ac5f62
Added optional controller and scheduler extra args to kubeadm config ( #2205 )
7 years ago
Dann
Erwan Miran
Rong Zhang
Andreas Krüger
Jan Wozniak
Erwan Miran
Chad Swenson
mlushpenko
Takashi Okamoto
Samuele Chiocca
Jeff Bornemann
Robert Everson
southquist
Matthew Mosesohn
Matthew Mosesohn
Dann Bohn
Bharat Kunwar
Maxim Krasilnikov