- Feb 25, 2019
-
-
Matthew Mosesohn authored
-
Matthew Mosesohn authored
-
Kaoet authored
The lastest version of ubuntu-nvidia-driver-installer contains a fix for https://github.com/GoogleCloudPlatform/container-engine-accelerators/issues/90 which causes the installer pod to crash when driver is already loaded.
-
- Feb 21, 2019
-
-
Frank Ritchie authored
This was already approved in #4106 but there are CI issues with that PR due to references to kubernetes incubator. After upgrading to Kubespray 2.8.1 with Kubeadm enabled Rook Ceph volume provision failed due to the flexvolume plugin dir not being correct. Adding the var fixed the issue
-
- Feb 20, 2019
-
-
Christian Berendt authored
-
Peter Metz authored
Useful if the default 20GB is not enough in cases where you are using the local path provisioner of rancher for example
-
Peter Metz authored
-
Maxime Guyot authored
-
Abdulaziz AlMalki authored
-
Seungkyu Ahn authored
because of etc-kubernetes-manifests not empty.
-
Rong Zhang authored
Add update server field in kube-proxy kubeconfig
-
- Feb 19, 2019
-
-
Manuel Cintron authored
* Adding ability to maintain existing Encryption Secrets at Rest. If secrets_encryption.yaml is present it will not be overriten with a new kube_encrypt_token. This should allow for it to be set ahead of a playbook running or maintain it if cluster.yml is ran on the same cluster and the ansible host does not have access to the secrets. * Setting existing kube_encrypt_token across all master nodes in case it was missing in one or more nodes.
-
Florent Monbillard authored
-
- Feb 18, 2019
-
-
Roy Lenferink authored
-
Ted Wexler authored
-
Kaoet authored
-
- Feb 14, 2019
-
-
Chad Swenson authored
For some reason 18.09 packages are now prefixed with `5:` in the download.docker.com apt repos Followup to #4236
-
Ryler Hockenbury authored
-
Maxime Guyot authored
-
Kaoet authored
-
hikoz authored
-
Chad Swenson authored
This fixes an issue where the `nodename` in calico's cni config json can fall out of sync with the k8s node name used by the calico pod if `kube_override_hostname` is set
-
- Feb 13, 2019
-
-
Florent Monbillard authored
Currently, the task `container_download | download images for kubeadm config images` fetches etcd image even though it's not required (etcd is bootstrapped by kubespray, not kubeadm). `kubeadm-images.yaml` is only a subset of `kubeadm-config.yaml`, therefore ``kubeadm config images pull` will try to get all this list (including etcd) ``` # kubeadm config images list --config /etc/kubernetes/kubeadm-images.yaml k8s.gcr.io/kube-apiserver:v1.13.2 k8s.gcr.io/kube-controller-manager:v1.13.2 k8s.gcr.io/kube-scheduler:v1.13.2 k8s.gcr.io/kube-proxy:v1.13.2 k8s.gcr.io/pause:3.1 k8s.gcr.io/etcd:3.2.24 k8s.gcr.io/coredns:1.2.6 ``` When using the `kubeadm-config.yaml` though, it doesn't list etcd image: ``` # kubeadm config images list --config /etc/kubernetes/kubeadm-config.yaml k8s.gcr.io/kube-apiserver:v1.13.2 k8s.gcr.io/kube-controller-manager:v1.13.2 k8s.gcr.io/kube-scheduler:v1.13.2 k8s.gcr.io/kube-proxy:v1.13.2 k8s.gcr.io/pause:3.1 k8s.gcr.io/coredns:1.2.6 ``` This change just adds the etcd endpoints in the `kubeadm-images.yaml` to give a hint to kubeadm it doesn't need etcd image for its boostrapping as etcd is "external". I confess it is a ugly hack, a better way would be to use a single `kubeadm-config.yaml` for both tasks, but they are triggered by different roles (`kubeadm-images.yaml` is used by download, `kubeadm-config.yaml` by kubernetes/master) at different steps and I didn't want to refactor too many things to prevent breakage. This is specially useful for offline installation where a whitelist of container images is mirrored on a local private container registry. `k8s.gcr.io/etcd` and `quay.io/coreos/etcd` are two different repositories hosting the same images but using *different tags*! * coreos/etcd:v3.2.24 * k8s.gcr.io/etcd:3.2.24 (note the missing 'v' in the tag name)
-
Chad Swenson authored
This updates docker 18.06 and 18.09 with the two patches released yesterday to address the new runc exploit. Details here: https://kubernetes.io/blog/2019/02/11/runc-and-cve-2019-5736/
-
Manuel Cintron authored
Omit does not work in the context of yum_repository proxy. The ansible documentation specifies to use _none_ to disable the global proxy setting. (#4225)
-
Sorin Sbarnea authored
Fix issue where `kubeadm join` could wait forever for joining. Fix issue where `kubeadm join` were not reaching the user, making impossible to find the cause of the failure. New behaviour is to first attempt to join without bypassing the verifications checks and to display them if needed. If this fails it still attempts to join by ignoring the check in order to make previous behavior. A timeout of 60 seconds is allocated for a joining. Related-bug: #3973
-
- Feb 12, 2019
-
-
Robert Neumann authored
-
Maxime Guyot authored
-
hikoz authored
-
Sergey authored
check kube_pods_subnet and kube_service_addresses to valid ip network range, not single ip address (#4188)
-
Maxime Guyot authored
-
MarkusTeufelberger authored
* bootstrap: rework role * support being called from a non-root user * run some commands in check mode * unify spelling/task names * bootstrap: fix wording of comments for check_mode: false * bootstrap: remove setup-pipelining task
-
Chad Swenson authored
kubespray: fix missing ca-certificate path in apiserver
-
Manuel Cintron authored
If a centos or rhel node is not configured with the extras repo installation of required packages (python-httplib2 in particular) will fail later on. (#4213)
-
- Feb 11, 2019
-
-
Jeff Bornemann authored
* OCI subnet AD 2 is not required for CCM >= 0.7.0 Reorganize OCI provider to generate configuration, rather than pull Add pull secret option to OCI cloud provider * Updated oci example to document new parameters
-
tikitavi authored
* fix error with delete host in inventory.py script * minor fix
-
Karl authored
-
- Feb 09, 2019
-
-
Maxime Guyot authored
-
- Feb 08, 2019
-
-
Earl C. Ruby III authored
The inventory/mycluster directory gets created when someone follows the instructions in README.md, but it should never be committed to the kubespray repo. Ignore it.
-
- Feb 07, 2019
-
-
Maxime Guyot authored
-