Alexander Block
d2e010cbe1
Add kernel upgrade for CentOS
7 years ago
Matthew Mosesohn
2f88c9eefe
Merge pull request #989 from holser/kubelet_remedy
Kubernetes Reliability Improvements
7 years ago
Matthew Mosesohn
60f1936a62
Merge pull request #1004 from galthaus/kubelet-load-modules
Allow kubelet to load kernel modules
7 years ago
Matthew Mosesohn
b0ee27ba46
Merge pull request #1006 from mattymo/fix_weave_upgrade
Enable weave upgrade from previous versions
7 years ago
Antoine Legrand
067bbaa473
Merge pull request #1001 from idcrook/kargo-issue-1000-efk-enable
removed explicit role for efk in cluster.yml
7 years ago
Sergii Golovatiuk
c07d60bc90
Kubernetes Reliability Improvements
- Exclude kubelet CPU/RAM (kube-reserved) from cgroup. It decreases a
chance of overcommitment
- Add a possibility to modify Kubelet node-status-update-frequency
- Add a posibility to configure node-monitor-grace-period,
node-monitor-period, pod-eviction-timeout for Kubernetes controller
manager
- Add Kubernetes Relaibility Documentation with recomendations for
various scenarios.
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
7 years ago
Matthew Mosesohn
29fd957352
Enable weave upgrade from previous versions
Raise readiness probe initial time to 60 (was 30)
7 years ago
Matthew Mosesohn
ef10ce04e2
Merge pull request #1005 from rutsky/patch-2
fix kube_apiserver_ip/kube_apiserver_port description
7 years ago
Vladimir Rutsky
f0269b28f4
fix kube_apiserver_ip/kube_apiserver_port description
7 years ago
Matthew Mosesohn
0a7c6eb9dc
Merge pull request #998 from mattymo/fix_upgrade_daemonsets
Fix upgrade for all daemonset type resources
7 years ago
Greg Althaus
3f0c13af8a
Make kubelet_load_modules always present but false.
Update code and docs for that assumption.
7 years ago
Greg Althaus
fcd78eb1f7
Due to the nsenter and other reworks, it appears that
kubelet lost the ability to load kernel modules. This
puts that back by adding the lib/modules mount to kubelet.
The new variable kubelet_load_modules can be set to true
to enable this item. It is OFF by default.
7 years ago
Matthew Mosesohn
17dfae6d4e
Merge pull request #999 from holser/decrease_weave_ram_limits
Lower weave RAM settings.
7 years ago
Bogdan Dobrelya
3b1a196c75
Merge pull request #902 from insequent/master
Adding vault role
7 years ago
Bogdan Dobrelya
105dbf471e
Merge pull request #993 from code0x9/master
enable proxy support on docker repository
7 years ago
David Crook
d4d9f27a8d
removed explicit role for efk in cluster.yml
7 years ago
Antoine Legrand
68df0d4909
Merge pull request #986 from vwfs/dnsmasq_system_nameservers
Also add the system nameservers to upstream servers in dnsmasq
7 years ago
Antoine Legrand
9c572fe54b
Merge pull request #984 from rutsky/patch-2
fix typo: "explicetely"
7 years ago
Josh Conant
245e05ce61
Vault security hardening and role isolation
7 years ago
Josh Conant
f4ec2d18e5
Adding the Vault role
7 years ago
Sergii Golovatiuk
4124d84c00
Lower weave RAM settings.
- Since Weave 1.8.x was rewritten in Golang we may decrease RAM settings
to continue using g1-small for CI
7 years ago
Matthew Mosesohn
3c713a3f53
Fix upgrade for all daemonset type resources
Daemonsets cannot be simply upgraded through a single API call,
regardless of any kubectl documentation. The resource must be
purged and then recreated in order to make any changes.
7 years ago
Alexander Block
89e570493a
Also add the system nameservers to upstream servers in dnsmasq
Also make no-resolv unconditional again. Otherwise, we may end up in
a resolver loop. The resolver loop was the cause for the piling up
parallel queries.
7 years ago
Matthew Mosesohn
16674774c7
Merge pull request #994 from mattymo/docker_save
Change docker save compress level to 1
7 years ago
Matthew Mosesohn
0180ad7f38
Merge pull request #990 from mattymo/fix_cert_upgrade
Fix check for node-NODEID certs existence
7 years ago
Matthew Mosesohn
bfd1ea1da1
Merge pull request #971 from bradbeam/efk
Adding EFK logging stack
7 years ago
Mark Lee
3eacd0c871
Update rh_docker.repo.j2
7 years ago
Matthew Mosesohn
d587270293
Merge pull request #992 from vwfs/host_mount_dev
Host mount /dev for kubelet
7 years ago
Matthew Mosesohn
3eb13e83cf
Change docker save compress level to 1
Faster gzip improves CI deploy times by at least 2 mins.
Fixes #982
7 years ago
Mark Lee
df761713aa
Merge branch 'master' of https://github.com/kubespray/kargo
7 years ago
Mark Lee
de50f37fea
enable proxy support on docker repository
7 years ago
Matthew Mosesohn
bad6076905
Merge pull request #987 from mattymo/etcd-retune
Re-tune ETCD performance params
7 years ago
Bogdan Dobrelya
c2bd76a22e
Merge pull request #956 from adidenko/update-netchecker
Update playbooks to support new netchecker
7 years ago
Alexander Block
010fe30b53
Host mount /dev for kubelet
7 years ago
Matthew Mosesohn
e5779ab786
Fix check for node-NODEID certs existence
Fixes upgrade from pre-individual node cert envs.
7 years ago
Matthew Mosesohn
71e14a13b4
Re-tune ETCD performance params
Reduce election timeout to 5000ms (was 10000ms)
Raise heartbeat interval to 250ms (was 100ms)
Remove etcd cpu share (was 300)
Make etcd_cpu_limit and etcd_memory_limit optional.
7 years ago
Matthew Mosesohn
491074aab1
Merge pull request #969 from mattymo/port_reserve
Prevent dynamic port allocation in nodePort range
7 years ago
Aleksandr Didenko
54af533b31
Update playbooks to support new netchecker
Netchecker is rewritten in Go lang with some new args instead of
env variables. Also netchecker-server no longer requires kubectl
container. Updating playbooks accordingly.
7 years ago
Matthew Mosesohn
4f13043d14
Merge pull request #976 from holser/bug/975
Improve Weave
7 years ago
Vladimir Rutsky
6a5df4d999
fix typo: "pubilcally"
7 years ago
Vladimir Rutsky
d41602088b
fix typo: "explicetely"
7 years ago
Matthew Mosesohn
f3a0f73588
Prevent dynamic port allocation in nodePort range
kube_apiserver_node_port_range should be accessible only
to kube-proxy and not be taken by a dynamic port allocation.
Potentially temporary if https://github.com/kubernetes/kubernetes/issues/40920
gets fixed.
7 years ago
Matthew Mosesohn
be1e1b41bd
Merge pull request #981 from kubernetes-incubator/revert-911-DROP_CAPS
Revert "Drop linux capabilities and rework users/groups"
7 years ago
Matthew Mosesohn
fd30131dc2
Revert "Drop linux capabilities and rework users/groups"
7 years ago
Sergii Golovatiuk
5122697f0b
Improve Weave
- Remove weave CPU limits from .gitlab-ci.yml. Closes : #975
- Fix weave version in documentation
Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
7 years ago
Bogdan Dobrelya
b7bf502e02
Merge pull request #978 from rutsky/patch-1
remove extra `~`
7 years ago
Bogdan Dobrelya
3f70e3a843
Merge pull request #977 from holser/bug/973
Add .swp .swo .swn to .gitignore
7 years ago
Bogdan Dobrelya
cae2982d81
Merge pull request #911 from bogdando/DROP_CAPS
Drop linux capabilities and rework users/groups
7 years ago
Vladimir Rutsky
b638c89556
remove extra `~`
7 years ago
Bogdan Dobrelya
9bc51bd0e2
Merge pull request #972 from kubernetes-incubator/update-roadmap
Update roadmap.md
7 years ago