Commit graph

4186 commits

Author SHA1 Message Date
Alex
36393d77d3
Encrypting Secret Data at Rest (#8574)
* change default value for Encrypting Secret Data at Rest to secretbox, remove experimental flag and add documentation

* fix MD012/no-multiple-blanks
2022-02-23 03:04:18 -08:00
Ilya Margolin
e053ee4272
Check all places with check_mode: no for side effects (#8573)
and fix the one with side effect.

Also removes `notify` from this task as the task has `changed_when: false`
and notify is not going to fire.
2022-02-23 01:20:18 -08:00
jayonlau
1d46c07307
Cleanup crictl configuration file (#8569) 2022-02-23 00:58:19 -08:00
Ilya Margolin
f9b5e448c1
Prevent removing etcd member when running in check mode (#8570) 2022-02-22 23:34:18 -08:00
kakkotetsu
3effb008c9
improve validation conditions for MetalLB BGP Peers (#8568) 2022-02-22 23:12:18 -08:00
cyril-corbon
a088f492f4
chore: remove addon-resizer (#8566)
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-02-22 09:51:16 -08:00
Necatican Yıldırım
e9c8913248
Add kubeadm option to etcd_deployment_type to replace the etcd_kubeadm_enabled variable (#8317)
* Add kubeadm option to etcd_deployment_type to replace the etcd_kubeadm_enabled variable

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* Add etcd kubeadm deployment documentation

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* Refactor warning for the deprecated 'etcd_kubeadm_enabled' variable

Signed-off-by: necatican <necaticanyildirim@gmail.com>
2022-02-22 08:53:16 -08:00
Florian Ruynat
b9a27c91da Update kubernetes dashboard to 2.5.0 2022-02-21 03:54:11 -08:00
Florian Ruynat
d4f654275b Set default kubernetes version to 1.23.4 2022-02-21 03:54:11 -08:00
Florian Ruynat
f6eb4c749d Add kubernetes hashes for 1.23.4/1.22.7/1.21.10 2022-02-21 03:54:11 -08:00
cyril-corbon
418fc00718
fix: kube-dns service deletion (#8565)
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-02-21 02:48:11 -08:00
Florian Ruynat
2537177929
Fix amazon docker version (#8564) 2022-02-18 23:50:11 -08:00
Sander Klein
9af719bf99
This fixes the etcd node removal. (#8526)
Since we are already on an etcd node while executing the commands, there 
is no need to find out an etcd IP because it is on localhost.
2022-02-18 07:20:23 -08:00
Cristian Calin
063fc525b1
nerdctl: upgrade to 0.16.1 (#8539) 2022-02-16 02:04:37 -08:00
Mac Chaffee
0f73d87509
Allow pausing after upgrade but before uncordon (#8530)
* Allow pausing after upgrade but before uncordon

* Expand docs for upgrade pausing vars

Signed-off-by: Mac Chaffee <me@macchaffee.com>
2022-02-15 16:39:02 -08:00
Cristian Calin
402e85ad6e
[calico] upgrade release checksums (#8544)
* [calico] upgrade 3.19.x to 3.19.4

* [calico] upgrade 3.20.x to 3.20.4

* [calico] upgrade 3.21.x to 3.21.4 and make it the default

* [calico] add 3.22.0 checksums

* [calico] account for path changes in calico 3.21.4 crd archive and above
2022-02-15 16:35:02 -08:00
Tony Fouchard
1d635e04e4
Allow to specify a source address for metallb peerings, and target only some nodes using node selectors (#8534) 2022-02-15 13:57:19 -08:00
kakkotetsu
98d5d0cdd5
add support for Dual Stack node InternalIP (#8542) 2022-02-15 00:28:02 -08:00
kakkotetsu
1ebe456f2d
add support for Calico IP6_AUTODETECTION_METHOD (#8541) 2022-02-14 17:26:14 -08:00
Cristian Calin
c6e5314fab
implement download mirrors support (#8474)
* [download] add mechanism to support mirrors

* [calico] support alternate download url
2022-02-14 13:19:32 -08:00
Tom Stian Berget
84b93090a8
Change Cilium setting identity_allocation_mode to cilium_identity_allocation_mode (#8519)
* Change Cilium identity_allocation_mode to cilium_identity_allocation_mode

* Change inventory sample
2022-02-08 14:04:35 -08:00
Byeonggon Lee
5695c892d0
Fix wrong port name in metallb.yml.j2 (#8510) 2022-02-07 09:43:45 -08:00
Krystian Młynek
87928baa31
CRI-O: fix unqualified-search registries (#8496) 2022-02-04 23:46:50 -08:00
mgiessing
6a4fd33a03
Added ppc64le support (#8505)
* Added ppc64le support

* Fixed linting errors
2022-02-04 00:14:00 -08:00
cyril-corbon
790448f48b
feat: update cert-manager to 1.7.0 (#8491)
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-02-03 17:24:00 -08:00
Ilya Margolin
aed187e56c
Fix kubelet_kubelet_cgroups_cgroupfs (#8500)
If kubelet is run with systemd (as it always is when using kubespray),
it starts in systemd's /system.slice/kubelet.service cgroup.

This commit prevents a creation and usage of a second unrelated cgroup.
2022-02-02 00:50:22 -08:00
Cristian Calin
5ecb07b59a
[nerdctl] upgrade to 0.16.0 (#8484)
* [nerdctl] upgrade nerdctl to 0.16.0

* [nerdctl] add configuration file
2022-02-01 15:11:48 -08:00
Cristian Calin
ff621fb7f1
[ingress-nginx] upgrade to 1.1.1 (#8490) 2022-02-01 09:50:11 -08:00
Michael Schmitz
eacd55fbca
Use sysctl_file_path variable for all sysctl_file locations (#8395)
* Use sysctl_file_path variable for all sysctl_file locations

* Add sysctl_file_path variable to kubespay-defaults

* Remove previously used sysctl file locations if present

* Use explicit filename in roles/kubernetes/node/defaults/main.yml

* Defaults: use explicit value
2022-02-01 08:12:10 -08:00
Cristian Calin
c47634290e
[helm] upgrade to 3.8.0 (#8489) 2022-02-01 06:34:12 -08:00
Tristan
92d612c3e0
8487: Allow override of default CoreDNS zone cache (#8488)
Using the coredns_cluster_zone_cache_block variable
2022-02-01 00:48:18 -08:00
Ilya Margolin
2bbe5732b7
Add node label to etcd metrics (#8475)
targetRef on endpoints surfaces as
__meta_kubernetes_endpoint_address_target_kind/__meta_kubernetes_endpoint_address_target_name
in prometheus and gets converted to the label `node` by
prometheus-operator
2022-01-31 06:08:23 -08:00
Samuel Liu
e6e7fbc25f
fix reset containerd_storage_dir undefined (#8478)
* fix reset containerd_storage_dir

* add env to kubespray-defaults
2022-01-31 05:46:23 -08:00
Ilya Margolin
7d4d554436
Document host_resolvconf as default value for resolvconf_mode (#8493)
refs #8247
2022-01-31 03:12:24 -08:00
cyril-corbon
d31db847b7
feat: update local path to v0.0.21 (#8492) 2022-01-31 01:08:24 -08:00
Calin Cristian Andrei
ababcd5481 [kube] make 1.23.3 the new default 2022-01-31 00:22:24 -08:00
Calin Cristian Andrei
7caffde0b6 [kube] add 1.23.3 hashes 2022-01-31 00:22:24 -08:00
华忠啊
52f221f976
Adaptive Kube-ovn (#8454) 2022-01-27 01:08:10 -08:00
Cristian Calin
26a5948d2a
[reset] remove containerd storage during reset (#8469) 2022-01-26 05:10:01 -08:00
Florian Ruynat
d580014c66
Fix CI for Fedora (followup) + OpenSUSE Leap (update to 15.3) (#8407)
* Fix fedora jobs - followup

* Update OpenSUSE Leap to 15.3

* Fix cilium version in README + update minor 1.11.1
2022-01-24 23:24:30 -08:00
Calin Cristian Andrei
be9a1f80c1 [kube] make 1.23.2 the default version 2022-01-24 11:59:33 -08:00
Calin Cristian Andrei
73ff3b0d3b [kubernetes] add hashes for 1.23.2, 1.22.6 and 1.21.9 2022-01-24 11:59:33 -08:00
cyril-corbon
9fce9ca42a
feat: upgrade azuredisk csi to v1.10.0 (#8432)
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-01-24 00:41:56 -08:00
Cristian Calin
f1adb734e3
[cri-tools] add hashes for 1.23.0 (#8442) 2022-01-24 00:21:56 -08:00
cyril-corbon
575e0ca457
feat: add eviction hard to kubelet config (#8421)
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-01-24 00:13:57 -08:00
Alex
69f088bb82
add hash-values for runc v1.1.0 - first upstream runc version for multi-arch (#8447) 2022-01-23 23:51:57 -08:00
Cristian Calin
ef34f5fe7d
[calico] switch default iptables backend detection to Auto (#8429) 2022-01-23 23:47:57 -08:00
Victor Morales
e88aa7c96b
Add youki runtime support (#8411) 2022-01-21 14:01:07 -08:00
Johann Schley
38d129a0b6
add external hcloud cloud controller manager (#8440) 2022-01-20 12:31:09 -08:00
onock
392815d97c
[cert-manager] Fix missing RBAC rules for ClusterRole cert-manager-cainjector kubernetes-sigs#8104. (#8444) 2022-01-20 12:17:09 -08:00