Commit graph

102 commits

Author SHA1 Message Date
Etienne Champetier
e7fad8224d Add auto_renew_certificates_systemd_calendar (#7490)
This allow to configure when K8S certificates renewal runs

Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
(cherry picked from commit bf6a39eb84)

Conflicts:
        inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml
        roles/kubernetes/master/defaults/main/main.yml
        roles/kubernetes/master/templates/k8s-certs-renew.timer.j2
2021-04-21 00:16:10 -07:00
Fredrik Liv
58b926561e Default to latest kubernetes patch version (1.19.10) 2021-04-19 01:28:37 -07:00
Etienne Champetier
b19d109a12 Auto renew control plane certificates (#7358)
While at it remove force_certificate_regeneration
This boolean only forced the renewal of the apiserver certs
Either manually use k8s-certs-renew.sh or set auto_renew_certificates

Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
(cherry picked from commit efa180392b)

Conflicts:
	roles/kubernetes/master/templates/k8s-certs-renew.service.j2
	roles/kubernetes/master/templates/k8s-certs-renew.sh.j2
	roles/kubernetes/master/templates/k8s-certs-renew.timer.j2
2021-03-23 07:29:36 -07:00
Etienne Champetier
4e52da6a35 Set K8S default to v1.19.9
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
2021-03-23 07:29:36 -07:00
Etienne Champetier
daea9f3d21 Set Kubernetes default version to 1.19.8
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
2021-03-02 08:33:19 -08:00
Florian Ruynat
09fa99fdc6
Update hashes and set default version to 1.19.7 (#7150) 2021-01-13 14:57:02 -08:00
Florian Ruynat
0c995c1ea7
Remove last 1.19.5 references (#7107) 2021-01-06 08:43:51 -08:00
Anthony Rabbito
93445b4dbc
Update hashes and set default version to 1.19.5 (#7012)
* Update hashes and set default version to 1.19.5

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Reorder hashes

1.19.5 hashes should be near 1.19.x

* Added back blank line
2020-12-16 01:42:20 -08:00
Christoph Stäbler
1a491fc10c
Update hashes and set default to 1.19.4 (#6903) 2020-12-03 06:34:59 -08:00
Etienne Champetier
68b96bdf1a
Helm v3 only (#6846)
* Fix etcd download dest

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>

* Only support Helm v3, cleanup install

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2020-12-02 00:20:50 -08:00
Florian Ruynat
f6eed8091e
Remove contiv related files (#6964) 2020-11-30 06:48:50 -08:00
Florian Ruynat
60b0fb3e88
Update hashes and set default version to 1.19.3 (#6841) 2020-10-21 00:58:20 -07:00
Bogdan Peste
5e32655830
Added option to force apiserver and respective client certificate to … (#6403)
* Added option to force apiserver and respective client certificate to be regenerated without necessarily needing to bump the K8S cluster version

* Removed extra blank line
2020-10-12 06:02:48 -07:00
Hans Feldt
270f91e577
cleanup kubelet_deployment_type (#6815)
No longer used/supported
2020-10-12 00:04:47 -07:00
Wang Zhen
edea63511d
Fix reserved memory unit in kubelet configuration (#6725)
* Fix reserved memory unit in kubelet configuration

Signed-off-by: Wang Zhen <lazybetrayer@gmail.com>

* Move systemReserved default values from template

Signed-off-by: Wang Zhen <lazybetrayer@gmail.com>
2020-09-22 15:20:09 -07:00
Florent Monbillard
68118c2653
Expose offline install overrides in inventory (#6728)
* Expose offline install overrides in inventory

* Remove not recommended warning
2020-09-22 07:14:48 -07:00
Florian Ruynat
79226d0870
Add Kubernetes hashes 1.19.2/1.18.9/1.17.12 and set default (#6698) 2020-09-17 11:12:45 -07:00
Hans Feldt
6da385de9d
Use "kubeadm join" to join masters to control plane (#6661)
Remove configuration variable kubeadm_control_plane
2020-09-17 04:34:45 -07:00
Florian Ruynat
a556f8f2bf
Remove deprecated (and removed in 1.19) flag and function --basic-auth-file (#6655) 2020-09-11 00:30:14 -07:00
Florian Ruynat
ad15721677
Add Kubernetes 1.19.1 hashes and set default (#6654) 2020-09-10 10:43:46 -07:00
Mikael Johansson
040dda37ed
Add comment clarifying network allocation and sizes (#6607)
* Add comment from roles/kubespray-defaults/defaults/main.yaml clarifying network allocation and sizes

Signed-off-by: Mikael Johansson <mik.json@gmail.com>

* Rewrite of the comment and added new examples

Signed-off-by: Mikael Johansson <mik.json@gmail.com>
2020-09-10 03:49:44 -07:00
Sulochan Acharya
36924b63dc
Allow webhook authorization (#6502) 2020-08-24 06:29:41 -07:00
Florian Ruynat
142b9e1eff
Update k8s hashes and set default version to 1.18.8 (#6532) 2020-08-21 00:09:39 -07:00
Florent Monbillard
924cc11af6
Upgrade to kubernetes 1.18.6 (#6405)
- Add 1.17.9 and 1.16.13 SHAs
2020-07-29 14:54:09 -07:00
Florian Ruynat
f515898cb5
Update hashes and set default version to 1.18.5 (#6335) 2020-06-30 02:00:05 -07:00
Samuel Liu
c29b21717d
Add event-ttl duration (#6310)
* Add event-ttl duration

* Fix wrong location
2020-06-24 08:15:17 -07:00
Pasquale Toscano
8f5c4dcd2e
Add support for Kata Containers (#6256)
* Install Kata Containers as additional container runtime

* Create RuntimeClasses for Kata Containers

* Updated Vagrant to optionally run without Docker as container manager

* Updated Vagrant to optionally use Libvirt nested virtualization

* Add Kata Containers documentation

* Fix lint errors

* Add kata_containers_enabled to kubespray-defaults

* Fixed typo error

* Fixed typo error
2020-06-22 00:28:39 -07:00
Florian Ruynat
eeb77369cb
Update hashes and set default to 1.18.4 (#6285) 2020-06-18 06:30:19 -07:00
Samuel Liu
dba645421f
ADD tls cipher suites support (#6024)
* ADD tls cipher suites support

yaml lint

yamllint

* update test case

* update test case
2020-06-16 04:10:05 -07:00
Florian Ruynat
b2a0b649fd
Add new Kubernetes version hashes and set default to 1.18.3 (#6173) 2020-05-28 01:02:03 -07:00
Florian Ruynat
c06f482901
Update default kubernetes version to 1.18.2 (#6064) 2020-05-06 11:17:09 -07:00
Florian Ruynat
49bd208026
Update hashes (1.18.2/1.17.5/1.16.9) and set default to 1.17.5 (#5967) 2020-04-17 06:55:07 -07:00
Pasquale Toscano
00efc63f74
Customize PodSecurityPolicies from inventory (#5920)
* Customize PodSecurityPolicies from inventory

* Fixed yaml indentation
2020-04-15 03:18:02 -07:00
spaced
0c51352a74
remove unused kubelet options (#5903) 2020-04-07 11:51:44 -07:00
Ali Sanhaji
937adec515
Azure Disk CSI deployment (#5833)
* Azure Disk CSI deployment

* Mention Azure CSI support

* Fix: remove unnecessary file

* Typo in documentation

* Add newline to end of file
2020-04-01 00:53:27 -07:00
Ali Sanhaji
484df62c5a
GCP Persistent Disk CSI Driver deployment (#5857)
* GCP Persistent Disk CSI Driver deployment

* Fix MD lint

* Fix Yaml lint
2020-03-31 00:06:40 -07:00
Florian Ruynat
09308d6125
Upgrade to Kubernetes 1.174 (#5628)
* Upgrade to Kubernetes 1.17.4 - change defaults

* Update ci jobs to previous k8s release (will fix them afterward)
2020-03-27 07:40:23 -07:00
Ali Sanhaji
a8a05a21a4
AWS EBS CSI implementation (#5549)
* AWS EBS CSI implementation

* Fixing image repos

* Add OWNERS file

* Fix expressions

* Add csi-driver tag

* Add AWS EBS prefix to variables

* Add AWS EBS CSI Driver documentation
2020-03-25 13:10:25 -07:00
Pasquale Toscano
4b5299bb7a
Add variables to configure Containerd default runtime, untrusted runt… (#5497)
* Add variables to configure Containerd default runtime, untrusted runtime and additional runtimes

* Add containerd settings to sample inventory

* Empty commit
2020-03-16 03:48:36 -07:00
bozzo
d69db3469e
Add external zones in nodelocaldns configuration (#5591)
Allows to configure additionnal zone for domains not resolved by `upstream_dns_servers`.
2020-03-14 06:26:34 -07:00
Florent Monbillard
ca73e29ec5
Use k8s.gcr.io for kubernetes related images (#5764)
* Use k8s.gcr.io for kubernetes related images

* Use k8s.gcr.io in inventory sample
2020-03-13 14:41:48 -07:00
Florent Monbillard
0330442c63
Kubernetes 1.16.8 (#5770)
* Kubernetes 1.16.8

* Use 1.16.8 in sample inventory and kubespray-defaults
2020-03-13 13:41:47 -07:00
Fabiano Tessarolo
16fd2e5d68
Fix etcd deployment type variable location (#5587)
On deployments types where etcd server is splitted from Kube Master, the deployment fails since it cannot find the variable.
2020-02-07 02:17:43 -08:00
Florian Ruynat
f1025dce4e Update to hashes and default version (1.15.8 / 1.16.5 / 1.17.1) (#5564) 2020-01-23 03:54:49 -08:00
ooneko
2a9aead50e Set kube_image_repo use {{ gcr_image_repo }} (#5314)
To aviod repeat "gcr.io" again.
2019-12-09 02:52:02 -08:00
Florian Ruynat
257c20f39e add 1.16.3 checksums and set new version as default (#5384) 2019-11-27 01:29:20 -08:00
Hugo Blom
db33dc6938 Add support for Kubernetes 1.16.2 (#5272)
* Add support for Kubernetes 1.16.1

* Defaults to 1.16.1

* add 1.16.2 checksums and set new version as default

* correct 1.16.2 checksums and add 1.15.5 checksums
2019-10-16 18:34:38 -07:00
Matthew Mosesohn
a43e0d3f95 Switch to Kubernetes v1.16.0 (#5189)
* Switch to Kubernetes v1.16.0

Change-Id: I5d6a9528b2d443750fc5e031aff15ad3ffead158

* Fix download localhost cached file path

Change-Id: I65e79b70e3d1b37265ebc60f41b460cf4b0a0d47

* fix kubeadm etcd for v1.16

Change-Id: I6888a00fd48b530a38b0b31c4095492476af42d2

* disable tf packet jobs

Change-Id: I075c4666547fdea4c50ec04864f38e2cfaa79154

* Disable contiv packet jobs. Fix kube-router

Change-Id: I3170e8789e60711d4cee8faf65f2094480b79b8d

* bump sonobuoy version

Change-Id: Ib946905629c7c53ed88f08fb2f41c454457a0097
2019-10-02 02:21:07 -07:00
Etienne Champetier
81cb302399 MetalLB: fail if kube_proxy_strict_arp is false (#5180)
When using IPVS, kube_proxy_strict_arp = true is required
https://github.com/danderson/metallb/issues/153#issuecomment-518651132

Add kube_proxy_strict_arp to inventory/sample
2019-09-26 04:21:06 -07:00
陈谭军
2fc02ed456 fix-typo (#5199) 2019-09-25 04:04:00 -07:00