- Oct 05, 2016
-
-
Matthew Mosesohn authored
Also adds all masters by hostname and localhost/127.0.0.1 to apiserver SSL certificate. Includes documentation update on how localhost loadbalancer works.
-
- Sep 29, 2016
-
-
Matthew Mosesohn authored
-
- Sep 27, 2016
-
-
Bogdan Dobrelya authored
* Add a var for ndots (default 5) and put it hosts' /etc/resolv.conf. * Poke kube dns container image to v1.7 * In order to apply changes to kubelet, notify it to be restarted on changes made to /etc/resolv.conf. Ignore errors as the kubelet may yet to be present up to the moment of the notification being processed. * Remove unnecessary kubelet restart for master role as the node role ensures it is up and running. Notify master static pods waiters for apiserver, scheduler, controller-manager instead. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
- Sep 23, 2016
-
-
Bogdan Dobrelya authored
Change additional dnsmasq opts: - Adjust caching size and TTL - Disable resolve conf to not create loops - Change dnsPolicy to default (similarly to kubedns's dnsmasq). The ClusterFirst should not be used to not create loops - Disable negative NXDOMAIN replies to be cached - Make its very installation as optional step (enabled by default). If you don't want more than 3 DNS servers, including 1 for K8s, disable it. - Add docs and a drawing to clarify DNS setup. - Fix stdout logs for dnsmasq/kubedns app configs - Add missed notifies to resolvconf -u handler - Fix idempotency of resolvconf head file changes Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
- Sep 18, 2016
-
-
Matthew Mosesohn authored
-
- Sep 15, 2016
-
-
Bogdan Dobrelya authored
* Add the retry_stagger var to tweak push and retry time strategies. * Add large deployments related docs. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
Bogdan Dobrelya authored
Move version/repo vars to download role. Add container to download params, which overrides url/source_url, if enabled. Fix networking plugins download depending on kube_network_plugin. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
- Sep 14, 2016
-
-
Łukasz Oleś authored
It's required for port forwarding.
-
Matthew Mosesohn authored
-
- Sep 13, 2016
-
-
Bogdan Dobrelya authored
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
Bogdan Dobrelya authored
Closes issue: https://github.com/kubespray/kargo/issues/479 Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
- Aug 29, 2016
-
-
Matthew Mosesohn authored
This is no longer recommended for use since K8s 1.2: http://kubernetes.io/docs/admin/admission-controllers/#is-there-a-recommended-set-of-plug-ins-to-use
-
- Aug 26, 2016
-
-
Spencer Smith authored
-
- Aug 25, 2016
-
-
Bogdan Dobrelya authored
Shorten deployment time with: - Remove redundand roles if duplicated by a dependency and vice versa - When a member of k8s-cluster, always install docker as a dependency of the etcd role and drop the docker role from cluster.yaml. - Drop etcd and node role dependencies from master role as they are covered by the node role in k8s-cluster group as well. Copy defaults for master from node role. - Decouple master, node, secrets roles handlers and vars to be used w/o cross references. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
Bogdan Dobrelya authored
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
- Aug 24, 2016
-
-
Spencer Smith authored
-
- Aug 23, 2016
-
-
Spencer Smith authored
-
Bogdan Dobrelya authored
Cleanup collected artifacts, drop unrelated files/commands. Always install gitinfos script to binaries for external use. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
Bogdan Dobrelya authored
Fix the error gen-gitinfos.sh: 57: [: foo: unexpected operator Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
- Aug 22, 2016
-
-
Spencer Smith authored
-
- Aug 18, 2016
-
-
Matthew Mosesohn authored
Fixes #409
-
- Aug 15, 2016
-
-
Matthew Mosesohn authored
Fixes Ubuntu 14.04 deployment of etcd.
-
- Aug 08, 2016
-
-
Matthew Mosesohn authored
New variable disable_ipv6_dns in kubernetes/preinstall.
-
- Aug 02, 2016
-
-
Matthew Mosesohn authored
Fixes #390
-
Matthew Mosesohn authored
Creating the unit using default settings early on and then changing it during network_plugin section leads to too many docker restarts and duplicated code. Reversed Wants= dependence on docker.service so it does not restart docker when reloading systemd Consolidated all docker restart handlers.
-
Bogdan Dobrelya authored
* Add for docker system units: ExecReload=/bin/kill -s HUP $MAINPID Delegate=yes KillMode=process. * Add missed DOCKER_OPTIONS for calico/weave docker systemd unit. * Change Requires= to a less strict and non-faily Wants=, add missing Wants= for After=. * Align wants/after in a wat if Wants=foo, After= has foo as well. * Make wants/after docker.service to ask for the docker.socket as well. * Move "docker rm -f" commands from ExecStartPre= to ExecStopPost=. hooks to ensure non-destructive start attempts issued by Wants=. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
- Jul 29, 2016
-
-
Matthew Mosesohn authored
Changed Wants=docker.service to docker.socket Renamed handlers for reloading systemd to contain role in task name.
-
- Jul 26, 2016
-
-
Matthew Mosesohn authored
etcd facts are generated in kubernetes/preinstall, so etcd nodes need to be evaluated first before the rest of the deployment. Moved several directory facts from kubernetes/node to kubernetes/preinstall because they are not backward dependent.
-
- Jul 25, 2016
-
-
Bogdan Dobrelya authored
* Add HA docs for API server. * Add auto-evaluated internal endpoints and clarify the loadbalancer_apiserver vars and usecases. * Use facts for kube_apiserver to not repeat code and enable LB endpoints use. * Use /healthz check for the wait-for apiserver. * Use the single endpoint for kubelet instead of the list of apiservers * Specify kube_apiserver_count to for HA layout Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
Matthew Mosesohn authored
Nearly the last stage of source all components to containers. Kubectl will be called from hyperkube image. Remaining tasks: * Move kube_version variable to kubernetes/preinstall * Drop placeholder download.nothing requirement
-
- Jul 22, 2016
-
-
Matthew Mosesohn authored
kubelet via docker kube-apiserver as a static pod Fixed etcd service start to be more tolerant of slow start. Workaround for kube_version to stay in download role, but not download an files by creating a new "nothing" download entry.
-
Matthew Mosesohn authored
This reverts commit a70c3b66.
-
- Jul 21, 2016
-
-
Bogdan Dobrelya authored
* Add auto-evaluated internal endpoints and clarify the loadbalancer_apiserver vars and usecases. * Add loadbalancer_apiserver_localhost (default false). If enabled, override the external LB and expect localhost:443/8080 to be new internal only frontends. * Add kube_apiserver_multiaccess to ignore loadbalancers, and make clients to access the apiservers as a comma-separated list of access_ip/ip/ansible ip (a default mode). When disabled, allow clients to use the given loadbalancers. * Define connections security mode for kube controllers, schedulers, proxies. It is insecure be default, which is the current deployment choice. * Rework the groups['kube-master'][0] hardcode defining the apiserver endpoints. * Improve grouping of vars and add facts for kube_apiserver. * Define kube_apiserver_insecure_bind_address as a fact, add more facts for ease of use. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
- Jul 20, 2016
-
-
Bogdan Dobrelya authored
Move set_facts to the preinstall scope, so every role may see it. For example, network plugins to see the etcd_endpoint. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
Matthew Mosesohn authored
Allow configuration of a custom /etc/resolv.conf for kubelet.
-
- Jul 19, 2016
-
-
Bogdan Dobrelya authored
* Enforce a etcd-proxy role to a k8s-cluster group members. This provides an HA layout for all of the k8s cluster internal clients. * Proxies to be run on each node in the group as a separate etcd instances with a readwrite proxy mode and listen the given endpoint, which is either the access_ip:2379 or the localhost:2379. * A notion for the 'kube_etcd_multiaccess' is: ignore endpoints and loadbalancers and use the etcd members IPs as a comma-separated list. Otherwise, clients shall use the local endpoint provided by a etcd-proxy instances on each etcd node. A Netwroking plugins always use that access mode. * Fix apiserver's etcd servers args to use the etcd_access_endpoint. * Fix networking plugins flannel/calico to use the etcd_endpoint. * Fix name env var for non masters to be set as well. * Fix etcd_client_url was not used anywhere and other etcd_* facts evaluation was duplicated in a few places. * Define proxy modes only in the env file, if not a master. Del an automatic proxy mode decisions for etcd nodes in init/unit scripts. * Use Wants= instead of Requires= as "This is the recommended way to hook start-up of one unit to the start-up of another unit" * Make apiserver/calico Wants= etcd-proxy to keep it always up Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com> Co-authored-by: Matthew Mosesohn <mmosesohn@mirantis.com>
-
- Jul 14, 2016
-
-
Smana authored
-
- Jul 12, 2016
-
-
Smana authored
-
- Jul 08, 2016
-
-
Spencer Smith authored
-