C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
5151 commits 17 branches 66 tags 141 MiB
Commit graph

480 commits

Author SHA1 Message Date
Florian Ruynat f54f63ec3f
Update cilium to 1.8.0 (#6314) 2020-06-25 06:16:38 -07:00
Alexander Evseev 5a311236c4
Enable portmap CNI plugin with kube-router (#6204) 
... to have working `hostPort` for containers.

See: https://www.kube-router.io/docs/user-guide/#hostport-support
 2020-06-10 10:08:52 -07:00
Yousong Zhou a7b8708dfc
calico: use absolute path to docker, crictl binary (#6253) 
To avoid the following error (ignored when pipefail is off)

  RUNNING HANDLER [network_plugin/calico : containerd | delete calico-node containers] *******************************************************************************
  changed: [node1] => {"attempts": 1, "changed": true, "cmd": "crictl pods --name calico-node-* -q | xargs -I% --no-run-if-empty bash -c \"crictl stopp % && crictl rmp %\"", "delta": "0:00:00.004240", "end": "2020-06-10 03:32:41.316955", "rc": 0, "start": "2020-06-10 03:32:41.312715", "stderr": "/bin/sh: crictl: command not found", "stderr_lines": ["/bin/sh: crictl: command not found"], "stdout": "", "stdout_lines": []}
 2020-06-10 03:22:08 -07:00
Florian Ruynat ecc3a0aec5
Update kube-ovn to 1.2.0 - also update minor version for multus and weave (#6223) 2020-06-09 12:09:01 -07:00
Florian Ruynat 101686c665
Remove outdated CriticalAddonsOnly toleration and critical-pod annotation (#6202) 2020-06-09 05:23:30 -07:00
Flavien 7ff8fc259b
Support all taints in network plugins manifests (#6208) 
flannel, ovn and multus network plugins did not support all taint keys. This
update changes the tolerations to support them all.

According to the documentation:

```
There are two special cases: An empty key with operator Exists matches all keys,
values and effects which means this will tolerate everything. An empty effect matches
all effects with key key.
```

Usage of the empty `key` and `effect` ensures the network plugin daemonset will
be deployed on every nodes (ex: in case of custom taints, or NoExecute effect)
 2020-06-02 05:38:15 -07:00
Sergey cc507d7ace
disable bird-check flag for probes of calico-node pods when calico_network_backend is not 'bird'. (#6217) 2020-06-01 12:44:14 -07:00
Flavien ab44beba17
weave: support any taint effect in daemonset tolerations (#6159) 
Since weave 2.5.1, `NoExecute` taint effect is no more supported,
this changes the daemonset tolerations to change this behavior.

Also remove the toleration key `CriticalAddonsOnly` not required anymore.
 2020-05-28 01:10:02 -07:00
Wang Zhen d62836f2ab
Replace seccomp profile docker/default with runtime/default (#6170) 
Signed-off-by: Wang Zhen <lazybetrayer@gmail.com>
 2020-05-27 14:02:02 -07:00
Florian Ruynat b6243bfc1c
Fix ImagePullPolicy missing variable usage (#6091) 2020-05-10 11:37:50 -07:00
Florian Ruynat 965fe1db94
Update cni spec to 0.4.0 for network plugin allowing it (#6053) 2020-05-06 11:13:09 -07:00
Florian Ruynat f6be326feb
Update kube-ovn to 1.1.1 (#6060) 2020-05-06 11:05:09 -07:00
Florian Ruynat 7d497e46c5
Update calico to 3.13.3 (#6061) 2020-05-04 08:56:26 -07:00
Florian Ruynat 361645e8b6
Fix multus missing cni and erroneous CI tests (#6051) 2020-04-30 23:38:05 -07:00
Florian Ruynat 3ff6a2e7ff
Update default (erroneous) backend value for calico (#6031) 2020-04-27 00:03:39 -07:00
Florian Ruynat 1ee3ff738e
Add option to enable usage reports to calico servers (#6030) 2020-04-27 00:03:30 -07:00
Qasim Sarfraz 52edd4c9bc
Fix liveness probe for cilium operator (#6016) 2020-04-26 23:59:29 -07:00
Pasquale Toscano 3d5988577a
Support Cilium from version 1.5 (#6006) 2020-04-24 06:00:10 -07:00
Florian Ruynat 299e35ebe4
Cleanup unused/erroneous variables (#6003) 2020-04-24 01:54:07 -07:00
Florian Ruynat ca45d5ffbe
Fix retries keyword missing until instruction (#5989) 2020-04-21 07:20:56 -07:00
Sergey 6e29a47784
generate flannel manifest only on first master (#5983) 2020-04-20 01:33:38 -07:00
Sergey baff4e61cf
remove image flannel cni (#5980) 2020-04-19 06:13:37 -07:00
Florian Ruynat 83fe607f62
Cleanup deprecated labels beta.kubernetes.io/arch and beta.kubernetes.io/os (#5964) 2020-04-17 05:51:06 -07:00
Maxime Guyot 0924c2510c
Use role to copy CNI bin (#5953) 2020-04-16 10:06:45 -07:00
Ryler Hockenbury b061cce913
Allow configureable vni and port for flannel overlay (#5939) 2020-04-15 03:14:02 -07:00
Florian Ruynat c929b5e82e
Upgrade kube-ovn to v1.1.0 and move test from centos7 to centos8 (#5852) 2020-04-15 03:10:03 -07:00
Florian Ruynat 58f48500b1
Update Flannel manifests, install script and version (0.12) + fix tests scripts (#5937) 
* Add CI_TEST_VARS to tests

* Update flannel to 0.12.0 (with new manifests) and disable tx/rx
offloading in networking test
 2020-04-14 23:48:02 -07:00
Florian Ruynat b5125e59ab
update rbac.authorization.k8s.io to non deprecated api-groups (#5517) 2020-04-14 13:14:04 -07:00
Chris 883194afec
Fix Cilium permissions (#5923) 
* added required permissions for querying endpointslice resources

* copy-pasted role permissions from cilium install manifests

* bumped cilium version to v1.7.2
 2020-04-10 23:47:48 -07:00
Alexander Kross 0d675cdd1a
Update Calico to v3.13.2, Multus to v3.4.1. Add ConfigMap get permission to allow calico-node access to kubeadm config. (#5912) 2020-04-09 07:27:43 -07:00
Anshul Sharma 79a6b72a13
Removed deprecated label kubernetes.io/cluster-service (#5372) 2020-03-30 01:19:53 -07:00
Petr Enkov 474fbf09c4
fix wrong cilium_operator repo variable (#5819) 2020-03-25 02:17:03 -07:00
Petr Enkov bc2eeb0560
use variables for cilium-operator instead of hardcoded value (#5802) 2020-03-24 07:40:47 -07:00
Mateus Caruccio 81f07c3783
Disable IPv6 support for canal's calico-node (#5684) 
This implements the same behavior as a15a0b5eb9/roles/network_plugin/calico/templates/calico-node.yml.j2

More info: https://github.com/projectcalico/felix/issues/1447
 2020-03-24 07:10:49 -07:00
bozzo 3cefd60c37
Add OWNERS file for kube-router (#5782) 
I propose also my help as a reviewer
 2020-03-17 04:14:22 -07:00
bozzo 974902af31
Update Kube-router version to v0.4.0 (#5756) 2020-03-17 02:40:21 -07:00
hfinucane 158d998ec4
Support configuring the Calico iptables insert mode (#5473) 
* Support configuring the insert mode

Defaults to the upstream default https://docs.projectcalico.org/v3.9/reference/felix/configuration

so nothing should change for existing deployments.

This allows coexistence with other firewall management technologies.

* Add a note to the sample config
 2020-03-14 06:36:35 -07:00
Christopher Randles 71c856878c
update multus to 3.4 and add crio support (#5701) 
Signed-off-by: Chris Randles <randles.chris@gmail.com>
 2020-03-13 04:22:39 -07:00
Sergey e60b9f796e
add calico VXLAN mode, update docs and vars in sample inventory (#5731) 
* calico VXLAN mode

* check vars if calico backend defined
 2020-03-12 01:20:37 -07:00
Fredrik Lönnegren e257d92f41
Cilium updates (#5438) 
* Add resources needed to deploy 1.6.4

* Use cilium v1.6.4

* Change deprecated option name

* Add update crd to clusterrole cilium

* Cilium 1.6.4 -> 1.6.5

* Make monitor-aggregation config configurable as a variable

* Change monitor-aggregation default none->medium

* Cilium 1.6.5 -> 1.6.6

* Update to 1.7.0

* v1.7.0->v1.7.1
 2020-03-11 08:15:36 -07:00
Arthur Outhenin-Chalandre 588896712e
Fix kube-router config generation (#5531) 
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
 2020-03-04 02:11:47 -08:00
Chad Swenson a15a0b5eb9
Make calico iptables lock timeout configurable (#5658) 
Adds `calico_iptables_lock_timeout_secs` variable to calico DS yaml.
 2020-02-19 02:28:25 -08:00
Sylvain Chateau 0ca7aa126b
added "Flatcar", "Flatcar Container Linux by Kinvolk" for all coreOS role (#5607) 2020-02-18 00:15:29 -08:00
lcooper40 579976260f
Added in code to allow control over pull policy for local path provis… (#5334) 
* Added in code to allow control over pull policy for local path provisioner

* change to imagePullPolicy to use globally used variable k8s_image_pull_policy

* removed unusued variable from defaults

* updated contiv-etcd and cinder-csi-controllerplugin to use k8s_image_pull_policy variable
 2020-02-17 02:13:30 -08:00
Matthew Mosesohn b35b816287 Raise typha max connections to 300 (#5527) 
Raises limit from 100 to 300 because the default is far too low
and the pod can handle 300 with the given resources.

Change-Id: Ib1eec10da3d09d198933fcfe87291587e58d7cdb
 2020-01-10 00:24:33 -08:00
Etienne Champetier 2c2ffa846c Calico: update to 3.11.1, allow to configure calico_iptables_backend (#5514) 
I've tested this update by deploying a containerd / etcd cluster on top CentOS7,
MetalLB + NGINX Ingress. Upgrade using upgrade-cluster.yml

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
 2020-01-08 02:27:40 -08:00
bozzo c0b262a22a Add kube-router configuration to enable metrics exposure (#5416) 2019-12-16 04:35:36 -08:00
Maxime Guyot b15d41a96a Add support to Ansible 2.9 (#5361) 2019-12-05 07:24:32 -08:00
Matthew Mosesohn 7da2083986 Add toleration for calico-typha on master (#5405) 
Change-Id: Iea9a366cf6ccc4d491bfc49c5d2dba6d98f81b69
 2019-12-05 06:24:32 -08:00
Aaron Crickenberger f1498d4b53 fix OWNERS file (#5359) 
Initially this was to fix a mis-indented approvers key. However, it turns
out that 'oilbeater' is not a member of kubernetes-sigs nor
kubernetes-incubator (the org this repo was migrated from). Thus this
OWNERS file is failing prow's validation check.

As a workaround I've opted to move them to emeritus_approver, which
isn't valiated and can be used as a hint for other approvers in this
repo
 2019-11-25 17:59:11 -08:00