54416cabfd
prefer_udp for upstream dns servers ( #4810 )
5 years ago
3617ae31f6
Optionally skip predownload of kubeadm images ( #4832 )
5 years ago
4f05d801c3
Use short cluster_name for TF CI ( #4835 )
5 years ago
956afcb33f
Move tf-ovh to part2 ( #4834 )
5 years ago
6347419233
Avoid duplicating nameservers ( #4833 )
5 years ago
0c7a50fe1e
README: Make usage section clearer ( #4034 )
Long option --become was used in the example but in the comment describing it the short option -b was used.
Use same option in description and example to avoid confusion.
5 years ago
7423932510
Add ready plugin for CoreDNS ( #4817 )
5 years ago
b41530ba5d
Add missing extraArgs to kubeadm-config ( #4814 )
5 years ago
29e916508c
Update roadmap ( #4811 )
5 years ago
b45f3f0004
Add tf-ovh_coreos CI job ( #4763 )
5 years ago
2a5721b4d4
Change CentOS CRI-O repo from developer repo to public one ( #4807 )
5 years ago
e30a703c8e
Add Kubernetes conformance tests ( #4614 )
5 years ago
333f1a4a40
kubeadm join path fixed for RH linux ( #4798 )
5 years ago
84b278021a
Update openstack.yml ( #4795 )
Fix comment style
5 years ago
1e470b0473
Fix certificate-key param for kubeadm init ( #4789 )
* Fix certificate-key param for kubeadm init
* Fix yamllint error
5 years ago
0ef3a7914c
Added pod psp in Rancher Local Path Provisioner ( #4385 )
* Added pod psp in Rancher Local Path Provisioner
Added pod security policy (psp) in Rancher Local Path Provisioner.
Signed-off-by: André R. de Miranda <andre@miranda.work>
* Apply psp for Rancher Local Path Provisioner only when local_path_provisioner_namespace is not kube-system and also reorganized the templates
5 years ago
a3fff1e438
cordon all deleted nodes before drain ( #4756 )
Kubespray waits exit of every drain before run other one.
Running drain every after each other seems better than parallel, because we should check resources availability every time.
But, this way, we have one additional problem: possible restart pods on the nodes that are killed little bit later.
Fast cordon before heavy drain seems like an easy solution.
5 years ago
4bc204925a
Error in nginx when starting registry-proxy ( #4785 )
Error starting nginx because in requiredDropCapabilities is dropped all capabilities.
The nginx requires the following capabilities:
- CHOWN
- SETGID
- SETUID
Signed-off-by: André R. de Miranda <andre@miranda.work>
5 years ago
5d9946184a
Add ignore_assert_errors to "kube-master, ... ( #4779 )
... kube-node or etcd is empty" task
As a assert must be ignored if ignore_assert_errors is true
5 years ago
5ba169a612
Ignore 2 ansible-lint rules (E204, E701) on purpose. ( #4744 )
5 years ago
872b37f751
updated pinning to prevent breaking changes ( #4783 )
* updated ansible pinning to prevent more possibilities of breaking changes
* more exact pinning of ansible version
* more exact pinning of ansible version and also all the rest
* added testing requirements.txt pinning settings
* removed boto from testing requirements.txt
5 years ago
8485136f9a
var node_labels as string ( #4764 )
5 years ago
ff1bc739f1
Change default for kubelet_flexvolumes_plugins_dir ( #4752 )
5 years ago
594a0e7f1b
Fix invalid YAML formatting within addons.yml ( #4753 )
5 years ago
8e28ba38d2
Add Load Balancer IP to API servers SANs ( #4775 )
- Add loadbalancer_apiserver.address to apiserver_sans
5 years ago
73c2ff17dd
Fix Ansible-lint error [E502] ( #4743 )
5 years ago
13f225e6ae
Only pull images for destined host groups ( #4735 )
Without this, pulls are considered for all
hosts groups, even if not targetted by the downloads
`groups` list. Hence, a download/sync is triggered
even though the host does not require the image.
5 years ago
3f62492a15
Use standard testcases job for TF CI ( #4732 )
5 years ago
5e3bd2dff1
Use common playbook to wait for SSH ( #4734 )
5 years ago
787a9c74fa
Terraform wait for floating IP instance has been associated ( #4321 )
* Add wait for floating ip associate with instance
* Terraform formatting fix
* Sort Open Telekom Cloud in compatible list
5 years ago
14749df6f3
Fix "netchecker-server" ClusterRole ( #4730 )
* Add sha256 hashes for calicoctl v3.6.1
Hashes are added to calicoctl_binary_checksums for both adm and arm platforms.
* Add rules for "network-checker.ext" resource to "netchecker-server" ClusterRole
So that it could access the resource after it is created.
Corresponding issues:
https://github.com/Mirantis/k8s-netchecker-server/issues/125
https://github.com/kubernetes-sigs/kubespray/issues/3281
5 years ago
2db2898112
Fixed runc path in runtime for RedHat os family ( #4731 )
5 years ago
3776000fc4
Run TF tests from repo root ( #4723 )
5 years ago
f0572e59e7
Always do OVH CI ( #4722 )
5 years ago
6217184c7f
Merge pull request #4720 from MarkusTeufelberger/patch-1
Update default CentOS version on Azure
5 years ago
044dcbaed0
Add Kubelet config, remove deprecated flags and fix minor bugs ( #4724 )
* Add kubelet config
* Change kubelet_authorization_mode_webhook to true
* Fix lint
* Sync env file
* Refactor the kubernetes node folder
* Remove deprecated flag and fix lint
5 years ago
8a5eae94ea
Minor cleanups of CoreDNS issues and CI job ( #4719 )
* Minor cleanups
* Add comment in docs that nodelocaldns cache is enabled by default
5 years ago
bf3c6aeed1
Add kube anon auth settings to kubeadm config templates ( #4713 )
* Disable kube_api_anonymous_auth by default to secure the setup
* Disable metrics-server in addons. Health endpoint is slow and unstable
* Fix anonymous-auth missing in configuration
* Cleanup a bit
* Fix kube anon auth
5 years ago
f3fbf995ca
Update default CentOS version on Azure
5 years ago
03bded2b6b
Fix adding output of kubeadm to the admin.conf downloaded to the artifacts directory ( #4696 )
Fixes issue https://github.com/kubernetes-sigs/kubespray/issues/4695
5 years ago
d5c0829d61
Removing unnecessary httplib2 install ( #4708 )
5 years ago
00369303de
Fixing `msg` parameter for `debug` module ( #4702 )
According to [`debug` module documentation](https://docs.ansible.com/ansible/latest/modules/debug_module.html?highlight=msg ), the correct parameter name is `msg`.
With the previous `message` parameter name I was getting FAILED messages while ansible was trying to debug previous FAILED tasks.
5 years ago
1f1479c0a7
Update ingress nginx 0.24.1. ( #4691 )
5 years ago
e67f848abc
ansible-lint: add spaces around variables [E206] ( #4699 )
5 years ago
560f50d3cd
Add support for http(s)_proxy to CoreOS, Fedora and OpenSUSE ( #4669 )
* Add support for http(s)_proxy to CoreOS and Fedora
* fix opensuse proxy support
* Fix CoreOS proxy support
* update documentation
5 years ago
3f45122d0d
Refactor Terraform CI ( #4654 )
5 years ago
50bdaa573c
Apply etcd_extra_vars to etcd-events.env as well. ( #4219 )
This change ensures that etcd_extra_vars variable applies
to events etcd as well.
5 years ago
24b6698cc9
Disable CI deploys on master ( #4690 )
5 years ago
73885d3b9e
Validate Vagrantfile in CI unit-tests ( #4642 )
* Validate vagrant file on CI
* Install vagrant
* Install vagrant
* Install vagrant
* Install vagrant
* Install vagrant
* Install vagrant
* Test vagrant validate
5 years ago
f29387316f
Fix ansible-lint 602 ( #4688 )
5 years ago
Toni Pokki
Matthew Mosesohn
Maxime Guyot
Rodrigo Bermúdez Schettino
Andreas Krüger
Dani Comnea
Vitaliy Dmitriev
Geert-Johan Riemer
André R. de Miranda
bobahspb
Jacopo Secchiero
MarkusTeufelberger
marcstreeter
Mateus Caruccio
MarioUhrik
Florent Monbillard
Timoses
Robert Neumann
Aleksey Kasatkin
Sandro Modarelli
Dmitri Rubinstein
Manuel Cintron
Alex Barcelo
okamototk
Stas