Commit graph

6715 commits

Author SHA1 Message Date
Florian Nowarre
2d25e82e02 add flatcar to hetzner 2022-09-18 23:34:05 +02:00
Florian Nowarre
f406e30191 add flatcar to hetzner 2022-09-18 23:32:06 +02:00
Florian Nowarre
ab03825875 readme and template path 2022-09-18 21:48:22 +02:00
Florian Nowarre
f8b1b1d3d0 add ssh stuff 2022-09-18 21:37:44 +02:00
Florian Nowarre
1505989b53 change readme and var loads 2022-09-18 21:16:18 +02:00
Florian Nowarre
1736f02460 enable flatcar for hetzner 2022-09-18 20:40:32 +02:00
Mahdi Abbasi
023b16349e
Add variable for the vsphere-csi namespace (#9278) 2022-09-15 02:01:23 -07:00
lijin-union
c4976437a8
Fix typos in docs (#9276) 2022-09-15 00:09:22 -07:00
Kay Yan
97ca2f3c78
add-timezone-support (#9263) 2022-09-14 21:11:22 -07:00
niesel
e76385e7cd
Update offline.yml (#9274)
Change "ubuntu_repo" to "debian_repo" for containerd_debian_repo_base_url and containerd_debian_repo_gpgkey
2022-09-13 16:55:01 -07:00
ERIK
7c2fb227f4
Add LimitMEMLOCK parameter configuration in containerd.service (#9269)
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>

Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2022-09-13 02:51:06 -07:00
ghostloda
08bfa0b18f
Upgrade ingress nginx webhook to 1.3.0 (#9271) 2022-09-13 01:47:05 -07:00
Ho Kim
952cad8d63
Remove mutual exclusivity in calico: NAT and router mode (#9255)
* Add optional NAT support in calico router mode

* Add a blank line in front of lists

* Remove mutual exclusivity: NAT and router mode

* Ignore router mode from NAT

* Update calico doc
2022-09-13 00:19:07 -07:00
rptaylor
5bce39abf8
add optional parameter extra_groups for k8s_nodes (#9211) 2022-09-13 00:13:08 -07:00
cleverhu
fc57c0b27e
fix number node name can't be added (#9266)
Signed-off-by: cleverhu <shouping.hu@daocloud.io>

Signed-off-by: cleverhu <shouping.hu@daocloud.io>
2022-09-13 00:09:05 -07:00
Samuel Liu
dd4bc5fbfe
[etcd] Sometimes, we do not need to run etcd role on all nodes. (#9173)
* WIP: sometimes,we not run etcd

* fix ansible lint

* like calico(kdd) cni, no need run etcd
2022-09-09 01:29:22 -07:00
Mohamed Zaian
d2a7434c67
[ingress-nginx] upgrade to 1.3.1 (#9264) 2022-09-09 00:37:23 -07:00
Kenichi Omichi
5fa885b150
Remove unused cri_dockerd_enabled configuration (#9259)
Since the commit fad296616c cri_dockerd_enabled
has not been used. But the packet_ubuntu22-aio-docker.yml still contains
the configuration and causes confusions.
This removes the configuration for cleanup.
2022-09-08 00:06:05 -07:00
ghostloda
f3fb758f0c
Remove useless file (#9258) 2022-09-07 17:10:49 -07:00
Krystian Młynek
6386ec029c
add retries for restart of kube-apiserver (#9256)
* add retries for restart of kube-apiserver

* change var name
2022-09-07 16:48:49 -07:00
Ho Kim
ad7cefa352
Ignore deleting nodes that are not in cluster (#9244) 2022-09-05 19:50:54 -07:00
Ho Kim
09d9bc910e
Fix typos in calico comments (#9254) 2022-09-05 18:46:54 -07:00
Kay Yan
e2f1f8d69d
add-Rocky-9-support (#9212) 2022-09-04 16:54:36 -07:00
Michael Schmitz
be2bfd867c
Add Support for Rewrite Plugin to CoreDNS/NodelocalDNS (#9245) 2022-09-03 16:16:35 -07:00
lou-lan
133a7a0e1b
Add featureDetectOverride configration of calico (#9249) 2022-09-02 04:58:05 -07:00
ERIK
efb47edb9f
Update kubespray version to v2.19.1 (#9241)
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>

Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2022-09-01 23:36:05 -07:00
Kay Yan
36bec19a84
add-yankay-to-reviewers (#9247) 2022-09-01 03:47:05 -07:00
Cristian Calin
6db6c8678c
disable kubelet_authorization_mode_webhook by default (#9238) 2022-08-31 04:53:00 -07:00
Florian Ruynat
5603f9f374
Update security contacts file (#9235) 2022-08-30 22:43:00 -07:00
蒋航
7ebb8c3f2e
make calico installation more stable (#9227)
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>

Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
2022-08-30 21:13:01 -07:00
Alessio Greggi
acb6f243fd
feat: add kubelet systemd service hardening option (#9194)
* feat: add kubelet systemd service hardening option

* refactor: move variable name to kubelet_secure_addresses

Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>

* docs: add diagram about kubelet_secure_addresses variable

Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>
2022-08-30 11:18:55 -07:00
tasekida
220f149299
Fix abort because calicoctl.sh is not a full path (#9217) 2022-08-30 08:07:02 -07:00
Florian Ruynat
1baabb3c05
Fix cloud_init files for different distros (#9232) 2022-08-30 08:03:02 -07:00
Florian Ruynat
617b17ad46
Fix kube_ovn_hw_offload value (#9218) 2022-08-30 03:21:01 -07:00
lijin-union
8af86e4c1e Fix typo. 2022-08-30 11:30:57 +02:00
kakkotetsu
9dc9a670a5
add runc v1.1.4 (#9230) 2022-08-30 02:01:01 -07:00
Kay Yan
b46ddf35fc
kube-vip shoud fail if kube_proxy_strict_arp is false in arp mod (#9223)
* fix-kube-vip-strict-arp

* fix-kube-vip-strict-arp
2022-08-30 00:21:02 -07:00
Chad Swenson
de762400ad
Fixes for calico_datastore: etcd (#9228)
It seems that PR #8839 broke `calico_datastore: etcd` when it removed ipamconfig support for etcd mode.

This PR fixes some failing tasks when `calico_datastore == etcd`, but it does not restore ipamconfig support for calico in etcd mode. If someone wants to restore ipamconfig support for `calico_datastore: etcd` please submit a follow up PR for that.
2022-08-29 22:41:00 -07:00
Cristian Calin
e60ece2b5e
[CI] remove opensuse Leap from molecule test blocking CI (#9229) 2022-08-29 11:44:49 -07:00
Cristian Calin
e6976a54e1
add pre-commit hook to facilitate local testing (#9158)
* add pre-commit hook configuration

* add tmp.md to .gitignore

* describe the use of pre-commit hook in CONTRIBUTING.md

* fix docs/integration.md errors identified by markdownlint

* fix docs/<file>.md errors identified by markdownlint

* docs/azure-csi.md
* docs/azure.md
* docs/bootstrap-os.md
* docs/calico.md
* docs/debian.md
* docs/fcos.md
* docs/vagrant.md
* docs/gcp-lb.md
* docs/kubernetes-apps/registry.md
* docs/setting-up-your-first-cluster.md
* docs/vagrant.md
* docs/vars.md

* fix contrib/<file>.md errors identified by markdownlint
2022-08-24 06:54:03 -07:00
Krystian Młynek
64daaf1887
cri-dockerd: add restart of docker.service (#9205)
* cri-dockerd: add restart of docker.service

* remove enabling of cri-dockerd.socket
2022-08-24 05:50:02 -07:00
Sergey
1c75ec9ec1
do not run etcd role in scale.yml playbook when etcd installed by kubeadm (#9210) 2022-08-24 00:16:24 -07:00
Shelming.Song
c8a61ec98c
optimize the format of evictionHard in kubelet-config.yaml template (#9204) 2022-08-23 01:55:24 -07:00
Bishal das
aeeae76750
Update vars.md (#9172) 2022-08-22 23:31:24 -07:00
Shelming.Song
30b062fd43
fix one bug in docs/nodes (#9203) 2022-08-22 23:17:23 -07:00
Pavel Chekin
8f899a1101
Fix containerd (<1.7) configuration for insecure registries (#9207)
For the following configuration

```
    containerd_insecure_registries:
      docker.io:
        - dockerhubcache.example.com
```

the rendered /etc/containerd/config.toml contains

```
        [plugins."io.containerd.grpc.v1.cri".registry.configs."docker.io".tls]
          insecure_skip_verify = true
```

but it needs to be

```
        [plugins."io.containerd.grpc.v1.cri".registry.configs."dockerhubcache.example.com".tls]
          insecure_skip_verify = true
```
2022-08-22 23:13:23 -07:00
Mostafa Ghadimi
386c739d5b
🌱 Enable cri-dockerd service (#9201)
* 🌱 Enable cri-dockerd service

* 🔨 Fix the task name in order to pass the CI tests
2022-08-22 07:17:43 -07:00
Bishal das
fddff783c8
Update vsphere-csi.md (#9170) 2022-08-22 07:13:43 -07:00
Tristan
bbd1161147
9035: Make Cilium rolling-restart delay/timeout configurable (#9176)
See #9035
2022-08-22 02:37:44 -07:00
Mohamed Zaian
ab938602a9
[kubernetes] Add hashes for 1.24.4, 1.22.13, 1.23.10 and make v1.24.4 default (#9191) 2022-08-21 23:11:44 -07:00