Cody Seavey
b6e21a18cc
Modify the populate no_proxy task to use a combine rather than relying on the hash_behaviour setting to be set to merge rather than replace ( #6112 )
2020-05-28 06:42:03 -07:00
petruha
f959cc296f
Fix metrics-server rules ( #6165 )
2020-05-28 03:18:02 -07:00
Flavien
ab44beba17
weave: support any taint effect in daemonset tolerations ( #6159 )
...
Since weave 2.5.1, `NoExecute` taint effect is no more supported,
this changes the daemonset tolerations to change this behavior.
Also remove the toleration key `CriticalAddonsOnly` not required anymore.
2020-05-28 01:10:02 -07:00
Florian Ruynat
b2a0b649fd
Add new Kubernetes version hashes and set default to 1.18.3 ( #6173 )
2020-05-28 01:02:03 -07:00
Florian Ruynat
6179405e84
Update docker default to 19.03 - cleanup docker docs & refs ( #6153 )
2020-05-28 00:52:02 -07:00
spaced
1be15a0864
Enable crio 1.18 ( #6197 )
2020-05-28 00:42:15 -07:00
Etienne Champetier
41b44739b1
Bump CNI plugins to 0.8.6 ( #6196 )
...
https://github.com/containernetworking/plugins/releases/tag/v0.8.6
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2020-05-28 00:42:03 -07:00
Samuel Liu
38ca58ae8d
update pause images version: 3.2 ( #6190 )
2020-05-28 00:38:02 -07:00
Wang Zhen
d62836f2ab
Replace seccomp profile docker/default with runtime/default ( #6170 )
...
Signed-off-by: Wang Zhen <lazybetrayer@gmail.com>
2020-05-27 14:02:02 -07:00
Florian Ruynat
e9ce7243b8
Match docker-cli version with docker-engine version (when available) ( #6163 )
2020-05-25 05:37:11 -07:00
404notfoundhard
d036a04d4d
restart kubelet service when kube-config.yml is changed ( #5402 )
...
* fix(kubelet): exec notify restart kubelet service when kube-config.yml changed
* Revert "refactor(kubelet handler): change task name("reload kubelet") this is misleading"
This reverts commit 8f5d29560802c7c997293adb1ce9f84d3b20b6cb.
* fix(handlers,kubelet): setting right notify task name
2020-05-19 10:13:37 -07:00
Maxime Guyot
35ad57674e
Update containerd to 1.2.13-2 ( #6156 )
2020-05-18 07:57:36 -07:00
qvicksilver
437189c213
Fix missing permissions for OpenStack cloud-controller-manager preventing metrics scraping ( #6124 )
2020-05-18 02:35:45 -07:00
Paul Rey
b5aaaf864d
Add additional network configuration options to external Openstack CCM ( #6083 ) ( #6085 )
...
* Add additional network configuration options to external Openstack CCM (#6083 )
* Change the default version of external openstack cloud controller image to v1.18.1 since there was an issue in v1.18.0 where some IPs of the private network were ignored
* Change Network section in external-openstack-cloud-config.j2 to Networking
* Add networking customization information in the openstack documentation
2020-05-18 02:31:36 -07:00
bozzo
d948839320
Fix resolv.conf configuration for Fedora CoreOS. ( #6138 )
2020-05-18 02:27:36 -07:00
Mateus Caruccio
a5af58c05a
Fix apiserver port when upgrading ( #6136 )
2020-05-18 01:21:36 -07:00
Matthew Mosesohn
fda05df5f1
Only fix kube-proxy address on evaluating kube_master hosts ( #6152 )
...
Change-Id: I83a7101a6cd99eb531d8385de5c31aee4f474469
2020-05-17 13:05:36 -07:00
jeanfabrice
3997aa9a0f
Use OS packaging default value for apparmor_profile in crio.conf ( #6125 )
2020-05-14 21:47:00 -07:00
tasekida
81292f9cf3
Fix apt update don't access Docker’s official repository for Ubuntu ( #6106 )
2020-05-13 07:06:26 -07:00
Florian Ruynat
1f9ccfe54d
Rollback metrics-server version and enable in one CI test ( #6130 )
2020-05-13 06:20:26 -07:00
Hector S
a3131e271a
Removed env vars DOCKER_NETWORK_OPTIONS and INSECURE_REGISTRY from docker.service.j2 ( #6126 )
2020-05-12 13:46:21 -07:00
Anton Kulikov
ed12936be2
Add missing RBAC rule #6116 ( #6121 )
2020-05-11 04:25:51 -07:00
Florian Ruynat
7c00ce5f30
Update metrics-server tag and template ( #6090 )
2020-05-11 03:55:50 -07:00
Florian Ruynat
c87bd53352
Update calico to 3.14.0 ( #6120 )
2020-05-11 03:51:51 -07:00
Andrew DeMaria
af1c93cdfc
Add option to expose metrics on separate port ( #6092 )
2020-05-10 12:21:51 -07:00
petruha
9ce7fc9b2c
Create namespace when dashboard deployment uses customized namespace. ( #6107 )
...
* Create namespace when dashboard deployment uses customized namespace.
* Fix syntax.
2020-05-10 11:38:02 -07:00
Florian Ruynat
b6243bfc1c
Fix ImagePullPolicy missing variable usage ( #6091 )
2020-05-10 11:37:50 -07:00
Florian Ruynat
93579773d6
Cleanup kubernetes 1.15.x hashes (and references) as it has now reached EOL ( #5876 )
2020-05-09 12:19:50 -07:00
Florian Ruynat
0bd23f720d
Fix docker fedora packages ( #6097 )
2020-05-08 15:39:51 -07:00
Florian Ruynat
c605a05c6b
Update coredns to 1.6.7 ( #6086 )
2020-05-08 12:07:51 -07:00
Florian Ruynat
c44f13114f
Allow containerd runtime with fedora os (30/31) - add CI test ( #6094 )
2020-05-08 07:55:43 -07:00
lukasz bielinski
ef7076e36f
fix expected str instance, float found #6078 ( #6103 )
2020-05-08 05:57:42 -07:00
Florent Monbillard
324106e91e
Remove Kubernetes <1.16 conditionals ( #6088 )
2020-05-08 00:45:43 -07:00
Florent Monbillard
218b2a5992
Workaround about inconsistent CRI-O YUM repo path on Kubic repos ( #6101 )
2020-05-07 12:59:42 -07:00
Victor Morales
367566adaa
Fix kubernetes-dashboard template identation ( #6066 )
...
The 98e7a07fba
commit udpates the
dashboard version to 2.0.0 but it enable skip login flag wasn't
updated. This change updates its identation to avoid issues when
dashboard_skip_login is enabled.
2020-05-06 11:17:17 -07:00
Florian Ruynat
c06f482901
Update default kubernetes version to 1.18.2 ( #6064 )
2020-05-06 11:17:09 -07:00
Florian Ruynat
965fe1db94
Update cni spec to 0.4.0 for network plugin allowing it ( #6053 )
2020-05-06 11:13:09 -07:00
Florian Ruynat
f6be326feb
Update kube-ovn to 1.1.1 ( #6060 )
2020-05-06 11:05:09 -07:00
Michael Sheinberg
c58e5e80ce
Bump pypy to 7.3.1, verify hash ( #6070 )
...
As of pypy 7.3.0, we can utilize the official pypy project as opposed to
the previously used "portable-pypy" distribution.
2020-05-06 04:49:08 -07:00
Maxime Guyot
641a2a8bb4
Skip molecule tests for Ubuntu 18.04 ( #6077 )
2020-05-05 07:17:09 -07:00
Florian Ruynat
7d497e46c5
Update calico to 3.13.3 ( #6061 )
2020-05-04 08:56:26 -07:00
Florian Ruynat
f8f55bc413
Update cilium to 1.7.3 ( #6069 )
2020-05-03 12:32:26 -07:00
Florian Ruynat
361645e8b6
Fix multus missing cni and erroneous CI tests ( #6051 )
2020-04-30 23:38:05 -07:00
Maxime Guyot
353d44a4a6
Add CI var for http_proxy ( #6039 )
2020-04-30 05:44:17 -07:00
qvicksilver
680aa60429
Specify tag for OpenStack Cloud Controller image ( #6048 )
2020-04-30 02:02:17 -07:00
qvicksilver
e41766fd58
Fix broken Octavia integration in OpenStack External Cloud Provider ( #6046 )
2020-04-29 11:30:25 -07:00
Maxime Guyot
e4c820c35e
Add molecule tests to containerd role ( #6037 )
2020-04-29 09:08:25 -07:00
Joel Seguillon
db5f83f8c9
update dashboard access doc for 2.0.x ( #6036 )
...
* update dashboard access doc for 2.0.x
* make metrics scrapper system-cluster-critical
2020-04-29 07:20:25 -07:00
Lee Spottiswood
a3d3f27aaa
allow dns autoscaler limits to be specified via variables ( #6020 )
2020-04-28 23:34:25 -07:00
Maxime Guyot
28333d4513
Fix crio runc path on Ubuntu ( #6035 )
2020-04-28 05:28:06 -07:00
Hugo Blom
724a316204
Cinder-CSI default storageclass and volumeBindingMode ( #6026 )
...
* Set volumeBindingMode in cinder CSI template (#22 )
* make sure true/false is lowercase in cinder-csi storageclass
2020-04-28 00:12:04 -07:00
Florian Ruynat
3ff6a2e7ff
Update default (erroneous) backend value for calico ( #6031 )
2020-04-27 00:03:39 -07:00
Florian Ruynat
1ee3ff738e
Add option to enable usage reports to calico servers ( #6030 )
2020-04-27 00:03:30 -07:00
Qasim Sarfraz
52edd4c9bc
Fix liveness probe for cilium operator ( #6016 )
2020-04-26 23:59:29 -07:00
Joel Seguillon
98e7a07fba
bump to dashboard 2.0.0 with metrics scrapper support ( #5821 )
...
* bump to dashboard 2.0 rc6 with metrics scrapper
* fix missing yaml seperator making Replicaset complaining about missing ServiceAccount
* unwanted legay gross hack forgot to remove before
* no need namespace on CrBinding
* bump to 2.0.0 release
* remove dashboard_metrics_scrapper_enabled
2020-04-25 03:55:28 -07:00
Pasquale Toscano
3d5988577a
Support Cilium from version 1.5 ( #6006 )
2020-04-24 06:00:10 -07:00
Florian Ruynat
299e35ebe4
Cleanup unused/erroneous variables ( #6003 )
2020-04-24 01:54:07 -07:00
spaced
cf1566e8ed
Centos, debian and fedora CRI-O repo ( #6008 )
...
* replace removed repo with kubic repository for centos 7
* add crio configuration for centos8
* add crio configurations for debian
* use correct crio version for fedora
* simplify calulation of required crio version
- gives possibility to overwrite
* change default path for runc
* change default for seccomp path
* change default for conmon
2020-04-24 01:18:07 -07:00
spaced
b0484fe3e5
Ubuntu crio repo ( #5994 )
...
* declare kubic repo for ubuntu
* do not install crictl twice
* move fedora repo modular tasks to crio_repo file
* move centos repo tasks to crio_repo
* declare crio version matrix for ubuntu
* update documentation crio support for ubuntu
2020-04-22 13:29:45 -07:00
Florian Ruynat
b8cd9403df
Fix nginx template missing latest changes ( #6000 )
2020-04-22 08:41:52 -07:00
Florent Monbillard
d7df577898
k8s-dns-node-cache 1.15.12 was released ( #5999 )
2020-04-22 07:43:53 -07:00
Maxime Guyot
09bccc97ba
Add CRI-O CI ( #5460 )
2020-04-22 06:09:52 -07:00
Florian Ruynat
1c187e9729
Downgrade coredns to 1.6.5 due to upgrade errors while migrating coredns configmap (Corefile) ( #5960 )
2020-04-22 05:27:52 -07:00
Florian Ruynat
ca45d5ffbe
Fix retries keyword missing until instruction ( #5989 )
2020-04-21 07:20:56 -07:00
Victor Morales
2bec26dba5
Add proxy support to CRI-O service ( #4607 )
...
* Add proxy support to CRI-O service
The crio.service requires proxy environment variables when it's
deployed behind a corporated network. This change creates a systemd
configuration file when the proxy variables are defined.
* Remove unnecesary crio's tasks
2020-04-21 04:12:55 -07:00
Pierre Lebrun
03c8d0113c
Add vSphere external cloud provider ( #5959 )
2020-04-20 08:47:39 -07:00
Lovro Seder
536606c2ed
Fix kube-proxy ds win nodeselector check for 1.17 ( #5982 )
...
* Fix kube-proxy ds nodeselector for older versions
* Fix for ansible-lint
2020-04-20 08:43:39 -07:00
Sergey
6e29a47784
generate flannel manifest only on first master ( #5983 )
2020-04-20 01:33:38 -07:00
Sergey
baff4e61cf
remove image flannel cni ( #5980 )
2020-04-19 06:13:37 -07:00
Florian Ruynat
32fec3bb74
Update minor version for tools (helm, busybox, registry etc...) ( #5961 )
2020-04-18 07:59:36 -07:00
Maxime Guyot
3134dd4c0d
Drop support for Fedora 28 and add Fedora 30 and 31 ( #5969 )
2020-04-18 06:35:36 -07:00
Sergey
6318bb9f96
Return the ability to start control plain from the hyperkube image ( #5422 )
2020-04-18 05:59:36 -07:00
Florian Ruynat
8618a3119b
Fix selector check for windows ( #5974 )
2020-04-18 00:41:35 -07:00
Victor Morales
7930f6fa0a
Ensure /etc/sysconfig/proxy for openSUSE bootstrap ( #5445 )
...
The playbook that bootstrap openSUSE servers assumes that the
/etc/sysconfig/proxy file exists but the execution fails when
these file is not present. This change guarantees its existence.
2020-04-17 14:23:35 -07:00
Florian Ruynat
49bd208026
Update hashes (1.18.2/1.17.5/1.16.9) and set default to 1.17.5 ( #5967 )
2020-04-17 06:55:07 -07:00
Florian Ruynat
83fe607f62
Cleanup deprecated labels beta.kubernetes.io/arch and beta.kubernetes.io/os ( #5964 )
2020-04-17 05:51:06 -07:00
Maxime Guyot
0924c2510c
Use role to copy CNI bin ( #5953 )
2020-04-16 10:06:45 -07:00
Sergey
35f248dff0
assembly fallback_ips and no_proxy var only one time on localhost and… ( #5957 )
...
* assembly fallback_ips and no_proxy var only one time on localhost and populate result on all hosts
* add tag always, fix ansible lint errors
* workaround to mitogen issue dw/mitogen#663
* do not gather fact before install python on coreos like distros
* try to pass docker molecule test
2020-04-16 07:22:47 -07:00
Lovro Seder
b09fe64ff1
Calculate inventory list only once ( #5956 )
2020-04-16 06:12:45 -07:00
Florent Monbillard
54debdbda2
Generate unique username per cluster in client kubeconfig ( #5943 )
...
* Generate unique username per cluster
* rename admin kubeconfig shell output to raw_admin_kubeconfig
* Make the linter happy
* Fix lint errors
* Cleaning up tasks
2020-04-16 05:32:45 -07:00
aharrisson
b6341287bb
Add Molecule to Docker role ( #5129 )
...
* Add Molecule for container-engine/docker
* Add bootstrap-os to Molecule prepare stage
2020-04-15 23:28:45 -07:00
Pasquale Toscano
00efc63f74
Customize PodSecurityPolicies from inventory ( #5920 )
...
* Customize PodSecurityPolicies from inventory
* Fixed yaml indentation
2020-04-15 03:18:02 -07:00
Ryler Hockenbury
b061cce913
Allow configureable vni and port for flannel overlay ( #5939 )
2020-04-15 03:14:02 -07:00
Florian Ruynat
c929b5e82e
Upgrade kube-ovn to v1.1.0 and move test from centos7 to centos8 ( #5852 )
2020-04-15 03:10:03 -07:00
Florian Ruynat
58f48500b1
Update Flannel manifests, install script and version (0.12) + fix tests scripts ( #5937 )
...
* Add CI_TEST_VARS to tests
* Update flannel to 0.12.0 (with new manifests) and disable tx/rx
offloading in networking test
2020-04-14 23:48:02 -07:00
Florian Ruynat
b5125e59ab
update rbac.authorization.k8s.io to non deprecated api-groups ( #5517 )
2020-04-14 13:14:04 -07:00
Christopher Randles
d316b02d28
else condition required otherwise AnsibleUndefinedVariable is triggered ( #5722 )
2020-04-14 07:06:12 -07:00
MikeG
7910198b93
fix error in templating in local-path-provisioner ( #5950 )
2020-04-14 06:52:12 -07:00
Florian Ruynat
45874a23bb
Remove 1.16.x flag for packet_centos7-weave-kubeadm-sep ( #5907 )
2020-04-11 00:15:48 -07:00
spaced
9c3b573f8e
Cleanup fedora coreos with crio container ( #5887 )
...
* fix upgrade of crio on fcos
- update documents
* install conntrack required by kube-proxy
- like commit 48c41bcbe7
* enable fedora modular repo for crio
* allow to override crio configuration
- set cgroup manager same to kubelet_cgroup_driver if defined
- path of seccomp_profile depends on distribution
* allow to override crio configuration
- fix path for ubuntu
* allow to override crio configuration
- fix cni path for fcos
2020-04-10 23:51:47 -07:00
Chris
883194afec
Fix Cilium permissions ( #5923 )
...
* added required permissions for querying endpointslice resources
* copy-pasted role permissions from cilium install manifests
* bumped cilium version to v1.7.2
2020-04-10 23:47:48 -07:00
Sergey
3a63aa6b1e
downgrade nodelocaldns version due bug with flood to error log ( #5931 )
...
https://github.com/kubernetes/kubernetes/issues/90043
2020-04-10 23:41:55 -07:00
Florian Ruynat
82123f3c4e
Upgrade azure csi and fix aws csi tag ( #5938 )
2020-04-10 17:53:47 -07:00
Sergey
8f3d820664
always download docker image on download_host when download_run_once=true ( #5921 )
2020-04-10 01:59:47 -07:00
Florian Ruynat
473a8beff0
Remove hard-coded dependance to docker.service in kubelet.service file ( #5917 )
2020-04-09 08:43:46 -07:00
Alexander Kross
0d675cdd1a
Update Calico to v3.13.2, Multus to v3.4.1. Add ConfigMap get permission to allow calico-node access to kubeadm config. ( #5912 )
2020-04-09 07:27:43 -07:00
aharrisson
9cce46ea8c
Fix idempotence issue in bootstrap-os ( #5916 )
2020-04-09 03:31:44 -07:00
Florian Ruynat
980aeafebe
Add kubernetes 1.18.1 hashes ( #5915 )
2020-04-09 01:53:43 -07:00
Denis Kadyshev
7d1ab3374e
Proxy fixes ( #5869 )
...
* Fix proxy and module_hotfixes
On CentOS 8 with proxy ansible render inline `proxy` and `module_hotfixes` options.
For example:
`proxy=http://127.0.0.1:3128module_hotfixes=True `
But expected result:
```
proxy=http://127.0.0.1:3128
module_hotfixes=True
```
* Use ini_file module for work with ini files
* Prevent duplicates proxy= option in /etc/yum.conf
Module `lineinfile` is weak, use most powerful module `ini_file` and add or remove `proxy=` when `http_proxy` is defined or not.
2020-04-09 01:25:44 -07:00
Alexander Kross
c33a049292
Update docker RHEL/CentOS versions to the latest patch versions available. ( #5872 )
2020-04-08 10:09:45 -07:00