- Sep 16, 2017
-
-
Matthew Mosesohn authored
* Enable HA deploy of kubeadm * raise delay to 60s for starting gce hosts
-
- Sep 15, 2017
-
-
Matthew Mosesohn authored
* fix apply for netchecker upgrade and graceful upgrade * Speed up daemonset upgrades. Make check wait for ds upgrades.
-
Matthew Mosesohn authored
Also update to ansible 2.3.2
-
Brad Beam authored
Fixing condition where vault CA already exists
-
- Sep 14, 2017
- Sep 13, 2017
-
-
Matthew Mosesohn authored
* kubeadm support * move k8s master to a subtask * disable k8s secrets when using kubeadm * fix etcd cert serial var * move simple auth users to master role * make a kubeadm-specific env file for kubelet * add non-ha CI job * change ci boolean vars to json format * fixup * Update create-gce.yml * Update create-gce.yml * Update create-gce.yml
-
Brad Beam authored
-
- Sep 12, 2017
- Sep 11, 2017
-
-
Matthew Mosesohn authored
-
- Sep 09, 2017
-
-
Seungkyu Ahn authored
-
Matthew Mosesohn authored
-
Matthew Mosesohn authored
-
Matthew Mosesohn authored
-
Matthew Mosesohn authored
* Fix netchecker update side effect kubectl apply should only be used on resources created with kubectl apply. To workaround this, we should apply the old manifest before upgrading it. * Update 030_check-network.yml
-
Matthew Mosesohn authored
* Add kube dashboard, enabled by default Also add rbac role for kube user * Update main.yml
-
Matthew Mosesohn authored
* Refactor downloads Add prefixes to tasks (file vs container) Remove some delegates Clean up some conditions * Update ansible.cfg
-
- Sep 08, 2017
-
-
Brad Beam authored
-
Brad Beam authored
-
Matthew Mosesohn authored
* Clean up debug in check apiserver test * Change password generation for kube_user Special characters are not allowed in known_users.csv file
-
Matthew Mosesohn authored
-
Matthew Mosesohn authored
* Revert "Add option for fact cache expiry (#1602)" This reverts commit fb30f659.
-
- Sep 07, 2017
-
-
Maxim Krasilnikov authored
Store vault users passwords to credentials dir. Create vault and etcd roles after start vault cluster (#1632)
-
Yorgos Saslis authored
* Add option for fact cache expiry By adding the `fact_caching_timeout` we avoid having really stale/invalid data ending up in there. Leaving commented out by default, for backwards compatibility, but nice to have there. * Enabled cache-expiry by default Set to 2 hours and modified comment to reflect change
-
Tennis Smith authored
* Add comment line and documentation for bastion host usage * Take out unneeded sudo parm * Remove blank lines * revert changes * take out disabling of strict host checking
-
- Sep 06, 2017
-
-
Matthew Mosesohn authored
Removed unnecessary root user
-
Chad Swenson authored
This sets br_netfilter and net.bridge.bridge-nf-call-iptables sysctl from a single play before kube-proxy is first ran instead of from the flannel and weave network_plugin roles after kube-proxy is started
-
Sam Powers authored
the uploads.yml playbook was broken with checksum mismatch errors in various kubespray commits, for example, 3bfad5ca which updated the version from 3.0.6 to 3.0.17 without updating the corresponding checksums.
-
Oliver Moser authored
-
Maxim Krasilnikov authored
-
Chad Swenson authored
Due to various occasional docker bugs, removing a container will sometimes fail. This can often be mitigated by trying again.
-
Matthieu authored
* Fix an error with Canal when RBAC are disabled * Update using same rbac strategy used elsewhere
-
Brad Beam authored
This allows the node authorization plugin to function correctly
-
Matthew Mosesohn authored
Disable checks for existing resources to speed up execution.
-
- Sep 05, 2017
-
-
Brad Beam authored
Vault role updates
-
Tennis Smith authored
* Point apiserver address to 0.0.0.0 Added loadbalancer api server address * Update documentation
-
mkrasilnikov authored
-
Yorgos Saslis authored
This trigger ensures the inventory file is kept up-to-date. Otherwise, if the file exists and you've made changes to your terraform-managed infra without having deleted the file, it would never get updated. For example, consider the case where you've destroyed and re-applied the terraform resources, none of the IPs would get updated, so ansible would be trying to connect to the old ones.
-