Commits · 4e34803b1ed2bdb2b2d3cc4f03b4a3763624c1fc · Mirror / Kubespray

Dec 12, 2016
- Disable fastestmirror on CentOS · 4e34803b
  Alexander Block authored Dec 07, 2016
```
It actually slows down things dramatically when used in combination
with Ansible.
```
  4e34803b
- Remove requiretty from sudoers to actually make pipelining work · 7abcf6e0
  Alexander Block authored Dec 09, 2016
```
Some systems (e.g. CentOS on Azure) have requiretty in sudoers which makes
pipelining fail.
```
  7abcf6e0
Dec 10, 2016
- Merge pull request #713 from kubernetes-incubator/bump_kubedns · e5ad0836
  Matthew Mosesohn authored Dec 10, 2016
```
Bump kubedns version to 1.9
```
  e5ad0836
- Merge pull request #696 from bogdando/intranet_dns · 2c50f204
  Bogdan Dobrelya authored Dec 09, 2016
```
Preconfigure dns stack early
```
  2c50f204
Dec 09, 2016

Preconfigure DNS stack and docker early · a15d6267

Bogdan Dobrelya authored Dec 07, 2016



In order to enable offline/intranet installation cases:
* Move DNS/resolvconf configuration to preinstall role. Remove
  skip_dnsmasq_k8s var as not needed anymore.

* Preconfigure DNS stack early, which may be the case when downloading
  artifacts from intranet repositories. Do not configure
  K8s DNS resolvers for hosts /etc/resolv.conf yet early (as they may be
  not existing).

* Reconfigure K8s DNS resolvers for hosts only after kubedns/dnsmasq
  was set up and before K8s apps to be created.

* Move docker install task to early stage as well and unbind it from the
  etcd role's specific install path. Fix external flannel dependency on
  docker role handlers. Also fix the docker restart handlers' steps
  ordering to match the expected sequence (the socket then the service).

* Add default resolver fact, which is
  the cloud provider specific and remove hardcoded GCE resolver.

* Reduce default ndots for hosts /etc/resolv.conf to 2. Multiple search
  domains combined with high ndots values lead to poor performance of
  DNS stack and make ansible workers to fail very often with the
  "Timeout (12s) waiting for privilege escalation prompt:" error.

* Update docs.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>

a15d6267

Merge pull request #706 from vwfs/docker_storage_options · fb774d43
Matthew Mosesohn authored Dec 09, 2016
```
Allow to specify docker storage driver
```
fb774d43

Bump kubedns version to 1.9 · 459bee6d

Matthew Mosesohn authored Dec 09, 2016

Version 1.9 has reduced verbosity for federation dns queries
which flood container logs.

459bee6d

Merge pull request #711 from bogdando/fix_link · 6e080cd9
Antoine Legrand authored Dec 09, 2016
```
Fix bad symlink
```
6e080cd9
Use proper style (spacing) for docker_storage_options · 8a5ba6b2
Alexander Block authored Dec 09, 2016

8a5ba6b2
Allow to specify docker storage driver · c3ec3ff9
Alexander Block authored Dec 07, 2016

c3ec3ff9
Fix bad symlink · 284a2101
Bogdan Dobrelya authored Dec 09, 2016
```
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
```
284a2101
Merge pull request #700 from bogdando/tags · 7897c34b
Bogdan Dobrelya authored Dec 09, 2016
```
Add tags
```
7897c34b

Add tags · 8cc84e13

Bogdan Dobrelya authored Dec 08, 2016



Add tags to allow more granular tasks filtering.
Add generator script for MD formatted tags found.
Add docs for tags how-to.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>

8cc84e13

Merge pull request #703 from adidenko/fix-docker_versioned_pkg · 42651494
Matthew Mosesohn authored Dec 09, 2016
```
Convert docker_versioned_pkg dict keys to string
```
42651494

Convert docker_versioned_pkg dict keys to string · ee8d6ab4

Aleksandr Didenko authored Dec 09, 2016

This will allow to use '-e docker_version=1.12' in ansible playbook
execution. It's also backward-compatible and will work with floating
docker_version format in custom yaml files.

Closes #702

ee8d6ab4

Merge pull request #668 from bodepd/etcd_access_address · a80745b5
Matthew Mosesohn authored Dec 09, 2016
```
Use etcd host ip instead of hostname to build etcd_access_addresses
```
a80745b5
Merge pull request #698 from bogdando/fix_terraform · bd3f2d5c
Antoine Legrand authored Dec 08, 2016
```
Symlink global vars for terraform
```
bd3f2d5c

Dec 08, 2016
- Symlink global vars for terraform · e9c591e6
  Bogdan Dobrelya authored Dec 08, 2016
```
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
```
  e9c591e6
- Merge pull request #691 from adidenko/calico-old-cni-fix · 710d5ae4
  Bogdan Dobrelya authored Dec 08, 2016
```
Fix possible problems with legacy calicoctl
```
  710d5ae4
- Merge pull request #693 from kubernetes-incubator/upgrades-doc · fc769eb8
  Matthew Mosesohn authored Dec 08, 2016
```
Add document outlining upgrade process
```
  fc769eb8
Dec 07, 2016

Allow etcd_access_addresses to be more flexible · eec2ed58

Dan Bode authored Dec 01, 2016

The variale etcd_access_addresses is used to determine
how to address communication from other roles to
the etcd cluster.

It was set to the address that ansible uses to
connect to instance ({{ item }})s and not the
the variable:
  ip_access
which had already been created and could already
be overridden through the access_ip variable.

This change allows ansible to connect to a machine using
a different address than the one used to access etcd.

eec2ed58

Merge pull request #695 from kubernetes-incubator/bug669 · f7dd20f2
Bogdan Dobrelya authored Dec 07, 2016
```
Force hardlink for calico/canal certs
```
f7dd20f2
Force hardlink for calico/canal certs · bfc9bcb8
Matthew Mosesohn authored Dec 07, 2016
```
Fixes: #669
```
bfc9bcb8
Merge pull request #692 from bogdando/gce_fixes · 8eb26c21
Bogdan Dobrelya authored Dec 07, 2016
```
Change GCE sysctls placement and docs
```
8eb26c21
Add document outlining upgrade process · 3c66e4cd
Matthew Mosesohn authored Dec 07, 2016

3c66e4cd

Change GCE sysctls placement and docs · f0f2b812

Bogdan Dobrelya authored Dec 07, 2016



Override GCE sysctl in /etc/sysctl.d/99-sysctl.conf instead of
the /etc/sysctl.d/11-gce-network-security.conf. It is recreated
by GCE, f.e. if gcloud CLI invokes some security related changes,
thus losing customizations we want to be persistent.

Update cloud providers firewall requirements in calico docs.

Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>

f0f2b812

Merge pull request #688 from fen4o/cluster-signing-cert · 45ed6de3
Matthew Mosesohn authored Dec 07, 2016
```
add cluster-signing to kube-controller-manager
```
45ed6de3

Fix possible problems with legacy calicoctl · c9290182

Aleksandr Didenko authored Dec 07, 2016

When running legacy calicoctl we do not specify calico hostname in
calico-node container thus we should not specify it in CNI config.

Also move 'legacy_calicoctl' set_fact task to the top.

c9290182

add cluster-signing to kube-controller-manager · 246c8209

fen4o authored Dec 07, 2016

kube-controller-manager's cluster signing cert and key points by default to not
existing `/etc/kubernetes/ca/ca.pem` and `/etc/kubernetes/ca/ca.key` [docs][1]

[1]: http://kubernetes.io/docs/admin/kube-controller-manager/#options

246c8209

Merge pull request #584 from chadswen/docker-options-refactor · 36fe2cb5
Bogdan Dobrelya authored Dec 07, 2016
```
Docker Options Refactor
```
36fe2cb5
Merge pull request #684 from adidenko/fix-calico-peering · 9d6cc3a8
Bogdan Dobrelya authored Dec 06, 2016
```
Calico: fix peering with routers for new version
```
9d6cc3a8

Dec 06, 2016
- Merge pull request #627 from kubernetes-incubator/issue-626 · 8870178a
  Spencer Smith authored Dec 06, 2016
```
add restart flag for docker run kubelet
```
  8870178a
- Calico: fix peering with routers for new version · b0079ccd
  Aleksandr Didenko authored Dec 06, 2016
```
In new `calicoctl` version nodes peering with routers is broken.
We need to use predictable node names for calico-node and the
same names in calico `bgpPeer` resources and CNI.
```
  b0079ccd
- Merge pull request #683 from kubernetes-incubator/fix_debian_image · 1772d122
  Bogdan Dobrelya authored Dec 06, 2016
```
Re-enable debian-8-kubespray image for CI
```
  1772d122
- Re-enable debian-8-kubespray image for CI · 756ae926
  Matthew Mosesohn authored Dec 06, 2016
```
debian-8 image is missing memory cgroup, so it can't spawn pods.
```
  756ae926
- Merge pull request #678 from adidenko/update-calico-unit · 2c1db562
  Bogdan Dobrelya authored Dec 06, 2016
```
Update calico-node systemd unit
```
  2c1db562
- Merge pull request #641 from pcm32/feature/glusterfs-pr · d672cef2
  Antoine Legrand authored Dec 06, 2016
```
GlusterFS server separate nodes and client facilities for k8s nodes.
```
  d672cef2
- GlusterFS with external VMs, terraform/os included · 27e239c8
  Pablo Moreno authored Nov 11, 2016
  
  27e239c8
- Update calico-node systemd unit · f1d7af11
  Aleksandr Didenko authored Dec 05, 2016
```
New calicoctl does not support --detach=false option, so we should
use a recommended way to run calico-node service:
http://docs.projectcalico.org/v2.0/usage/configuration/as-service

Closes #674, #675
```
  f1d7af11
- Merge pull request #679 from kubernetes-incubator/kube-proxy-dbus · 59a097b2
  Bogdan Dobrelya authored Dec 06, 2016
```
Add dbus socket dir to kube-proxy
```
  59a097b2