Skip to content
  1. Oct 05, 2016
  2. Sep 29, 2016
  3. Sep 27, 2016
    • Bogdan Dobrelya's avatar
      Allow subdomains of dns_domain and fix kubelet restarts · 5fd43b7c
      Bogdan Dobrelya authored
      
      
      * Add a var for ndots (default 5) and put it hosts' /etc/resolv.conf.
      * Poke kube dns container image to v1.7
      * In order to apply changes to kubelet, notify it to
      be restarted on changes made to /etc/resolv.conf. Ignore errors as the kubelet
      may yet to be present up to the moment of the notification being processed.
      * Remove unnecessary kubelet restart for master role as the node role ensures
      it is up and running. Notify master static pods waiters for apiserver,
      scheduler, controller-manager instead.
      
      Signed-off-by: default avatarBogdan Dobrelya <bdobrelia@mirantis.com>
      5fd43b7c
  4. Sep 23, 2016
    • Bogdan Dobrelya's avatar
      Make dnsmasq daemon set optional · 82ee60fe
      Bogdan Dobrelya authored
      
      
      Change additional dnsmasq opts:
      - Adjust caching size and TTL
      - Disable resolve conf to not create loops
      - Change dnsPolicy to default (similarly to kubedns's dnsmasq). The
        ClusterFirst should not be used to not create loops
      - Disable negative NXDOMAIN replies to be cached
      - Make its very installation as optional step (enabled by default).
        If you don't want more than 3 DNS servers, including 1 for K8s, disable
        it.
      - Add docs and a drawing to clarify DNS setup.
      - Fix stdout logs for dnsmasq/kubedns app configs
      - Add missed notifies to resolvconf -u handler
      - Fix idempotency of resolvconf head file changes
      
      Signed-off-by: default avatarBogdan Dobrelya <bdobrelia@mirantis.com>
      82ee60fe
  5. Sep 18, 2016
  6. Sep 15, 2016
  7. Sep 14, 2016
  8. Sep 13, 2016
  9. Aug 29, 2016
  10. Aug 26, 2016
  11. Aug 25, 2016
  12. Aug 24, 2016
  13. Aug 23, 2016
  14. Aug 22, 2016
  15. Aug 18, 2016
  16. Aug 15, 2016
  17. Aug 08, 2016
  18. Aug 02, 2016
    • Matthew Mosesohn's avatar
      Wait for static pods when setting up · e3825838
      Matthew Mosesohn authored
      Fixes #390
      e3825838
    • Matthew Mosesohn's avatar
      Move docker systemd unit creation to docker role · e8a1c7a5
      Matthew Mosesohn authored
      Creating the unit using default settings early on
      and then changing it during network_plugin section
      leads to too many docker restarts and duplicated code.
      
      Reversed Wants= dependence on docker.service so it does not
      restart docker when reloading systemd
      
      Consolidated all docker restart handlers.
      e8a1c7a5
    • Bogdan Dobrelya's avatar
      Rework systemd service units · 2af71f31
      Bogdan Dobrelya authored
      
      
      * Add for docker system units:
          ExecReload=/bin/kill -s HUP $MAINPID
          Delegate=yes
          KillMode=process.
      * Add missed DOCKER_OPTIONS for calico/weave docker systemd unit.
      * Change Requires= to a less strict and non-faily Wants=, add missing
        Wants= for After=.
      * Align wants/after in a wat if Wants=foo, After= has foo as well.
      * Make wants/after docker.service to ask for the docker.socket as well.
      * Move "docker rm -f" commands from ExecStartPre= to ExecStopPost=.
        hooks to ensure non-destructive start attempts issued by Wants=.
      
      Signed-off-by: default avatarBogdan Dobrelya <bdobrelia@mirantis.com>
      2af71f31
  19. Jul 29, 2016
  20. Jul 26, 2016
    • Matthew Mosesohn's avatar
      Fix etcd standalone deployment · 1b1f5f22
      Matthew Mosesohn authored
      etcd facts are generated in kubernetes/preinstall, so etcd nodes need
      to be evaluated first before the rest of the deployment.
      
      Moved several directory facts from kubernetes/node to
      kubernetes/preinstall because they are not backward dependent.
      1b1f5f22
  21. Jul 25, 2016
    • Bogdan Dobrelya's avatar
      Add HA/LB endpoints for kube-apiserver · 731d32af
      Bogdan Dobrelya authored
      
      
      * Add HA docs for API server.
      * Add auto-evaluated internal endpoints and clarify the loadbalancer_apiserver
      vars and usecases.
      * Use facts for kube_apiserver to not repeat code and enable LB endpoints use.
      * Use /healthz check for the wait-for apiserver.
      * Use the single endpoint for kubelet instead of the list of apiservers
      * Specify kube_apiserver_count to for HA layout
      
      Signed-off-by: default avatarBogdan Dobrelya <bdobrelia@mirantis.com>
      731d32af
    • Matthew Mosesohn's avatar
      Copy kubectl from docker container · b4688701
      Matthew Mosesohn authored
      Nearly the last stage of source all components to containers.
      Kubectl will be called from hyperkube image.
      
      Remaining tasks:
       * Move kube_version variable to kubernetes/preinstall
       * Drop placeholder download.nothing requirement
      b4688701
  22. Jul 22, 2016
  23. Jul 21, 2016
    • Bogdan Dobrelya's avatar
      Add HA/LB endpoints for kube-apiserver · a70c3b66
      Bogdan Dobrelya authored
      
      
      * Add auto-evaluated internal endpoints and clarify the loadbalancer_apiserver
      vars and usecases.
      * Add loadbalancer_apiserver_localhost (default false). If enabled, override
      the external LB and expect localhost:443/8080 to be new internal only frontends.
      * Add kube_apiserver_multiaccess to ignore loadbalancers, and make clients
      to access the apiservers as a comma-separated list of access_ip/ip/ansible ip
      (a default mode). When disabled, allow clients to use the given loadbalancers.
      * Define connections security mode for kube controllers, schedulers, proxies.
      It is insecure be default, which is the current deployment choice.
      * Rework the groups['kube-master'][0] hardcode defining the apiserver
      endpoints.
      * Improve grouping of vars and add facts for kube_apiserver.
      * Define kube_apiserver_insecure_bind_address as a fact, add more
      facts for ease of use.
      
      Signed-off-by: default avatarBogdan Dobrelya <bdobrelia@mirantis.com>
      a70c3b66
  24. Jul 20, 2016
  25. Jul 19, 2016
    • Bogdan Dobrelya's avatar
      Add etcd proxy support · 32cd6e99
      Bogdan Dobrelya authored
      
      
      * Enforce a etcd-proxy role to a k8s-cluster group members. This
      provides an HA layout for all of the k8s cluster internal clients.
      * Proxies to be run on each node in the group as a separate etcd
      instances with a readwrite proxy mode and listen the given endpoint,
      which is either the access_ip:2379 or the localhost:2379.
      * A notion for the 'kube_etcd_multiaccess' is: ignore endpoints and
      loadbalancers and use the etcd members IPs as a comma-separated
      list. Otherwise, clients shall use the local endpoint provided by a
      etcd-proxy instances on each etcd node. A Netwroking plugins always
      use that access mode.
      * Fix apiserver's etcd servers args to use the etcd_access_endpoint.
      * Fix networking plugins flannel/calico to use the etcd_endpoint.
      * Fix name env var for non masters to be set as well.
      * Fix etcd_client_url was not used anywhere and other etcd_* facts
      evaluation was duplicated in a few places.
      * Define proxy modes only in the env file, if not a master. Del
      an automatic proxy mode decisions for etcd nodes in init/unit scripts.
      * Use Wants= instead of Requires= as "This is the recommended way to
      hook start-up of one unit to the start-up of another unit"
      * Make apiserver/calico Wants= etcd-proxy to keep it always up
      
      Signed-off-by: default avatarBogdan Dobrelya <bdobrelia@mirantis.com>
      Co-authored-by: default avatarMatthew Mosesohn <mmosesohn@mirantis.com>
      32cd6e99
  26. Jul 14, 2016
  27. Jul 12, 2016
  28. Jul 08, 2016
Loading