Skip to content

Commit History for krib

This is the commit history for the krib component.

v4.15.0, v4.15.0-alpha01 (2025/06/12)

  • Fix up .gitignore and .gitlab-ci
  • Initial post-split commit for branches v4

v4.13.32 (2025/06/12)

  • Fix up .gitignore and .gitlab-ci
  • Initial post-split commit for branches v4.13.0-branch

v4.14.20 (2024/10/29)

  • docs: replace old readthedocs links with rackn.io links
  • fix(token): removing all usages of GenerateProfileTokens and replacing with profiles.. extra claims
  • fix(params): use secure param where appropriate
  • doc(fix): update links and fix render references
  • doc: update provision ref and clean links

v4.12.17, v4.13.31 (2023/04/13)

  • Add yamllint to gitlab build pipeline
  • docs: rst to md conversion, parts missed by previous passes
  • docs(krib): rst to md conversion

v4.10.9, v4.11.30 (2022/07/19)

  • doc: Fix embed youtube link
  • doc: Fix youtube secure references
  • doc: update cluster references

v4.9.10 (2022/02/28)

  • feat: convert meta data to a single file

v4.8.12 (2021/09/09)

  • feat(gitlab): Migrate module to gitlab

v4.7.0 (2021/05/24)

  • Avoid a client ca for etcd

v4.6.12 (2021/03/20)

  • fix(doc): Various content doc fixes

v4.4.2, v4.5.5, v4.6.0-beta01 (2020/06/18)

  • feat(agent): Add content for installing the agent.
  • krib: Fix for metallb configs
  • krib: move to use download() and apply proxy when necessary
  • krib: docker/apply-http-proxy param to install proxy env vars
  • krib: fix metallb upstream branch name

v4.3.1 (2020/04/22)

  • docs(krib): fix duplicates and refs
  • docs(krib): fix formatting and indenting
  • Fix missing 'type' on param schema
  • take advantage of new UX metadata field
  • include feature check for ExtraClaims
  • remove unsafe hack and use ExtraClaims instead. Will require 4x DRP

v4.3.0-beta2 (2020/02/21)

  • workaround: remove helm until updated to v3
  • placeholder for slowly pulling work from edgelab into release
  • edge helm install runs
  • rename helm/ to krib/helm-

v4.1.2, v4.2.25, v4.3.0-alpha2 (2019/10/21)

  • for contexts, we want a finish that does not change the bootenv

v4.1.1 (2019/09/24)

  • downgrade to 1.15.4 for better chart compatibility
  • move download functions to task-library
  • remove not needed serviceaccount re-applying
  • lint dashboard admin cat yaml
  • calico 3.9 update
  • cni 0.8.2 update
  • update various versions
  • use download & with_backoff function for docker script
  • Restart containerd if it was already running
  • Override ExecStart properly
  • Be idempotent
  • Fix wrong param
  • Damn those races
  • Add option to customize loglevel
  • Bump vault version
  • Update consul version to 1.6.1
  • Change consul agent to DEBUG mode

v4.0.15, v4.1.0-beta (2019/09/02)

  • Delete krib.yaml (added in error)
  • Delete krib.yaml (added in error)
  • Ensure versioned nginx containers are used
  • Fix metallb container versions to chosen version
  • Obtain metallb version via param

v4.0.12 (2019/08/23)

  • Add missing params skipped by aggressive .gitignore
  • Added explicit IPs for Nginx ingress(es)

v4.0.9 (2019/08/20)

  • Add ability to customize tcp/udp services for nginx
  • Remove conntrack.max
  • Update the krib to use the parameters from dev-library
  • Safer reset

v4.0.8 (2019/08/15)

  • Increase backoff to avoid races
  • Allow fixing rook-ceph version
  • Enforce v.1.0.0 for now
  • crictl version 1.15 matching k8s 1.15
  • re-add cleanup without heapster
  • k8s 1.15.2
  • kubernetes dashboard v2

v4.0.7 (2019/08/13)

  • Protect mounted filesystems
  • Improve ceph resetting
  • Permit reset with custom user/password
  • As you weeeeesh
  • Standardize Ceph manifests to 1.0

v4.0.6 (2019/08/10)

  • Fix doc links

v4.0.4 (2019/08/08)

  • Set sane log level

v4.0.2 (2019/08/06)

  • Start containerd on boot
  • don't hardcode the profile brah
  • as per @galthaus, use krib/k3s param. this is basic level for now but good pattern
  • as per request by @galthaus
  • cert plugin does not do secure yet
  • move to secure data - most are not passwords. REQUIRES TIP DRP
  • missed if
  • minor docs
  • remove krib/k3s param
  • undo the secure/password mess - it's not good but needs a real test pass to fix
  • more delay, zzzz
  • k3s multi-node working
  • containerd install fixes
  • add containerd install
  • WIP k3s config process
  • respect the k3s param
  • improve log messages
  • cert plugin does not do secure yet
  • include feature flag to catch Profile Secure Get/Update requirement
  • move to secure data - most are not passwords. REQUIRES TIP DRP
  • add workflow, stage includes special k3s param
  • WIP krib-get-masters failing
  • Another place to handle ha
  • Adjust the vip to also watch for master-count > 1
  • Fix parameter references to correctly match protections.
  • Remove some dead spaces
  • Add ceph/ceph to private registry
  • Update for storing calico images in trusted registry
  • Improve regex
  • cert plugin does not do secure yet
  • include feature flag to catch Profile Secure Get/Update requirement
  • move to secure data - most are not passwords. REQUIRES TIP DRP
  • add workflow, stage includes special k3s param
  • Un-dumbassed the sed (only myself to blame)
  • Make ceph default storageclass
  • Added further add-on containers
  • Progress pinning containers
  • WIP krib-get-masters failing
  • Add option to specify metallb container image
  • !#/bin/bash (my head in)
  • Avoid races on vault
  • Prevent races
  • More backoffs on nginx
  • Tired of re-trying nginx stage
  • Implemented (aws only for now)
  • Update nginx deployment for mutually exclusive options
  • Tidy up templates
  • Whitespace fixed
  • Standardize param names
  • Parametize target disk
  • Initial addition of option
  • Add default issuer to ceph dashboard cert if configured
  • Fix errant quote
  • Improve calico behavior in multi-NIC deployments
  • Latest progress
  • Streamlined installation
  • Merged with logging branch
  • Further genericized
  • Add params to genericize graylogging
  • Remove local rook files on reset
  • Added fluent-bit to DRP
  • Zap worker disks (hardcoded to /dev/sda currently)
  • Progress thus far - no drives working yet
  • fail gracefully if namespace already exsits
  • By default, avoid buggy IPs
  • Front proxy certs must match on all masters
  • Slightly less sleepy
  • add ability to ignore preflight errors, streamline docs
  • Fix nginx to v0.24.1
  • Updated for signed kubelets
  • Add signed kubelet config
  • Restore validating webhook
  • Make cleanup.. cleaner
  • Correct name of AWS secret key param
  • Working ingress, without admission controller for now
  • Tidy up reset to avoid races
  • Ingress working, certs unsure yet
  • Working with two ingresses, no certs yet
  • Store consul client certs to facilitate backup
  • Generate clients certs to backup etcd externally
  • Add delay before testing vault status to allow for startup
  • Generate a client cert for controller
  • Reduce likelihood of races to init vault
  • Tidy up certs
  • Got automated install with vault working
  • Tidied up some issues discovered on reinstall
  • Support vault token as param in DRP
  • Add support for auto-unsealing with awskms
  • Add (untested) KMS auto-unseal
  • Add TLS to vault
  • Tweak client params
  • Works co-locating agent and server on the same host
  • Initial version of vault
  • Make consul deployment more user-friendly
  • Add gossip encryption
  • Split consul into install and configure steps
  • Make consul work with DRP-generated certs
  • Self-assemble TLS-secured consul cluster (WIP)
  • Improve consul workflow
  • Prepare params
  • Progressed up to a point - left notes to followup
  • Got initial consul cluster built (the dirty way)
  • Installed /usr/local/bin/consul
  • First cut at consul setup
  • Improve presentation and docs of krib-container-runtime.yaml
  • Add option to install files from local repo
  • Fix test for local repo
  • Add details on switching to containerd
  • Implement containerd, fix bugs
  • Make install-containerd agnostic to a local http repo
  • Update for generic runtime stage
  • Applies, waiting validation
  • First cut (is the deepest!)
  • Correctly use HA cluster endpoint
  • Increase random sleep from 5 to 25 sec
  • Decomposed further
  • Safely introduce optional params for selective mastership
  • Only use HA etcd master if necessary params are defined
  • Prevent failure if krib/cluster-master-vip is undefined
  • Add brutal machine-wiping script
  • Add etcd/cluster-client-vip-port as optional param
  • add prereqs meta to help users know certs is required
  • Update kubeadm.conf
  • Implement load-balanced etcd
  • update kubernetes to v1.14.3
  • fix cni plugin link
  • update kubernetes to v1.14.2, cni to 0.8.0
  • update docker, etcd, cni, crictl, kubernetes
  • Make sure docker config dir exists before trying to create daemon.json
  • update calico to version 3.6
  • use -o since -O is used to set remote name as file name
  • Update example-krib-ha.yaml
  • Add prerequisites to community content bundles
  • Update mount-disks.sh.tmpl
  • Adding comment to add unsafe/rs-password
  • Adding comment after installing helm
  • Change Option -o to -O on Line 200
  • Rename "Name: example-krib-ha" to "Name: krib-ha"
  • Update mount-disks.sh.tmpl
  • Adding -f option on mkfs.xfs command
  • adding function to umount when the /dev/sda1
  • updated metallb to be re-runnable. Refs digitalrebar/provision-content/issues/243
  • add krib apiserver extra SANs param
  • updated helm install to support master recovery
  • added basic support for self healing etcd cluster
  • Get profile data from profile and not aggregate through machine.
  • fix CertSANs -> certSANS; add static pod path for all
  • fix certSANs indent
  • turn off debug messages
  • remove unneeded extra volumes and static pod path
  • add missing cluster profile data for krib-lib
  • source krib-lib
  • move with_backoff and download function to krib-lib and use for etcd
  • tweaks for catalog generation
  • remove extra volumes mount of hyperkube
  • load kernel module br_netfilter if already not loaded
  • check if /etc/fstab exists before remove swap entry from it
  • unify wording
  • no need for full git repo; remove heapster temp dir
  • remove debug output
  • update config for v1.13
  • add backoff&download to handle bad connections; increased verbosity
  • update defaults:
  • Add full content package info
  • fix etcd-config call to non-existent xiterr()
  • fix etcd-config call to non-existent xiterr()
  • added a check in ingress to not create the ingress for the dashboard if it's disabled
  • added weave networking provider
  • fixed unworkable flannel config option
  • set the icon in all cases
  • bad syntax
  • added param to allow disabling k8s dashboard install
  • adding line breaks inside ranges so lines don't get run together
  • turn off swap permanently
  • --sort-backends no longer being accepted on current ingress-nginx release
  • added param to configure additional kubeadm apiServerExtraArgs
  • Allow etcd and krib IP's to be overridden
  • change pocket to docker icon
  • Fix provider/flannel-config URL
  • use known icon
  • adding more flexibility for templatebefore and templateafer
  • Updates to repos support for helm charts
  • Changed to apply
  • Added ceph dashboard login info to docs
  • Added documentation and examples
  • Updated rook to add ceph dashboard service + ingress and update default path
  • use more reliable kubectl apply instead of create
  • use master label for taint
  • add IFS to while loop
  • disable debug for krib keepalived
  • ensure taints for masters
  • use rook version 0.9.1
  • add rook/ceph example
  • allow multiple mon for small setups
  • update rook (0.9) and ceph (13.2.2-20181023)
  • added krib rancher block storage
  • Accidentally removed one too many lines.
  • typo for tls secret name
  • added ingress name to default $CLUSTERIP.xip.io hostname so multiple ingresses can be defined
  • removed NodePort addition to kubernetes-dashboard service since it didn't work for non-proxy access anyhow
  • moved dashboard ingress template inline in the shell script to prevent inadvertent reuse
  • Added krib nginx-ingress
  • Fixed heapster unable to talk to API
  • formatting cleanup
  • tabs to spaces
  • added param and ability to remove taints from master nodes
  • Updated docs
  • krib/cluster-master-vip shouldn't be cleaned up since it's manually set
  • Removed bad doc
  • Added krib-metallb
  • update etcd version to 3.3.10
  • fix calico config url
  • remove calicoctl
  • update doc for calicoctl
  • kubernetes version 1.12.4 didn't work for me
    • use k8s datastore instead of calico etcd
  • add krib/cluster-pod-subnet to calico
  • Expanded on accessing the kubernetes dashboard
  • fix HOSTNAME for worker nodes
    • add support for custom calico etcd clusterIP
  • fix typo
  • update kubernetes version to v1.12.4
  • update cni to v0.7.1
  • add custom cluster ip for calico etcd
  • allow label overwrite
  • update to calico 3.4; own etcd config
  • update dashboard link
  • Fix centos7 update breaking krib.
  • fix multi-arch
  • cleanup and add multiarch back
  • as per @faniand, remove unneeded packages. host check is optional
  • working first pass for KubeVirt.io stage
  • Make sure socat is installed.
  • Add docker specific version.
  • Deal with docker issues
  • Update krib and friends to work with CoreOS
  • Fix krib in tip
  • version in community changed...
  • skip daemon if no param defined
  • remove insecure default
  • undo typo in config
  • use daemon config instead of contrail reg hack
  • change icons
  • move docker daemon change to docker install
  • tweaks from debug
  • update for new release
  • cleanups from testing
  • remove helm, put contrail install in right place. NOT TESTED
  • WIP contrail bones for basic install
  • Changes to support curl with ipv6 addresses.
  • rook install needs helm AND templates - this is a powerful addition
  • WIP Rook Ceph - add repo to helm
  • Add 'ntpdate' binary check, install if missing
  • update docs - see matching provision patch
  • add some logging
  • include wait option for charts
  • helm advanced is ONLY way, move to helm/charts
  • good working point for helm install updates
  • move name and namespace to top level
  • fix yaml parsing error
  • add targz suppport
  • WIP advanced helm install builder working
  • change approach to simpler charts-advanced array instead
  • initial helm directives object
  • initial helm directives object
  • WIP
  • fix extra newline in etcd endpoints list iteration
  • Desensitize check for 'Ready' status
  • move label code into place where it works for all nodes
  • pull node labels from krib/labels param
  • add require features flags to content
  • adds 'delete' and 'cordon' Operations to KRIB
  • timing tweaks, default to no wait
  • initial sonobuoy support - not automatically included
  • label nodes - use inventory if available
  • add 'krib/cluster-masters' to example profile
  • add override for kubeadm.cfg
  • fixes,enhancements, testing
  • move set-networking-provider to networking-provider
  • Fix spaces at end-of-lines
  • Fix bad template syntax
  • updates to support v1alpha2 for etcd, etc
  • updates, still broken - etcd cluster conflict
  • WIP: updates to KRIB
  • add some docs
  • add security policy and repos list
  • fix bug in reset
  • helm stage
  • add password as param
  • use rocketskates auth to reset cert in dev reset
  • move doc from provision to krib component
  • testing terraform, small tweaks
  • update for new meta UX field name
  • add wait stage to reset
  • add compute nodes wait for controller loop
  • WIP initial files checkin - begin testing
  • Installing wget since it's not included in the base CentOS install
  • Even better solution that is permanent.
  • Fix #106 by forcing 1 into /proc/sys/net/bridge/bridge-nf-call-iptables
  • remove set -x, add doc line
  • detect and halt if CA root is present
  • add needed backoff for reset, include render
  • missed exit
  • remove plugin:
  • move cluster reset into its own stage
  • troubleshooting and docs tweaks
  • Updated etcd version to match kubernetes 1.11
  • kubeadm installs coredns instead of kube-dns
  • fix etcd version
  • adding more echos for troubleshooting
  • add documentation to params
  • WIP for building KRIB clusters
  • Fix case for wait_for_count returning something.
  • Fix templates again
  • Fix CLUSTER PROFILE here too
  • Same thing with PROFILE_CLUSTER var
  • Make sure profile token is set before loading library.
  • Fix spaces at EOL
  • Add KRIB to community content.
  • Initial commit