Commits · c685dc493fe6fec529fc5915a827615752c4d3c4 · Mirror / Kubespray

Jun 28, 2018
- allow for setting the cacert on openstack cloud provider · c685dc49
  southquist authored Feb 14, 2018
  
  c685dc49
Jun 22, 2018
- update test-pr2 (#2911) · 6c2f169e
  Yumo Yang authored Jun 22, 2018
  
  6c2f169e
Jun 21, 2018
- Add manage swap on the worker node · 3232e274
  rongzhang authored Jun 21, 2018
  
  3232e274
Jun 18, 2018
- Improve variable handling for disabling etcd events cluster · 61e97251
  Matthew Mosesohn authored Jun 18, 2018
  
  61e97251
Jun 12, 2018
- Reconfigure kube-proxy to access kube-apiserver via the LB(kubeadm) · 20bd6569
  rongzhang authored Jun 12, 2018
  
  20bd6569
Jun 07, 2018
- Fix nginx-proxy HA when kubeadm enable · f9ccb938
  rongzhang authored Jun 07, 2018
  
  f9ccb938
Jun 06, 2018
- Revert "wip pr for improved cert sync" (#2849) · 59be5788
  Matthew Mosesohn authored Jun 06, 2018
  
  59be5788
Jun 04, 2018
- kubernetes/client: kubeconfig template should use the access_ip for the chosen master node · 2f5a9e18
  Ben Meier authored May 31, 2018
  
  2f5a9e18
- Fix compare AnsibleUnsafeText with int (#2828) · f912a4ec
  Dmitry authored Jun 04, 2018
  
  f912a4ec
- Add label to kubelet env for kubeadm deploy cluster (#2841) · d1e66f9c
  Rong Zhang authored Jun 04, 2018
  
  d1e66f9c
May 30, 2018
- wip pr for improved cert sync · 7433348a
  Matthew Mosesohn authored May 30, 2018
  
  7433348a
May 27, 2018
- Fix enough network address space assert · 38f7ba25
  Oleg Ozimok authored May 27, 2018
  
  38f7ba25
May 22, 2018
- fixed a check unknown networks (cilium & contiv) · b3f9cae8
  dvazar authored May 22, 2018
  
  b3f9cae8
May 18, 2018
- Fixes #2800 · 4b8daa22
  dvazar authored May 19, 2018
  
  4b8daa22
May 16, 2018

assert that number of pods on node does not exceed CIDR address range · c1bc4615

Christopher J. Ruwe authored May 15, 2018

The number of pods on a given node is determined by the  --max-pods=k
directive. When the address space is exhausted, no more pods can be
scheduled even if from the --max-pods-perspective, the node still has
capacity.

The special case that a pod is scheduled and uses the node IP in the
host network namespace is too "soft" to derive a guarantee.

Comparing kubelet_max_pods with kube_network_node_prefix when given
allows to assert that pod limits match the CIDR address space.

c1bc4615

May 15, 2018
- Upgrade k8s to 1.10.2 (#2748) · 7c93e718
  Matthew Mosesohn authored May 15, 2018
```
* Upgrade k8s to 1.10.2

Bumped etcd version to 3.2.16 as recommended

* Add ipvs fix for v1.10

* change flannel addons test to ha
```
  7c93e718
- make certificates non-executable · 73800ef1
  Christopher J. Ruwe authored May 15, 2018
  
  73800ef1
May 14, 2018
- make admin.conf -> .kube/config non-executable · 49d106f6
  Christopher J. Ruwe authored May 14, 2018
```
Almost certainly, the .kube/config file (YAML) should not be executable.
```
  49d106f6
- Restart scheduler when policy changes · ad48606e
  Miouge1 authored May 14, 2018
  
  ad48606e
May 11, 2018

refactor vault role (#2733) · 07cc9819

Matthew Mosesohn authored May 11, 2018

* Move front-proxy-client certs back to kube mount

We want the same CA for all k8s certs

* Refactor vault to use a third party module

The module adds idempotency and reduces some of the repetitive
logic in the vault role

Requires ansible-modules-hashivault on ansible node and hvac
on the vault hosts themselves

Add upgrade test scenario
Remove bootstrap-os tags from tasks

* fix upgrade issues

* improve unseal logic

* specify ca and fix etcd check

* Fix initialization check

bump machine size

07cc9819

May 08, 2018
- Add vm_name option to vsphere cloud provider config · 51a9379d
  Ryo Nishikawa authored May 08, 2018
  
  51a9379d
- opensuse: Fix OpenSSL package name · 066016cd
  Michal Rostecki authored May 08, 2018
```
OpenSSL 1.1 package in openSUSE Tumbleweed is named openssl-1_1,
not openssl-1_1_0.
```
  066016cd
May 03, 2018
- Update kube-scheduler policy · 70e0998a
  Miouge1 authored May 03, 2018
  
  70e0998a
May 01, 2018
- Add Openstack tenant name · 00db7516
  Maxime Gaillard authored Apr 04, 2018
  
  00db7516
Apr 30, 2018
- ISSUE-2706: Provide consistent usage of supplementary_addresses_in_ssl_keys... · 59789ae0
  Tomasz Majchrowski authored Apr 30, 2018
```
ISSUE-2706: Provide consistent usage of supplementary_addresses_in_ssl_keys across vault and script mode (#2707)
```
  59789ae0
Apr 29, 2018
- labelvalue must be formatted to handle non string values (#2722) · 06cdb260
  mirwan authored Apr 29, 2018
  
  06cdb260
Apr 27, 2018

sysctl file should be in defaults so that it can be overriden (#2475) · c3c5817a

mirwan authored Apr 27, 2018

* sysctl file should be in defaults so that it can be overriden

* Change sysctl_file_path to be consistent with roles/kubernetes/preinstall/defaults/main.yml

c3c5817a

Apr 26, 2018
- Revert "Revert "Add openSUSE support" (#2697)" (#2699) · 9168c713
  Markos Chandras authored Apr 26, 2018
```
This reverts commit 51f4e658.
```
  9168c713
Apr 24, 2018
- Fix vol format for local volume provisioner in rkt (#2698) · 1a14f1ec
  Matthew Mosesohn authored Apr 24, 2018
  
  1a14f1ec
Apr 23, 2018
- Revert "Add openSUSE support" (#2697) · 51f4e658
  Matthew Mosesohn authored Apr 23, 2018
  
  51f4e658
- Add oidc-user-prefix and oidc-group-prefix args · f81e6d2c
  Suzuka Asagiri authored Apr 23, 2018
  
  f81e6d2c
Apr 22, 2018
- sync certs tasks (fix #2596 #2667) · 80dd230a
  Romain DEQUIDT authored Apr 18, 2018
  
  80dd230a
Apr 19, 2018
- run_once pre_upgrade tasks which are executing in localhost · 75950344
  Paul Montero authored Apr 19, 2018
  
  75950344
Apr 12, 2018
- Mount local volume provisioner dirs for containerized kubelet (#2648) · f73717ea
  Matthew Mosesohn authored Apr 12, 2018
  
  f73717ea
- Use dedicated front-proxy-ca for front-proxy-client · d87b6fd9
  Chad Swenson authored Apr 05, 2018
  
  d87b6fd9
Apr 11, 2018

roles: kubernetes: secrets: Add SUSE support · d07f75b3

Markos Chandras authored Feb 07, 2018

Add path for certificate location for SUSE distributions. Also make sure
the 'update-ca-certificates' command is executed on SUSE hosts as well.

d07f75b3

roles: kubernetes: preinstall: Install openssl-1.1.0 on Tumbleweed · 45eac53e

Nirmoy Das authored Feb 22, 2018

The openssl package on Tumbleweed is actually a virtual package covering
openssl-1.0.0 and openssl-1.1.0 implementations. It defaults to 1.1.0 so
when trying to install it and openssl-1.0.0 is installed, zypper fails
with conflicts. As such, lets explicitly pull the package that we need
which also updates the virtual one.

Co-authored-by: Markos Chandras <mchandras@suse.de>

45eac53e

roles: kubernetes: preinstall: Add SUSE support · e42203a1

Markos Chandras authored Feb 06, 2018



Add support for installing package dependencies and refreshing metadata
on SUSE distributions

Co-authored-by: Nirmoy Das <ndas@suse.de>

e42203a1

Apr 10, 2018
- Fix apiserver manifest for kube version < 1.9 · 3535c29e
  Christian Phu authored Apr 10, 2018
  
  3535c29e
- Updating order · 88765f62
  Marcelo Grebois authored Apr 10, 2018
```
https://kubernetes.io/docs/admin/admission-controllers/#is-there-a-recommended-set-of-admission-controllers-to-use
```
  88765f62