Florian Ruynat
18666b3e2d
Update multus to 3.7.2 (and move to ghcr.io)
2021-07-20 01:29:31 -07:00
Florian Ruynat
ed87386d7b
Set default k8s version to 1.21.3
2021-07-20 01:29:31 -07:00
Florian Ruynat
1ad9b33b08
Add hashes for k8s 1.20.8/.9 and 1.19.12/.13 and 1.21.3
2021-07-20 01:29:31 -07:00
Florian Ruynat
000b4565c2
Fix erroneous ansible args
2021-07-20 01:29:31 -07:00
Florian Ruynat
eda75fc706
Update kube-router to 1.3.0
2021-07-20 01:29:31 -07:00
Florian Ruynat
6583add63a
Update flannel to 0.14.0 (moved from coreos repo to flannel-io)
2021-07-20 01:29:31 -07:00
Florian Ruynat
441ad841cc
Use dashboard 2.3.1 image
2021-07-20 01:29:31 -07:00
Florian Ruynat
6511c5dd7a
Set Helm default version to 3.6.3
2021-07-20 01:29:31 -07:00
Florian Ruynat
d5cbb19b39
Update kube-ovn to 1.7.1
2021-07-20 01:29:31 -07:00
Atsushi Nukariya
417180246c
Fix: typos in docs and comments ( #7805 )
2021-07-16 18:58:50 -07:00
Fredrik Liv
802fb8b591
Add application credentials support for cinder ( #7799 )
...
* csi-driver: Added possibility to use application credentials for cinder
* external-cloud-controller: Added env vars for openstack application credentials
2021-07-15 00:56:48 -07:00
spaced
c2cf0d9945
add containerd on fedora CoreOS ( #7794 )
...
* set selinux type t_etc if selinux state is enforcing
* workaround with update repo is no longer needed
remove comments about failing playbook
* grubby is not available in distros using ostree
* remove docker support because removed in fcos
update install script example with live rootfs
* do not call grubby on ostree based distro
* update docs enabling containerd on fedora coreos
2021-07-15 00:00:48 -07:00
jayonlau
e61a9077f4
Clean up extra spaces about configuration-qemu.toml.j2 ( #7795 )
...
Clean up extra spaces, although these errors are not important, they affect the code specification.
2021-07-13 06:38:34 -07:00
spaced
bf54dc082b
set selinux type t_etc if selinux state is enforcing ( #7791 )
2021-07-13 06:34:29 -07:00
cleveritcz
3ff7bc1f64
Added k8s 1.21.2 ( #7789 )
2021-07-13 06:26:29 -07:00
Cristian Calin
7516fe142f
Move to Ansible 3.4.0 ( #7672 )
...
* Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10
* Docs: add a note about ansible upgrade post 2.9.x
* CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures
* Ansible: use newer ansible-lint
* Fix ansible-lint 5.0.11 found issues
* syntax issues
* risky-file-permissions
* var-naming
* role-name
* molecule tests
* Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+
* Pin ansible-base to 2.10.11 to get package fix on RHEL8
2021-07-12 00:00:47 -07:00
Sébastien Huss
b0e4c375a7
Allow cri-o offline install ( #7777 )
2021-07-09 20:52:45 -07:00
Florian Ruynat
d1388d69d0
Fix tests following python change ( #7775 )
...
* Fix ansible detection for python3 and ubuntu
* Fix oracle missing centos-extras repo for containerd/docker dependencies
2021-07-08 18:52:53 -07:00
Shinerrs
d0fb537448
Ubuntu changed package name python-apt to python3-apt ( #7769 )
...
* replaced deprecated python package with python3 package
* removed the version due to duplication
2021-07-02 06:56:13 -07:00
jayonlau
59cf1770bc
Clean up residual files about /usr/libexec ( #7756 )
...
When reset, need to clean up directory /usr/libexec.
2021-07-01 02:13:54 -07:00
Vadim
0aaba5ea30
added destination filename to cp command ( #7764 )
2021-06-30 08:13:03 -07:00
Cristian Calin
bd6d810d0a
nodelocaldns: allow binding metrics address to host IP ( #7748 )
2021-06-29 05:28:41 -07:00
jayonlau
e3850fbbbc
Extra spaces of macvlan ( #7752 )
...
Although these errors are not important, they affect the code specification.
2021-06-28 02:13:25 -07:00
Cristian Calin
a3e34f589a
Enable Graceful Node Shutdown for Kubernetes >= 1.21.0 ( #7746 )
...
* Enable Graceful Node Shutdown for Kubernetes >= 1.21.0
* Add sample graceful shutdown parameters
2021-06-27 23:53:25 -07:00
Cristian Calin
a2cf6816ce
Calico wireguard ( #7638 )
...
* Calico: add Wireguard support
* CI: Add Calico Wireguard scenario
2021-06-25 03:22:45 -07:00
jayonlau
bbcafb5d7b
Clean up residual files about modules-load.d ( #7737 )
...
When reset, need to clean up files kube_proxy-ipvs.conf and kubespray-br_netfilter.conf.
2021-06-25 00:32:45 -07:00
Id2ndR
a31baf3c16
Fix deployment without openstack cacert ( #7723 )
...
* fix group name
* fix external-openstack-cloud-config secret
* don't add ca.cert in the secret if not defined
2021-06-21 05:38:50 -07:00
jayonlau
e83728897b
Clean up residual files ( #7722 )
...
* Clean up residual files
When reset, you need to clean up to the kerw directory.
* Update main.yml
2021-06-21 05:34:50 -07:00
Cristian Calin
282a27a07c
gVisor: initial support for gVisor container runtime ( #7661 )
...
* Docker/Containerd: move downloads urls to containerd-common
* gVisor: initial support for gVisor container runtime
2021-06-21 05:18:51 -07:00
Sergey
3fe6dbb65c
fix image pull url for coredns v1.8.0 ( #7702 )
2021-06-16 17:00:19 -07:00
flix444
7547e6a272
Ubuntu 21.04 changed packagename python-apt in python3-apt ( #7715 )
2021-06-16 13:58:00 -07:00
Cristian Calin
1928dafc7e
Revert to conmon location override for Redhat and Fedora ( #7701 )
2021-06-16 09:07:59 -07:00
Florian Ruynat
e77b9bf3ee
Update kube-ovn to 1.7.0 ( #7686 )
2021-06-16 08:10:00 -07:00
Samuel Liu
7f7e83a4d9
fix local-path-provisioner helper image repo ( #7703 )
2021-06-16 08:06:00 -07:00
Marko Kohtala
85fe716d46
Drop "Server" from crio repo URL ( #7698 ) ( #7699 )
...
$releasever can be 7Server, but there is no such CentOS path on
download.opensuse.org.
Use ansible_distribution_major_version instead of $releasever.
2021-06-11 05:10:59 -07:00
Kenichi Omichi
85ff3eb8be
Update the version of local_volume_provisioner ( #7684 )
...
As [1], v2.4.0 has been released already for local_volume_provisioner.
This updates the version.
[1]: https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner/tags
2021-06-11 04:36:59 -07:00
Florian Ruynat
e55c359cf9
Updage docker packages to 20.10.7 ( #7685 )
2021-06-11 04:32:59 -07:00
Kasakaze
d66da21726
make sure serviceaccounts/token is only in the metadata stage ( #7679 )
2021-06-07 08:38:40 -07:00
forselli-stratio
1069b05e68
Improve scale flow and documentation ( #7610 )
...
* Improve scale flow
* Add confirmation prompt again
2021-06-07 05:02:40 -07:00
Cristian Calin
ec0c0d4a28
Calico enable support for eBPF ( #7618 )
...
* Calico: align manifests with upstream
* allow enabling typha prometheus metrics
* Calico: enable eBPF support
* manage the kubernetes-services-endpoint configmap
* Calico: document the use of eBPF dataplane
* Calico: improve checks before deployment
* enforce disabling kube-proxy when using eBPF dataplane
* ensure calico_version is supported
2021-06-07 04:58:39 -07:00
jiriproX
1739b27231
Replace yum module with package module ( #7621 )
2021-06-05 04:16:39 -07:00
Sergey
d9d29af87f
update containerd to version 1.4.6 ( #7674 )
2021-06-03 10:55:38 -07:00
Cristian Calin
7036b704b3
Replace Kata 1.x with Kata 2.x ( #7670 )
...
* Kata: add Kata 2.x checksums and adjust download urls for 2.x
* Kata: drop 1.x version which is no longer supported
* Kata: set default version 2.1.0
2021-06-02 00:50:41 -07:00
Florian Ruynat
54cda80018
Fix debian docker available version ( #7668 )
2021-06-01 20:58:39 -07:00
Cristian Calin
6a2ea94b39
Docs improvements ( #7660 )
...
* Docs: update sidebar
* Docs: move registry documentation into docs/
* Docs: move rbd_provisioner documentation into docs/
* Docs: move cephfs_provisioner into docs/
* Docs: move local_volume_provisioner documentation into docs/
* Docs: move ambassador.md to docs/ingress_controller/
* Docs: move metallb.md to docs/ingress_controller/
* Docs: move ingress_nginx documentation into docs/
* Docs: move alb_ingress_controller documentation into docs/
* Docs: merge ambassador documentation into docs/ingress_controller/
* Docs: move cert_manager documentation into docs/
* Docs: move bootstrap-os documentation into docs/
* Docs: update file locations in sidebar
2021-06-01 07:30:27 -07:00
Cedric Hnyda
4674b03661
Add cinder_csi_ignore_volume_az ( #7624 )
...
Signed-off-by: Cedric Hnyda <cedric.hnyda@itera.io>
2021-06-01 07:10:27 -07:00
kongxs
922de32290
spelling mistakes ( #7664 )
...
Signed-off-by: kjinan <2008kongxiangsheng@163.com>
2021-05-31 05:46:26 -07:00
Florian Ruynat
7896bc7831
Add Fedora 33 image and CI, remove Fedora 31 (EOL) + update docker packages ( #7657 )
...
* Update docker package to 20.10.6
* Add Fedora 33 image and CI, remove Fedora 31 (EOL)
2021-05-28 08:04:25 -07:00
AnatomicJC
da07459bd6
Update crun 0.19 checksum ( #7655 )
...
Checksum of crun 0.19 is not correct, this commit fixes it
2021-05-27 15:20:23 -07:00
Fredrik Liv
3ca205446e
Added possibility to specify vSphere credentials via env variables ( #7646 )
...
* Added possibility to specify vSphere credentials via env variables
* Removed excessive spacing
2021-05-27 12:02:30 -07:00
forselli-stratio
eff1931283
Add retries to 'Set label for route reflector' task ( #7645 )
2021-05-27 12:02:23 -07:00
Florian Ruynat
fd8ae54fa7
Docker default version is now 20.10
2021-05-27 11:18:24 -07:00
Florian Ruynat
79fdee3979
Bump crio to default 1.21
2021-05-27 11:18:24 -07:00
Florian Ruynat
a754c0d476
Kubernetes now use CoreDNS 1.8.0
2021-05-27 11:18:24 -07:00
Florian Ruynat
7208169db3
Update kubernetes version to 1.21.1
2021-05-27 11:18:24 -07:00
Cristian Calin
7b5d43cc00
Calico: upgrade 3.18 to 3.18.4 ( #7648 )
2021-05-26 05:51:21 -07:00
Cristian Calin
c5ccedb694
store openstack external cloud controller ca.cert in a k8s secret instead of the host filesystem ( #7603 )
2021-05-26 00:35:21 -07:00
Cristian Calin
858b29f425
Calico: add support for v3.19.1 ( #7630 )
...
* Calico: add v3.19.1 hashes
* enable liveness probe for calico-kube-controllers
3.19.1
* Calico: drop support for v3.16.x
* Calico: promote v3.18.3 as default
2021-05-25 13:40:50 -07:00
efrikin
7db76f8809
Add nodeSelctor for other services and node labels before CNI setup ( #7613 )
2021-05-25 13:40:43 -07:00
Florian Ruynat
bcf695913f
Fix Oracle yum disabled repository file after EPEL install ( #7639 )
2021-05-25 08:30:23 -07:00
Fatih Sarhan
59fc17f4e3
Override the default value of containerd's root, state, and oom_score ( #7622 )
...
* Override the default value of containerd's root, state, and oom_score configurations
* Add tests data for containerd_storage_dir, containerd_state_dir and containerd_oom_score variables
2021-05-19 08:24:53 -07:00
Florian Ruynat
c1aa755a3c
Fix missing broken_etcd filter in recover control plane task ( #7619 )
2021-05-18 10:29:04 -07:00
Pavel Martynov
29c2fbdbc1
Fix cloud_resolver type from str to list (issue #7605 ) ( #7606 )
2021-05-18 06:41:30 -07:00
Pavel Martynov
4b9f98f933
Fix pull_by_digest variable type to boolean instead of str ( #7612 )
2021-05-18 06:29:31 -07:00
Cristian Calin
e9870b8d25
add support for using ansible 2.10.x for deploying kubespray ( #7600 )
...
* add support for using ansible 2.10.x for deploying kubespray
* move dns-autoscaler-clusterrole{binding}.yml to files/ folder
* note that ansible 2.10 is now experimentally supported
* coredns: move files to templates like before #4341
2021-05-18 05:39:31 -07:00
Muzi Li
e0c74fa082
Update nerdctl version to 0.8.1 ( #7617 )
2021-05-17 11:07:30 -07:00
Florian Ruynat
bdf74c6749
Set default version to 1.20.7
2021-05-14 09:48:06 -07:00
Florian Ruynat
d6f9a8d752
Update hashes with 1.21.1/1.20.7/1.19.11
2021-05-14 09:48:06 -07:00
Cristian Calin
14cf3e138b
Support Calico advertisement of MetalLB LoadBalancer IPs ( #7593 )
...
* add initial MetalLB docs
* metallb allow disabling the deployment of the metallb speaker
* calico>=3.18 allow using calico to advertise service loadbalancer IPs
* Document the use of MetalLB and Calico
* clean MetalLB docs
2021-05-12 05:22:17 -07:00
emiran-orange
afbabebfd5
Enables Calico serviceAccount token monitoring and update of /etc/cni/net.d/calico-kubeconfig if need be. ( #7586 )
...
Since K8S 1.21, BoundServiceAccountTokenVolume feature gate is in beta stage, thus activated by default (anyone who follows CSI guidelines has enabled AllAlpha and faced the issue before 1.21).
With this feature, SA tokens are regenerated every hour.
As a consequence for Calico CNI, token in /etc/cni/net.d/calico-kubeconfig copied from /var/run/secrets/kubernetes.io/serviceaccount in install-cni initContainer expires after one hour and any pod creation fails due to unauthorization.
Calico pods need to be restarted so that /etc/cni/net.d/calico-kubeconfig is updated with the new SA token.
2021-05-11 08:47:36 -07:00
Cristian Calin
8c0a2741ae
allow overriding calico peers names and avoid ipv6 naming issues ( #7591 )
2021-05-11 07:05:36 -07:00
Cristian Calin
d90baa8601
add containerd support for Amazon Linux 2 ( #7595 )
2021-05-10 19:25:36 -07:00
muzi502
d5660cd37c
Fix reset cluster task failed ( #7597 )
2021-05-10 17:25:36 -07:00
Cristian Calin
63cec45597
Add Amazon to the check for supported distributions ( #7589 )
2021-05-10 16:17:36 -07:00
Hari Hud
f07e24db8f
Cleanup duplicate task in etcd role ( #7598 )
...
* Remove the duplicate task in etcd role
* Remove inessential delegate_to
2021-05-10 16:11:36 -07:00
Cristian Calin
5d5be3e96a
bump calico 3.18 to v3.18.3 ( #7592 )
2021-05-10 00:34:51 -07:00
Hari Hud
6e7649360f
Ignore error when ipvsadm utility not found on node ( #7587 )
2021-05-07 13:37:04 -07:00
Cedric Hnyda
1dd38721b3
Add external_openstack_enable_ingress_hostname option for openstack ( #7572 )
...
Signed-off-by: Cedric Hnyda <cedric.hnyda@itera.io>
2021-05-04 00:33:11 -07:00
Eugene Artemenko
6a001e4971
Add suport of Vsphere CSI driver 2.X versions ( #7480 )
2021-05-04 00:05:11 -07:00
Samuel Liu
96e6a6ac3f
Add krew support ( #7464 )
...
* Add krew support
* Add reset for krew
* Update install krew(local)
* ansible lint
* yamllint
* fix krew default vars
* fix kubectl_localhost mode
* replace include
* fix e206
2021-05-03 07:16:03 -07:00
bac-w
2556eb2733
Upgrade cilium role ( #7521 )
...
* Upgrade cilium roles
* Del old test result
* Add hubble ui examples
* Refactor hubble metrics
* Markdown fix pipeline errors
* yamllint check and fix
* refactor install from https://github.com/kubernetes-sigs/kubespray/pull/7520
* Docs syntax change (fix)
* Cilium set default 1.8.9
* Update cilium version in Readme
2021-04-30 08:09:59 -07:00
MRoci
a0ee569091
change coredns image name to coredns/coredns
and prefix v
to tag ( #7570 )
...
follow new naming conventions for gcr's coredns image.
starting from 1.21 kubeadm assumes it to be `coredns/coredns`:
this causes the kubeadm deployment being unable to pull image, beacuse `v`
was also added in image tag, until the role `kubernetes-apps` ovverides
it with the old name, which is only compatible with <=1.7.
Backward comptability with kubeadm <=1.20 is mantained checking
kubernetes version and falling back to old names (`coredns:1.xx`) when
the version is less than 1.21
2021-04-30 07:43:58 -07:00
holmesb
3f4eb9be08
Fixes issue #7573 - Made Calico permissions compatible with v3.18.x (see https://github.com/projectcalico/calico/issues/4557 ). Specifically, granted watch to custom resources blockaffinities, ipamblocks & ipamhandles ( #7575 )
2021-04-30 07:25:59 -07:00
muzi502
5ea2d1eb67
Add image_arch in flannel image tag ( #7560 )
...
* Add image_arch variable when download flannel image
* Fix flannel image tag typo with image arch
2021-04-29 17:51:57 -07:00
Florian Ruynat
ffc38a2237
Fix busybox for tests to reduce dockerhub calls ( #7571 )
2021-04-29 17:39:57 -07:00
Cristian Calin
360aff4a57
Rename ansible groups to use _ instead of - ( #7552 )
...
* rename ansible groups to use _ instead of -
k8s-cluster -> k8s_cluster
k8s-node -> k8s_node
calico-rr -> calico_rr
no-floating -> no_floating
Note: kube-node,k8s-cluster groups in upgrade CI
need clean-up after v2.16 is tagged
* ensure old groups are mapped to the new ones
2021-04-29 05:20:50 -07:00
Sergey
d26191373a
add default empty value for etc_hosts_localhosts_dict_target ( #7567 )
2021-04-28 11:34:50 -07:00
Cristian Calin
4c06aa98b5
crio: add supported versions 1.20 and 1.21 and align default with k8s version ( #7562 )
...
* crio: add supported versions 1.20 and 1.21 and align default with k8s version
* cri-o: drop versions 1.17 and 1.18 from version matrix
* update note on cri-o version alignment
2021-04-28 11:30:51 -07:00
muzi502
1b267b6599
Fix calico-kube-controller becomes Error for canal ( #7564 )
2021-04-28 11:26:52 -07:00
Cristian Calin
dd6efb73f7
Calico new versions v3.17.4 and v3.18.2 ( #7563 )
...
* calico: upgrade from v3.17.3 to v3.17.4
* calico: upgrade from v3.18.1 to v3.18.2
2021-04-28 08:22:50 -07:00
harihud
0071e3c99c
Update main.yml ( #7557 )
2021-04-27 15:41:27 -07:00
faruryo
975f84494c
Fix calico-kube-controller becomes Error ( #7548 )
...
Change mode so that calico-kube-controllers can be read because it was changed to run as non-root
https://github.com/projectcalico/kube-controllers/pull/566
2021-04-26 15:37:03 -07:00
Florian Ruynat
7c86734d2e
Add cri-o 1.20/1.21 ( #7544 )
2021-04-26 09:21:16 -07:00
Cristian Calin
8665e1de87
Fix cri-o support for Oracle and AlmaLinux ( #7541 )
2021-04-26 09:11:02 -07:00
Florian Ruynat
c16efc9ab8
Fix Opensuse not working with ansible_distribution ( #7551 )
2021-04-26 08:37:02 -07:00
muzi502
69806e0a46
Add nerdctl cli tool for containerd user ( #7500 )
...
* Add nerdctl cli tool for containerd user
* Add nerdctl enable option
* Add nerdctl enable option and update nerdctl version to 0.8.0
2021-04-25 23:47:01 -07:00
Cristian Calin
ad15a4b755
Bump calico versions ( #7543 )
...
* add calico 3.16.10 hashes
* drop old calico version 3.16.9
2021-04-24 12:37:01 -07:00
Cristian Calin
002a4b03a4
Drop calico 3.15 ( #7545 )
...
* calico: drop support for version 3.15
* drop check for calico version >= 3.3, we are at 3.16 minimum now
* we moved to calico 3.16+ so we can default to /opt/cni/bin/install
2021-04-23 23:43:14 -07:00
Cristian Calin
73db44b00c
Initial AlmaLinux support ( #7538 )
...
* AlmaLinux: ansible>2.9.19 is needed to know about AlmaLinux
* AlmaLinux: identify as a centos derrivative
* AlmaLinux: add AlmaLinux to checks for CentOS
* Use ansible_os_family to compare family and not distribution
2021-04-22 23:50:03 -07:00
Florian Ruynat
b32d25942d
Minor update to cni-plugins and kube-router
2021-04-22 06:47:42 -07:00