Commit graph

55 commits

Author SHA1 Message Date
Cyclinder
590b4aa240
adjust calico-kube-controller to non-hostnetwork pod ()
Signed-off-by: cyclinder qifeng.guo@daocloud.io

Signed-off-by: cyclinder qifeng.guo@daocloud.io
2022-11-06 17:34:17 -08:00
cleverhu
5cf2883444
add retry for start calico kube controller ()
Signed-off-by: cleverhu <shouping.hu@daocloud.io>

Signed-off-by: cleverhu <shouping.hu@daocloud.io>
2022-11-02 00:18:45 -07:00
Piotr Kowalczyk
3b99d24ceb
Fix: install calico-kube-controller on kdd ()
* Fix: install policy controller on kdd too

* Remove the calico_policy_version condition altogether

* Install policy controller both on canal and calico under same condition
2022-10-10 19:45:01 -07:00
忘尘
1562a9c2ec
add missing verbs () 2022-06-29 00:18:05 -07:00
Sébastien Masset
9d5d945bdb
[MASTER] Add missing configuration for extra tolerations ()
* Added new configuration item for extra tolerations in policy controllers

Signed-off-by: Sébastien Masset <smt.masset@gmail.com>

* Added new configuration item for extra tolerations in DNS autoscaler

Signed-off-by: Sébastien Masset <smt.masset@gmail.com>

* Aligned existing handling of extra DNS tolerations

Signed-off-by: Sébastien Masset <smt.masset@gmail.com>
2022-06-20 01:36:06 -07:00
Calin Cristian Andrei
2de5c4821c [calico] clean up workarounds for older versions 2022-06-15 00:57:20 -07:00
irizzant
85bd1eea27
fix(calico): add missing "get" verb ()
Signed-off-by: irizzant <i.rizzante@gmail.com>
2022-05-21 01:20:00 -07:00
Kenichi Omichi
f80fd24a55
Fix risky-file-permissions ()
When running ansible-lint directly, we can see a lot of warning
message like

  risky-file-permissions File permissions unset or incorrect

This fixes the warning messages.
2022-01-09 01:51:12 -08:00
Cristian Calin
31c7b6747b
Calico: add dependencies for 3.21.x () 2021-12-02 01:17:33 -08:00
Krystian Młynek
6f6fad5a16
Calico: add missing verbs in ClusterRole () 2021-10-28 11:11:01 -07:00
Olivier Levitt
7019c2685d
Increase cpu limit to prevent throttling () 2021-10-14 11:03:36 -07:00
Cristian Calin
858b29f425
Calico: add support for v3.19.1 ()
* Calico: add v3.19.1 hashes

* enable liveness probe for calico-kube-controllers

3.19.1

* Calico: drop support for v3.16.x

* Calico: promote v3.18.3 as default
2021-05-25 13:40:50 -07:00
efrikin
7db76f8809
Add nodeSelctor for other services and node labels before CNI setup () 2021-05-25 13:40:43 -07:00
holmesb
3f4eb9be08
Fixes issue - Made Calico permissions compatible with v3.18.x (see https://github.com/projectcalico/calico/issues/4557). Specifically, granted watch to custom resources blockaffinities, ipamblocks & ipamhandles () 2021-04-30 07:25:59 -07:00
Kenichi Omichi
486b223e01
Replace kube-master with kube_control_plane ()
This replaces kube-master with kube_control_plane because of [1]:

  The Kubernetes project is moving away from wording that is
  considered offensive. A new working group WG Naming was created
  to track this work, and the word "master" was declared as offensive.
  A proposal was formalized for replacing the word "master" with
  "control plane". This means it should be removed from source code,
  documentation, and user-facing configuration from Kubernetes and
  its sub-projects.

NOTE: The reason why this changes it to kube_control_plane not
      kube-control-plane is for valid group names on ansible.

[1]: https://github.com/kubernetes/enhancements/blob/master/keps/sig-cluster-lifecycle/kubeadm/2067-rename-master-label-taint/README.md#motivation
2021-03-23 17:26:05 -07:00
Florian Ruynat
222a77dfe7
Change node-role.kubernetes.io from master to control-plane () 2021-01-21 08:13:03 -08:00
Hans Feldt
28073c76ac
Calico upgrade path validation and old version cleanup ()
* calico: add constant calico_min_version_required

and verify current deployed version against it.

* calico: remove upgrade support with data migration

The tool was used pre v3.0.0 and is no longer needed.

* calico: remove old version support from tasks

* calico: remove old ver support from policy ctrl

* calico: remove old ver support from node

* canal: remove old ver support

* remove unused calicoctl download checksums

calico_min_version_required is the oldest version that can be installed
Older versions can be removed.
2020-09-24 09:04:06 -07:00
Hans Feldt
93698a8f73
Calico: update crds to v1 and cr ()
* Update CustomResourceDefinition for kubecontrollersconfigurations.crd.projectcalico.org to v1
* Align ClusterRole for kube-controllers with upstream (calico)
2020-09-03 00:51:40 -07:00
nurekage
017df7113d
Patch Calico for V3.14.0 missing CR and CRD () 2020-07-01 08:44:16 -07:00
Florian Ruynat
101686c665
Remove outdated CriticalAddonsOnly toleration and critical-pod annotation () 2020-06-09 05:23:30 -07:00
Anton Kulikov
ed12936be2
Add missing RBAC rule () 2020-05-11 04:25:51 -07:00
Florian Ruynat
83fe607f62
Cleanup deprecated labels beta.kubernetes.io/arch and beta.kubernetes.io/os () 2020-04-17 05:51:06 -07:00
Florian Ruynat
b5125e59ab
update rbac.authorization.k8s.io to non deprecated api-groups () 2020-04-14 13:14:04 -07:00
Anshul Sharma
79a6b72a13
Removed deprecated label kubernetes.io/cluster-service () 2020-03-30 01:19:53 -07:00
Jacopo Secchiero
97764921ed Fix calico name resolution () 2019-11-11 04:01:41 -08:00
Sergey
81d57fe658 set calico_datastore default value in role kubespray-default () 2019-10-17 05:58:38 -07:00
刘旭
de9443a694 remove unused code () 2019-07-16 01:39:24 -07:00
jlacoline
20c7e31ea3 Add calico 3.7.3 support ()
* Add calico 3.7.3 support

* add calico_datastore variable to policy controller role

* add missing clusterrole rules for calico policy controller

* disable calico kube controller when kdd mode is used for versions < 3.6
2019-07-09 12:42:28 -07:00
Andreas Krüger
818aa7aeb1 Set dnsPolicy to ClusterFirstWithHostNet when hostNetwork is true () 2019-06-05 03:17:55 -07:00
MarkusTeufelberger
e67f848abc ansible-lint: add spaces around variables [E206] () 2019-05-02 14:24:21 -07:00
Matthew Mosesohn
d89ecb8308 disable metrics server and fix terraform ()
* disable metrics server in centos7-flannel-addons job

Change-Id: I1d87923547584896f64dda9ea8feb5581ad48cbe

* Fix tf facility->facilities syntax

Change-Id: I434bfe53f47e8e4a546890e0b62d24bde6e6d6a7

* Update Terraform CI for facilities

* Fix undefined variable error
2019-04-23 12:06:03 -07:00
Maxime Guyot
50751bb610 Revert "Optimize kube resources creation ()" ()
This reverts commit f8fdc0cd93.
2019-04-23 20:37:23 +03:00
andreyshestakov
f8fdc0cd93 Optimize kube resources creation () 2019-04-22 23:34:10 -07:00
Maxime Guyot
ec3daedf9e Revert "Fix for unknown 'kubernetes.io' or 'k8s.io' labels specified with --node-labels ()" ()
This reverts commit 586ad89d50.
2019-04-17 07:58:06 -07:00
Robert Neumann
586ad89d50 Fix for unknown 'kubernetes.io' or 'k8s.io' labels specified with --node-labels ()
* Fix the file path for all.yml and k8s-cluster.yml

* Fix --node-labels namespace error "unknown labels specified"

* Update templates and configs kubelet node-labels
2019-04-10 04:14:12 -07:00
wangxf
a096761306 [PR-Calico]Support calico 3.4.0 ()
* Suport calico 3.4.0

Signed-off-by: wangxf1987 <xiaofeix.wang@gmail.com>

* Remove symlink + cni conflist template when 3.3.0+, handle Canal, addition of install-cni: sidecar(3.3.0) or initontainer(3.4.0), KUBECONFIG_FILEPATH, calico_cert_dir, advertise cluster ips

* scheduler.alpha.kubernetes.io/critical-pod deprecated since 1.12
2019-01-28 11:03:49 -08:00
Rong Zhang
225f765b56 Upgrade kubernetes to v1.13.0 ()
* Upgrade kubernetes to v1.13.0

* Remove all precense of scheduler.alpha.kubernetes.io/critical-pod in templates

* Fix cert dir

* Use kubespray v2.8 as baseline for gitlab
2018-12-06 12:11:48 -08:00
Chad Swenson
145687a48e Reduce log spam of verbose tasks ()
Added a loop_control label to a few tasks that flood our logs.
2018-12-04 10:35:44 -08:00
Erwan Miran
7bec169d58 Fix ansible syntax to avoid ansible deprecation warnings ()
* failed

* version_compare

* succeeded

* skipped

* success

* version_compare becomes version since ansible 2.5

* ansible minimal version updated in doc and spec

* last version_compare
2018-10-16 15:33:30 -07:00
Erwan Miran
9232261665 serviceaccounts is required in resources list of cluster role () 2018-10-04 11:32:37 -07:00
Kuldip Madnani
36898a2c39 Adding pod priority for all the components. ()
* Changes to assign pod priority to kube components.

* Removed the boolean flag pod_priority_assignment

* Created new priorityclass k8s-cluster-critical

* Created new priorityclass k8s-cluster-critical

* Fixed the trailing spaces

* Fixed the trailing spaces

* Added kube version check while creating Priority Class k8s-cluster-critical

* Moved k8s-cluster-critical.yml

* Moved k8s-cluster-critical.yml to kube_config_dir
2018-09-25 07:50:22 -07:00
Frank Ritchie
f42e0a4711 Change update strategy to RollingUpdate.
When enable_network_policy is set to True with Calico 3 kubectl
apply fails with the error:

The Deployment "calico-kube-controllers" is invalid:
spec.strategy.rollingUpdate: Forbidden: may not be specified when
strategy type is 'Recreate'

See

https://github.com/kubernetes-incubator/kubespray/issues/3267

Changing the update strategy to RollingUpdate avoids this error.
2018-09-11 12:03:42 -04:00
Aivars Sterns
23fd3461bc calico upgrade to v3 ()
* calico upgrade to v3

* update calico_rr version

* add missing file

* change contents of main.yml as it was left old version

* enable network policy by default

* remove unneeded task

* Fix kubelet calico settings

* fix when statement

* switch back to node-kubeconfig.yaml
2018-08-23 17:17:18 +03:00
Wong Hoi Sing Edison
c3b3572025 Always create service account even rbac_enabled = false 2018-08-22 11:41:29 +08:00
Matthew Mosesohn
03bcfa7ff5
Stop templating kube-system namespace and creating it ()
Kubernetes makes this namespace automatically, so there is
no need for kubespray to manage it.
2018-03-30 14:29:13 +03:00
Kevin Lefevre
9368dbe0e7 update calico to 2.6.2 ()
Move RS to deployment so no need to take care of the revision history
limits :
  - Delete the old RS
  - Make Calico manifest a deployment
  - move deployments to apps/v1beta2 API since Kubernetes 1.8
2017-11-28 12:01:30 +00:00
Matthew Mosesohn
86fb669fd3 Idempotency fixes () 2017-10-25 21:19:40 +01:00
Matthew Mosesohn
fc9a65be2b Refactor downloads to use download role directly ()
* Refactor downloads to use download role directly

Also disable fact delegation so download delegate works acros OSes.

* clean up bools and ansible_os_family conditionals
2017-10-19 09:17:11 +01:00
Aivars Sterns
9c86da1403 Normalize tags in all places to prepare for tag fixing in future () 2017-10-05 08:43:04 +01:00
Matthew Mosesohn
a56738324a Move set_facts to kubespray-defaults defaults
These facts can be generated in defaults with a performance
boost.

Also cleaned up duplicate etcd var names.
2017-10-04 14:02:47 +01:00