- Nov 28, 2016
-
-
Bogdan Dobrelya authored
* Add an option to deploy K8s app to test e2e network connectivity and cluster DNS resolve via Kubedns for nethost/simple pods (defaults to false). * Parametrize existing k8s apps templates with kube_namespace and kube_config_dir instead of hardcode. * For CoreOS, ensure nameservers from inventory to be put in the first place to allow hostnet pods connectivity via short names or FQDN and hostnet agents to pass as well, if netchecker deployed. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
- Nov 23, 2016
-
-
Bogdan Dobrelya authored
Use cloud-init config to replace /etc/resolv.conf with the content for kubelet to properly configure hostnet pods. Do not use systemd-resolved yet, see https://coreos.com/os/docs/latest/configuring-dns.html "Only nss-aware applications can take advantage of the systemd-resolved cache. Notably, this means that statically linked Go programs and programs running within Docker/rkt will use /etc/resolv.conf only, and will not use the systemd-resolve cache." Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
Bogdan Dobrelya authored
W/o this patch, the "Download containers" task may be skipped when running on the delegate node due to wrong "when" confition. Then it fails to upload nginx image to the nodes as well. Fix download nginx dependency so it always can be pushed to nodes when download_run_once is enabled. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
- Nov 22, 2016
-
-
Aleksandr Didenko authored
When setting permission for containers download/upload dir we're using `ansible_ssh_user`. But if playbook is executed without user being explicitly set `ansible_ssh_user` may be undefined. In such situations dir ownership will default to `ansible_user_id` Closes: #644
-
Bogdan Dobrelya authored
According to http://kubernetes.io/docs/user-guide/images/ : By default, the kubelet will try to pull each image from the specified registry. However, if the imagePullPolicy property of the container is set to IfNotPresent or Never, then a local\ image is used (preferentially or exclusively, respectively). Use IfNotPresent value to allow images prepared by the download role dependencies to be effectively used by kubelet without pull errors resulting apps to stay blocked in PullBackOff/Error state even when there are images on the localhost exist. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
Bogdan Dobrelya authored
Pre download all required container images as roles' deps. Drop unused flannel-server-helper images pre download. Improve pods creation post-install test pre downloaded busybox. Improve logs collection script with kubectl describe, fix sudo/etcd/weave commands. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
- Nov 21, 2016
-
-
Paweł Skrzyński authored
-
Bogdan Dobrelya authored
Fix unreliable waiting for the apiserver to become ready. Remove logfile mount to align with the rest of static pods and because containers shall write logs to stdout only. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
- Nov 19, 2016
-
-
Dan Bode authored
in the etcd handler, the reload etcd action was called after ansible waits for etcd to be up, this means that the health checks which are called immediately after fail (resulting in the etcd role always failing and never finishing) This patch changes the order to move the 'wait for etcd up' resource after the 'reload etcd resource', ensuring that the service is up before the health check is called.
-
- Nov 18, 2016
-
-
Bogdan Dobrelya authored
* Add download_localhost for the download_run_once mode, which is use the ansible host (a travis node for CI case) to store and distribute containers across cluster nodes in inventory. Defaults to false. * Rework download_run_once logic to fix idempotency of uploading containers. * For Travis CI, enable docker images caching and run Travis workers with sudo enabled as a dependency * For Travis CI, deploy with download_localhost and download_run_once enabled to shourten dev path drastically. * Add compression for saved container images. Defaults to 'best'. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com> Co-authored-by: Aleksandr Didenko <adidenko@mirantis.com>
-
Sergey Vasilenko authored
This patch introduce `calico_network_backend` global variable, which allow to describe alternative network backend. Default behavior is unchanged.
-
Maciej Filipiak authored
-
Aleksandr Didenko authored
Add one more step (task) to containers download/upload sequence - copy saved .tar containers to ansible host (delegate_to: localhost). Then upload images to target nodes. It uses synchronize module so if ansible host (localhost) is the same host as kube-master[0] then new task causes no issues and the copy to localhost process is basically skipped.
-
- Nov 16, 2016
-
-
sneumann authored
Moved the variable setting to the apt-get install part where it matters as requested in the review.
-
- Nov 15, 2016
-
-
Aleksandr Didenko authored
- Move CNI configuration creation for Calico to appropriate network_plugin role from kubernetes/node. - Add support for MTU configuration in Calico.
-
sneumann authored
-
Bogdan Dobrelya authored
Add missing --require-kubeconfig to the if..else stanza. Make sure certs dirs mounted in RO. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
Smana authored
-
- Nov 14, 2016
-
-
Matthew Mosesohn authored
--api-servers now just reads kubeconfig --config is now --pod-manifest-path Fixes #542
-
Aleksandr Didenko authored
- Move CNI configuration from `kubernetes/node` role to `network_plugin/canal` - Create SSL dir for Canal and symlink etcd SSL files - Add needed options to `canal-config` configmap - Run flannel and calico-node containers with proper configuration
-
Aleksandr Didenko authored
Calico CNI binaries are also released/shipped in calico/cni container. This patch replaces download of calico CNI binaries with calico/cni container.
-
Matthew Mosesohn authored
-
Matthew Mosesohn authored
-
- Nov 10, 2016
-
-
Artem Panchenko authored
Since version 'v1.0.0-beta' calicoctl is written in Go and its API differs from old Python based utility. Added support of both old and new version of the utility.
-
Bogdan Dobrelya authored
- Drop debugs from collect-info playbook - Drop sudo from collect-info step and add target dir var (required for travis jobs) - Label all k8s apps, including static manifests - Add logs for K8s apps to be collected as well - Fix upload to GCS as a public-read tarball Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-
Aleksandr Didenko authored
'etcd_cert_dir' variable is missing from 'kubernetes-apps/ansible' role which breaks Calico policy controller deployment. Also fixing calico-policy-controller.yml.
-
Matthew Mosesohn authored
Also fixes kube-apiserver upgrade that was erroneously deleted in a previous commit.
-
- Nov 09, 2016
-
-
Matthew Mosesohn authored
-
Matthew Mosesohn authored
-
- Nov 08, 2016
-
-
Aleksandr Didenko authored
We need to specify kube resource type and name in order to avoid playbook errors related to k8s resource duplication.
-
Aleksandr Didenko authored
Container settings moved from deamonset yaml to a separate configmap.
-
Aleksandr Didenko authored
This patch provides support for Canal network plugin installation as a self-hosted app, see the following link for details: https://github.com/tigera/canal/tree/master/k8s-install
-
- Nov 07, 2016
-
-
Matthew Mosesohn authored
Squashed commits: [f9355ea1] Swap order in which we reload docker/socket [2ca6819c] Reload docker.socket after installing flannel on coreos Workaround for #569 [9f976e56] Vagrantfile: setup proxy inside virtual machines In corporate networks, it is good to pre-configure proxy variables. [9d7142f4] Vagrantfile: use Ubuntu 16.04 LTS Use recent supported version of Ubuntu for local development setup with Vagrant. [50f77cca] Add CI test layouts * Drop Wily from test matrix * Replace the Wily cases dropped with extra cases to test separate roles deployment Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com> [03e162b3] Update OWNERS [c7b00cae] Use tar+register instead of copy/slurp for distributing tokens and certs Related bug: https://github.com/ansible/ansible/issues/15405 Uses tar and register because synchronize module cannot sudo on the remote side correctly and copy is too slow. This patch dramatically cuts down the number of tasks to process for cert synchronization. [2778ac61] Add new var skip_dnsmasq_k8s If skip_dnsmasq is set, it will still not set up dnsmasq k8s pod. This enables independent setup of resolvconf section before kubelet is up.
-
- Nov 04, 2016
-
-
Spencer Smith authored
-
- Nov 01, 2016
-
-
Jan Jungnickel authored
-
Jan Jungnickel authored
Workaround for #569
-
- Oct 28, 2016
-
-
Matthew Mosesohn authored
-
- Oct 26, 2016
-
-
Matthew Mosesohn authored
If skip_dnsmasq is set, it will still not set up dnsmasq k8s pod. This enables independent setup of resolvconf section before kubelet is up.
-
Matthew Mosesohn authored
Related bug: https://github.com/ansible/ansible/issues/15405 Uses tar and register because synchronize module cannot sudo on the remote side correctly and copy is too slow. This patch dramatically cuts down the number of tasks to process for cert synchronization.
-
- Oct 24, 2016
-
-
Bogdan Dobrelya authored
* Don't push containers if not changed * Do preinstall role only once and redistribute defaults to corresponding roles Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
-