3fafa583d1
hostnameOverride on a per-node basis ( #3708 )
6 years ago
633bfa7ebc
Bring static tokens and user back to 1.12 ( #3593 )
6 years ago
77d705ca9f
cluster_name is to be set in initConfiguration too ( #3661 )
6 years ago
7bec169d58
Fix ansible syntax to avoid ansible deprecation warnings ( #3512 )
* failed
* version_compare
* succeeded
* skipped
* success
* version_compare becomes version since ansible 2.5
* ansible minimal version updated in doc and spec
* last version_compare
6 years ago
76fe84fe93
Use imageRepository instead of the unifiedControlPlaneImage ( #3484 )
6 years ago
af97febb04
Upgrade kubernetes to v1.12.0 ( #3410 )
* Upgrade kubernetes to v1.12.0
Use kubeadm v1alpha3 config
* Upgrade coredns and etcd
* Upgrage docker to 18.06
6 years ago
192f7967c9
Remove excess space ( #3421 )
6 years ago
d6ebe8c3e7
Sync manifests with kubeadm ( #3383 )
6 years ago
a330b281e8
Check `openstack_cacert` for empty string
6 years ago
cac485756b
Mount basic auth or token auth dirs to support it on kubeadm deployments
6 years ago
1c999b2a61
Move kube_kubeadm_controller_extra_args to controllerManagerExtraArgs section. It was placed in controllerManagerExtraVolumes
6 years ago
8d1c0c469c
Added missing enable-aggregator-routing option
6 years ago
26d7380c2e
Sync manifests from non-kubeadm to kubeadm deploy
6 years ago
77e08ba204
Support dynamic kubelet config
https://kubernetes.io/blog/2018/07/11/dynamic-kubelet-configuration/
6 years ago
af74d85b7d
Remove --insecure-bind-address when insecure-port=0
6 years ago
97e5f28537
Revert "Remove insecure-port and insecure-bind-address when possible"
6 years ago
a5509fc2ce
Remove insecure-port and insecure-bind-address when possible
6 years ago
435e098751
Fix feature-gates
6 years ago
8e95974930
Fix ports for kubeadm client and master configs for ha setups
6 years ago
9eade647e6
Fix kubeadm lb
6 years ago
52ab54eeea
Fix missing quotes for audit-log-path and wrong placement of feature-gates
6 years ago
d407a590a6
container_manager variable to specify runtime.
6 years ago
236f066635
kubeadm cri-o support.
6 years ago
5a4352657d
Fix install audit failed
1.fix audit log not write
2.fix Parameter not recognized
3.delete kubedm futuregates auditing and use apiServerExtraArgs
6 years ago
f13bc796d9
added nodePortAddresses on kubeadm conf v1alpha2 (not present on v1alpha1)
6 years ago
c34900e569
Define apiserver flags directly instead of relying on auditPolicy section in order to have the ability to redirect audit log to stdout with kubeadm
6 years ago
59176ebbb9
Add kubeadm controlplaneEndpoint
Nginx LB(default)
Other LB by kubeadm controlplane
6 years ago
54548d3b95
kubeadm mounts the hostpaths itself
6 years ago
58d4d65fab
minor variable fix and reuse + handle auditlog redirected to stdout
6 years ago
2ffc1afe40
Support audit
6 years ago
a11e1eba9e
Upgrade kubernetes to V1.11.x ( #3078 )
Upgrade Kubernetes to V1.11.2
The kubeadm configuration file version has been upgraded from v1alpha1 to v1alpha2
Add bootstrap kubeadm-config.yaml with external etcd
6 years ago
4eadf3228e
Only add admission plugins if defined
6 years ago
6ed65d762b
Separate out plugins into 2 variables
6 years ago
ac18f6cf8b
Add support for admission controllers in 1.10 and above
6 years ago
c685dc493f
allow for setting the cacert on openstack cloud provider
7 years ago
61e97251a5
Improve variable handling for disabling etcd events cluster
6 years ago
7c93e71801
Upgrade k8s to 1.10.2 ( #2748 )
* Upgrade k8s to 1.10.2
Bumped etcd version to 3.2.16 as recommended
* Add ipvs fix for v1.10
* change flannel addons test to ha
6 years ago
86e3506ae6
Etcd cluster setup makeover
The current way to setup the etc cluster is messy and buggy.
- It checks for cluster is healthy before the cluster is even created.
- The unit files are started on handlers, not in the task, so you mess with "flush handlers".
- The join_member.yml is not used.
- etcd events cluster is not configured for kubeadm
- remove duplicate runs between running the role on etcd nodes and k8s nodes
7 years ago
af5f376163
Revert
7 years ago
004b0a3fcf
Fix merge conflict
7 years ago
1d0415a6cf
fixes typo in kube_override_hostname for kubeadm
7 years ago
9fa995ac9d
only sets nodeName in kubeadm-config when kube_override_hostname is set
7 years ago
13e47e73c8
Update kubeadm-config.yaml.j2
As requested
7 years ago
6c4e5e0e3d
Update kubeadm-config.yaml.j2
7 years ago
40c0f3756b
Encapsulate item instead of casting to string
7 years ago
3d6fd49179
Added option for encrypting secrets to etcd v.2 ( #2428 )
* Added option for encrypting secrets to etcd
* Fix keylength to 32
* Forgot the default
* Rename secrets.yaml to secrets_encryption.yaml
* Fix static path for secrets file to use ansible variable
* Rename secrets.yaml.j2 to secrets_encryption.yaml.j2
* Base64 encode the token
* Fixed merge error
* Changed path to credentials dir
* Update path to secrets file which is now readable inside the apiserver container. Set better file permissions
* Add encryption option to k8s-cluster.yml
7 years ago
788e41a315
Make sure output from extra args is strings
Setting the following:
```
kube_kubeadm_controller_extra_args:
address: 0.0.0.0
terminated-pod-gc-threshold: "100"
```
Results in `terminated-pod-gc-threshold: 100` in the kubeadm config file. But it has to be a string to work.
7 years ago
39d247a238
Add support to kubeadm too
Explicitly defines the --kubelet-preferred-address-types parameter #2418
Fixes #2453
7 years ago
95e2bde15b
set nodeName to "{{ inventory_hostname }}" in kubeadm-config
7 years ago
03c61685fb
Added apiserver extra args variable for kubeadm config ( #2291 )
7 years ago
Erwan Miran
Arnaud MAZIN
Rong Zhang
LiuDui
Andreas Krüger
Jan Wozniak
Erwan Miran
Chad Swenson
mlushpenko
Takashi Okamoto
Samuele Chiocca
Robert Everson
southquist
Matthew Mosesohn
Matthew Mosesohn
Dann Bohn
Bharat Kunwar
Maxim Krasilnikov