Florian Ruynat
582ff96d19
Update docker version to 20.10.20 ( #9410 )
2022-10-20 18:45:15 -07:00
Kenichi Omichi
0374a55eb3
Specify securityContext for cert-manager ( #9404 )
...
On hardening environments, cert-manager pods could not be created
from the corresponding deployments. This adds the securityContext
to solve the issue.
2022-10-20 00:57:08 -07:00
Kay Yan
ccbe38f78c
make-kube-1.25-default ( #9364 )
2022-10-20 00:56:57 -07:00
Vladimir
958840da89
Add var for control initialDelaySeconds in nginx ingress probe ( #9405 )
...
Signed-off-by: Zemtsov Vladimir <vl.zemtsov@gmail.com>
Signed-off-by: Zemtsov Vladimir <vl.zemtsov@gmail.com>
2022-10-19 21:20:56 -07:00
Cristian Calin
1530411218
use cri-o from upstream instead of kubic/OBS ( #9374 )
...
* [cri-o] use cri-o from upstream instead of kubic/OBS
* [cri-o] add proper molecule coverage
* [skopeo] download skopeo from upstream build
* [cri-o] clean up legacy deployments
* disable cri-o per-distribution variables
2022-10-19 05:47:05 -07:00
Mohamed Zaian
0f44e8c812
[ingress-nginx] upgrade to 1.4.0 ( #9403 )
2022-10-18 16:53:00 -07:00
Maxime Leroy
d9c39c274e
fix(defaults): wrong cri_socket path for containerd ( #9401 )
2022-10-18 00:15:18 -07:00
Kenichi Omichi
c38fb866b7
Update securityContext of netchecker ( #9398 )
...
To run netchecker with necessary privilege,
this updates the securityContext.
2022-10-17 19:11:18 -07:00
Mohamed Zaian
5ad1d9db5e
[kubernetes] Add hashes for 1.25.3, 1.24.7, 1.23.13 and make v1.24.7 default ( #9397 )
2022-10-17 05:59:07 -07:00
Kay Yan
32f3d92d6b
Remove PodSecurityPolicies in Calico ( #9395 )
2022-10-17 05:51:07 -07:00
Cristian Calin
23716b0eff
don't define kubeadm_patches by default ( #9372 )
2022-10-14 01:20:46 -07:00
Kay Yan
859df84b45
remove-psp-in-flannel ( #9365 )
2022-10-14 00:16:47 -07:00
Kay Yan
131bd933a6
Fix ensure ping package error in fedora CoreOS & Flatcar ( #9370 )
...
* fix-ensure-package-in-coreos
* clean blank line
2022-10-13 16:54:46 -07:00
Unai Arríen
52904ee6ad
Avoid MetalLB speaker image download when MetalLB speaker is disabled ( #9248 )
...
* Avoid MetalLB speaker image download when metallb_speaker_enabled is set to
* Move metallb_speaker_enabled var to allow outside metalLB role references
* Move metallb_speaker_enabled var to allow outside metalLB role references
* Improve metallb_speaker_enabled default values
2022-10-13 16:50:47 -07:00
ghostloda
547ef747da
fix helm install with password authentication ( #9343 )
2022-10-12 23:55:01 -07:00
ERIK
bc5881b70a
Add the cilium hubble images to download role ( #9376 )
...
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2022-10-12 23:45:00 -07:00
Kenichi Omichi
f4b95d42a6
Add note for containerd oom_score ( #9384 )
...
When we saw 0 as the default value of containerd_oom_score, we had
a question why the value was not -999.
This adds the note to explain it.
2022-10-11 21:49:00 -07:00
Unai Arríen
ef76a578a4
Change dns upstream condition for nodelocaldns ( #9378 )
2022-10-11 00:47:02 -07:00
Piotr Kowalczyk
3b99d24ceb
Fix: install calico-kube-controller on kdd ( #9358 )
...
* Fix: install policy controller on kdd too
* Remove the calico_policy_version condition altogether
* Install policy controller both on canal and calico under same condition
2022-10-10 19:45:01 -07:00
Kay Yan
4701abff4c
upgrade-api-version-for-PodDisruptionBudget ( #9369 )
2022-10-10 17:51:02 -07:00
Joe Siponen
717b8daafe
Download coredns image to all hosts in k8s_cluster ( #9316 )
...
Coredns image must be available everywhere as it
may be rescheduled to a non-control-plane-node.
2022-10-08 05:03:19 -07:00
Kevin Huang
c346e46022
fix(cinder-csi-nodeplugin): Remove the pods-cloud-data volume ( #9362 )
2022-10-08 01:23:19 -07:00
Kenichi Omichi
24632ae81b
Add check_typo job ( #9361 )
...
To block merging pull requests which contain typo automatically.
2022-10-07 02:21:53 -07:00
JSpon
befde271eb
Use hostname override in post-remove role, just as pre-remove role does ( #9360 )
2022-10-06 15:03:52 -07:00
Huang Chen-Yi
d689f57c94
Features/support kubeadm patches v1beta3 ( #9326 )
...
* Support kubeadm patches in v1beta3
* Update kubeadm patches sample files in inventory
* Fix pre-commit syntax
* Set kubeadm_patches enabled to false in sample inventory
2022-10-06 00:39:52 -07:00
William Turner
ad3f503c0c
Fix default value for kubelet_secure_addresses ( #9355 )
2022-10-06 00:35:51 -07:00
Eugene Artemenko
8b9cd3959a
Add possibility to skip adding load balancer name in the hosts file ( #9331 )
2022-10-04 06:26:16 -07:00
Emin AKTAS
dffeab320e
feat: add a paramater to disable host nameservers ( #9357 )
...
Signed-off-by: eminaktas <eminaktas34@gmail.com>
Signed-off-by: eminaktas <eminaktas34@gmail.com>
2022-10-04 06:22:17 -07:00
Kay Yan
999586a110
sysctl_additional ( #9351 )
2022-10-02 23:06:14 -07:00
Kay Yan
44115d7d7a
support-kube-1.25 ( #9260 )
...
Co-authored-by: Rene Luria <rene.luria@infomaniak.com>
2022-09-29 23:34:30 -07:00
Florian Ruynat
841e2f44c0
Remove references to 1.22 ( #9342 )
2022-09-28 14:10:29 -07:00
Hugo Blom
a8e4984cf7
Add missing permissions to openstack cc ( #9335 )
...
Add missing permissions to Openstack cloud controller to make sure controller runs as intended
2022-09-27 22:19:35 -07:00
Rene Luria
3646dc0bd2
fix: remove trailing backslash and yaml indent ( #9339 )
...
* fix: remove trailing backslash
* fixed indent in cilium config template
2022-09-27 19:45:35 -07:00
biqiang Wu
31caab5f92
Fix: The Hubble certificate is faulty because the cluster name is hard coded ( #9340 )
...
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
2022-09-27 05:57:52 -07:00
ERIK
472996c8b3
update pause image version ( #9337 )
...
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2022-09-27 00:49:52 -07:00
Shelming.Song
d62c67a5f5
allow user to set env: FELIX_MTUIFACEPATTERN in calico-node.yml ( #9330 )
2022-09-26 21:57:45 -07:00
Federico Cucinella
e486151aea
cloud-provider-openstack: upgrade 1.22.0 to 1.23.4 ( #9332 )
2022-09-26 17:35:46 -07:00
Ho Kim
18efdc2c51
Fix typos in calico ( #9327 )
2022-09-26 00:11:44 -07:00
Zhong Jianxin
6dff39344b
preinstall: Add nodelocaldns to supersede_nameserver if enabled ( #9282 )
...
When a machine that use dhclient and resolvconf reboots, this will make /etc/resolv.conf
remain close to the one before reboot
2022-09-25 20:19:44 -07:00
Robin Wallace
c4de3df492
upcloud csi driver: bump version to v0.3.3 ( #9317 )
2022-09-24 13:18:04 -07:00
Ilya Margolin
f2e11f088b
Hotfix containerd restart ( #9322 )
2022-09-24 13:14:04 -07:00
Victor Morales
782f0511b9
Define ostree variable for runc ( #9321 )
...
The ostree variable is not defined previously raising an error when
the runtime tries to read it.
2022-09-24 13:00:11 -07:00
Florian Ruynat
4ad67acedd
Move back vsphere csi to kube-system ns ( #9312 )
2022-09-23 10:46:26 -07:00
Kei Kori
467dc19cbd
support removing options in resolvconf with tab separator ( #9304 )
2022-09-23 10:42:27 -07:00
Ilya Margolin
726711513f
[containerd] Allow configuring base_runtime_spec per containerd runtime ( #9302 )
...
and supply a default runtime spec.
2022-09-23 10:38:27 -07:00
Emin AKTAS
9468642269
feat: allows users to have more control on DNS ( #9270 )
...
Signed-off-by: eminaktas <eminaktas34@gmail.com>
Signed-off-by: eminaktas <eminaktas34@gmail.com>
2022-09-23 10:28:26 -07:00
Samuel Liu
d387d4811f
replace createhome ( #9314 )
2022-09-23 00:26:39 -07:00
Kay Yan
1b3c2dab2e
add_max_concurrent_in_coredns ( #9307 )
2022-09-22 04:27:03 -07:00
Mohamed Zaian
76573bf293
[kubernetes] Add hashes for 1.24.6, 1.22.15, 1.23.12 and make v1.24.6 default ( #9308 )
2022-09-22 04:13:03 -07:00
Kay Yan
5d3326b93f
add-ping-package ( #9284 )
2022-09-21 23:55:05 -07:00