- Aug 30, 2017
-
-
Maxim Krasilnikov authored
* Added update CA trust step for etcd and kube/secrets roles * Added load_balancer_domain_name to certificate alt names if defined. Reset CA's in RedHat os. * Rename kube-cluster-ca.crt to vault-ca.crt, we need separated CA`s for vault, etcd and kube. * Vault role refactoring, remove optional cert vault auth because not not used and worked. Create separate CA`s fro vault and etcd. * Fixed different certificates set for vault cert_managment * Update doc/vault.md * Fixed condition create vault CA, wrong group * Fixed missing etcd_cert_path mount for rkt deployment type. Distribute vault roles for all vault hosts * Removed wrong when condition in create etcd role vault tasks.
-
Matthew Mosesohn authored
Fixes #1573
-
- Aug 29, 2017
-
-
Brad Beam authored
update calico version
-
Eric Hoffmann authored
update calico releases link
-
- Aug 28, 2017
-
-
Matthew Mosesohn authored
-
- Aug 25, 2017
-
-
Chad Swenson authored
* Updates Controller Manager/Kubelet with Flannel's required configuration for CNI * Removes old Flannel installation * Install CNI enabled Flannel DaemonSet/ConfigMap/CNI bins and config (with portmap plugin) on host * Uses RBAC if enabled * Fixed an issue that could occur if br_netfilter is not a module and net.bridge.bridge-nf-call-iptables sysctl was not set
-
- Aug 24, 2017
-
-
Brad Beam authored
-
Hassan Zamani authored
-
Brad Beam authored
Update Calico to 2.4.1 release.
-
Hans Kristian Flaatten authored
-
Yuki KIRII authored
-
Xavier Mehrenberger authored
-
Mohamed Mehany authored
* Added private key file to ssh bastion conf * Used regular if condition insted of inline conditional
-
Brad Beam authored
Enable scheduling of critical pods and network plugins on master
-
Matthew Mosesohn authored
Added toleration to DNS, netchecker, fluentd, canal, and calico policy. Also small fixes to make yamllint pass.
-
Brad Beam authored
* Adding yaml linter to ci check * Minor linting fixes from yamllint * Changing CI to install python pkgs from requirements.txt - adding in a secondary requirements.txt for tests - moving yamllint to tests requirements
-
- Aug 23, 2017
-
-
Ian Lewis authored
If Kubernetes > 1.6 register standalone master nodes w/ a node-role.kubernetes.io/master=:NoSchedule taint to allow for more flexible scheduling rather than just marking unschedulable.
-
riverzhang authored
-
Brad Beam authored
Prior this would fail because we didnt set max ttl for vault temp
-
- Aug 21, 2017
-
-
Erik Stidham authored
- Switched Calico images to be pulled from quay.io - Updated Canal too
-
Bogdan Dobrelya authored
Add node to docs about kubelet deployment type changes
-
Matthew Mosesohn authored
-
Matthew Mosesohn authored
Change kubelet deploy mode to host Enable cri and qos per cgroup for kubelet Update CoreOS images Add upgrade hook for switching from kubelet deployment from docker to host. Bump machine type for ubuntu-rkt-sep
-
Bogdan Dobrelya authored
[WIP] Support pbr builds and prepare for RPM packaging as the ansible-kubespray artifact
-
- Aug 20, 2017
-
-
Vijay Katam authored
-
Vijay Katam authored
-
Kevin Lefevre authored
-
Anton authored
-
Abdelsalam Abbas authored
-
Miad Abrin authored
* Fix Typo etc3 -> etcd3 * Fix typo in post-upgrade of master. stop -> start
-
Maxim Krasilnikov authored
* Added custom ips to etcd vault distributed certificates * Added custom ips to kube-master vault distributed certificates * Added comment about issue_cert_copy_ca var in vault/issue_cert role file * Generate kube-proxy, controller-manager and scheduler certificates by vault * Revert "Disable vault from CI (#1546)" This reverts commit 781f31d2. * Fixed upgrade cluster with vault cert manager * Remove vault dir in reset playbook
-
- Aug 18, 2017
-
-
Antoine Legrand authored
add possibility to ignore the hostname override
-
Xavier Lange authored
-
Bogdan Dobrelya authored
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
-
Matthew Mosesohn authored
* Bump tag for upgrade CI, fix netchecker upgrade netchecker-server was changed from pod to deployment, so we need an upgrade hook for it. CI now uses v2.1.1 as a basis for upgrade. * Fix upgrades for certs from non-rbac to rbac
-
Jan Jungnickel authored
This aligns calico component versions with Calico release 2.1.5 and fixes an issue with nodes being unable to schedule existing workloads as per [#349](https://github.com/projectcalico/cni-plugin/issues/349)
-
Bogdan Dobrelya authored
Signed-off-by: Bogdan Dobrelya <bogdando@mail.ru>
-
Matthew Mosesohn authored
This does not address per-node certs and scheduler/proxy/controller-manager component certs which are now required. This should be handled in a follow-up patch.
-