Commit graph

497 commits

Author SHA1 Message Date
Felix Breuer
973628fc1b
FIX: Bastion undefined variable (#7227)
Fixes the following error when using Bastion Node with the sample config.
```
fatal: [bastion]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'bastion'\n\nThe error appears to be in '/home/felix/inovex/kubespray/roles/bastion-ssh-config/tasks/main.yml': line 2, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n---\n- name: set bastion host IP\n  ^ here\n"}
```
2021-01-28 10:07:37 -08:00
Ryler Hockenbury
774ec49396
Update azure cloud config (#7208)
* Allow configureable vni and port for flannel overlay

* additional options for azure cloud config
2021-01-26 07:24:35 -08:00
Etienne Champetier
8f2b0772f9
containerd,docker: stop installing extras repo on CentOS/RHEL (#7203)
This was introduced in 143e2272ff
Extra repo is enabled by default in CentOS, and is not the right repo for EL8
Instead of adding a CentOS repo to RHEL, enable the needed RHEL repos with rhsm_repository

For RHEL 7, we need the "extras" repo for container-selinux
For RHEL 8, we need the "appstream" repo for container-selinux, ipvsadm and socat

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-25 03:12:54 -08:00
Florian Ruynat
222a77dfe7
Change node-role.kubernetes.io from master to control-plane (#7183) 2021-01-21 08:13:03 -08:00
Florian Ruynat
7a033a1d55
Add hashes and update default K8S version to 1.20.2 (#7171) 2021-01-15 12:43:09 -08:00
Florian Ruynat
09fa99fdc6
Update hashes and set default version to 1.19.7 (#7150) 2021-01-13 14:57:02 -08:00
Florian Ruynat
b59035df06
change nginx default HTTPS protocol from "SSLv2" to "TLSv1.2 TLSv1.3" (#7144) 2021-01-13 08:34:36 -08:00
Cristian Klein
b9077d3ea2
Add ping_access_ip; allows to disable ping test (#7020)
In some environments, it might not be possible to ping the IP address
of the nodes, e.g., because ICMP echo is blocked.

This commit allows kubespray to be configured to disable the ping
check, while performing all other checks.
2021-01-11 06:15:08 -08:00
Florian Ruynat
e8a8a7b8cc
Update sample to 3 master node (#7117) 2021-01-08 09:14:54 -08:00
Florian Ruynat
0c995c1ea7
Remove last 1.19.5 references (#7107) 2021-01-06 08:43:51 -08:00
flix444
308ceee46c
Valuating conditional (need_https_proxy.rc != 0) fail if http_proxy set and skip_http_proxy_on_os_packages is true (#7078)
* Remove because of empty need_http_proxy.rc if http/https_proxy and skip_http_proxy_on_os_packages=true is set

* Modify sample for debian and centos skip_http_proxy

* Modify sample for debian and centos skip_http_proxy
2021-01-05 18:49:51 -08:00
Catblade
10a6bd67de
Calico: update files to handle multi-asn bgp peering conditions. (#6971)
* update files to handle multi-asn bgp peering conditions.

* put back in the serviceClusterIPs.  Bad merge.

* remove extraneous environment var.

* update files as discussed with mirwan

* update titles.

* add not in.

* add a conditional for using bgp to advertise cluster ips.

Co-authored-by: marlow-h <mweston@habana.ai>
2020-12-17 22:54:25 -08:00
Anthony Rabbito
93445b4dbc
Update hashes and set default version to 1.19.5 (#7012)
* Update hashes and set default version to 1.19.5

Signed-off-by: anthr76 <hello@anthonyrabbito.com>

* Reorder hashes

1.19.5 hashes should be near 1.19.x

* Added back blank line
2020-12-16 01:42:20 -08:00
Christoph Stäbler
1a491fc10c
Update hashes and set default to 1.19.4 (#6903) 2020-12-03 06:34:59 -08:00
Etienne Champetier
68b96bdf1a
Helm v3 only (#6846)
* Fix etcd download dest

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>

* Only support Helm v3, cleanup install

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2020-12-02 00:20:50 -08:00
Florian Ruynat
f6eed8091e
Remove contiv related files (#6964) 2020-11-30 06:48:50 -08:00
Sergey
4a8a52bad9
containerd docker hub registry mirror support (#6962)
* containerd docker hub registry mirror support

* add docs

* fix typo

* fix yamllint

* fix indent in sample
and ansible-playbook param in testcases_run

* fix md

* mv common vars to tests/common/_docker_hub_registry_mirror.yml

* checkout vars to upgrade tests
2020-11-30 00:22:49 -08:00
Florian Ruynat
405692d793
Switch some image from dockerhub to k8s.gcr (also increase pkg retries) (#6955) 2020-11-26 08:46:19 -08:00
Andrii
8a153ed38e
Add serviceExternalIPs option for calico installation (#6928) 2020-11-25 05:34:39 -08:00
Barry Melbourne
eb16986f32
Add RHEL support subscription registration (#6572) 2020-11-24 08:33:00 -08:00
Florian Ruynat
60b0fb3e88
Update hashes and set default version to 1.19.3 (#6841) 2020-10-21 00:58:20 -07:00
wand3r3r
f323d70c0f
Adding option to disable globally applying a proxy to etc/yum.conf (#6828)
* Adding option to disable gloablly applying a proxy to etc/yum.conf

* Change made to proxy_yum_globaly basedon reviewer feedback

* fix trailing spaces in ymllint
2020-10-20 23:22:19 -07:00
Bogdan Peste
5e32655830
Added option to force apiserver and respective client certificate to … (#6403)
* Added option to force apiserver and respective client certificate to be regenerated without necessarily needing to bump the K8S cluster version

* Removed extra blank line
2020-10-12 06:02:48 -07:00
Hans Feldt
270f91e577
cleanup kubelet_deployment_type (#6815)
No longer used/supported
2020-10-12 00:04:47 -07:00
holmesb
1301e69c7d
If no_proxy_exclude_workers is true, workers will be excluded from the no_proxy variable.  This prevents docker engine restarting when scaling workers. (#6520)
Signed-off-by: holmesb <5072156+holmesb@users.noreply.github.com>
2020-10-09 01:15:07 -07:00
Mateusz Adamek
aba63f0f9a
Added support for dynamic tags in AWS and Azure. (#6752)
* Added support for dynamic tags in AWS and Azure.

* Added examples of dynamic tags configuration.
2020-09-26 10:50:48 -07:00
Wang Zhen
edea63511d
Fix reserved memory unit in kubelet configuration (#6725)
* Fix reserved memory unit in kubelet configuration

Signed-off-by: Wang Zhen <lazybetrayer@gmail.com>

* Move systemReserved default values from template

Signed-off-by: Wang Zhen <lazybetrayer@gmail.com>
2020-09-22 15:20:09 -07:00
Florent Monbillard
68118c2653
Expose offline install overrides in inventory (#6728)
* Expose offline install overrides in inventory

* Remove not recommended warning
2020-09-22 07:14:48 -07:00
David Louks
1e79dcfcaa
Added ability to set calico vxlan vni and port. defaults to calico's … (#6678)
* Added ability to set calico vxlan vni and port. defaults to calico's documented defaults.

* Check if calico_network_backend is defined prior to checking value

* Removed calico hidden defaults for vxlan port and vni

* Fixed FELIX_VXLANVNI typo
2020-09-22 01:04:48 -07:00
Florent Monbillard
5bd937ece0
Remove pypi repo and pip extra flags (#6729) 2020-09-21 13:27:51 -07:00
Marc-Antoine
5ec2467268
Add external_openstack_lbaas_provider setting for occm (#6566)
* Add external_openstack_lbaas_provider setting for occm

* Integrate with existing lbaas_provider block

* Refactor lbaas_provider config template block

* Remove external_openstack_lbaas_use_octavia from sample inventory
2020-09-21 07:04:32 -07:00
Florian Ruynat
05c9169c70
Fix example value for etcd_quota_backend_bytes (#6724) 2020-09-21 05:42:31 -07:00
Florian Ruynat
79226d0870
Add Kubernetes hashes 1.19.2/1.18.9/1.17.12 and set default (#6698) 2020-09-17 11:12:45 -07:00
Hans Feldt
6da385de9d
Use "kubeadm join" to join masters to control plane (#6661)
Remove configuration variable kubeadm_control_plane
2020-09-17 04:34:45 -07:00
Lukas Grossar
a870dd368e
Allow configuration of nodelabels in local_volume_provisioner (#6620) 2020-09-17 02:44:58 -07:00
Barry Melbourne
b6b26c710f
Add support for Calico CNI host-local IPAM plugin (#6580) 2020-09-17 02:44:46 -07:00
Florian Ruynat
a556f8f2bf
Remove deprecated (and removed in 1.19) flag and function --basic-auth-file (#6655) 2020-09-11 00:30:14 -07:00
Florian Ruynat
ad15721677
Add Kubernetes 1.19.1 hashes and set default (#6654) 2020-09-10 10:43:46 -07:00
Florian Ruynat
1712ba1198
Add iptables_backend to weave options (#6639) 2020-09-10 03:49:52 -07:00
Mikael Johansson
040dda37ed
Add comment clarifying network allocation and sizes (#6607)
* Add comment from roles/kubespray-defaults/defaults/main.yaml clarifying network allocation and sizes

Signed-off-by: Mikael Johansson <mik.json@gmail.com>

* Rewrite of the comment and added new examples

Signed-off-by: Mikael Johansson <mik.json@gmail.com>
2020-09-10 03:49:44 -07:00
Hans Feldt
803d52ffce
kubernetes: remove unused variables (#6601) 2020-09-04 04:53:56 -07:00
Maxim Pogozhiy
0553814b4f
Add selectable dns policy for kube-router (#6586) 2020-09-04 04:53:41 -07:00
Barry Melbourne
03c9c091f2
Docker: Set Cgroup driver by default to systemd (#6563)
* Set Docker Cgroup driver to systemd

* Add docker_cgroup_driver in Docker defaults
2020-08-31 04:56:20 -07:00
Marc-Antoine
5a8b68a429
Add support for openstack application credentials (#6534)
* Add support for openstack application credentials

* Add some lines for readability

* Update external_openstack_tenant_id check

Do not check external_openstack_tenant_id when application credentials are defined

* Add check for external_openstack_domain_id

* Fix typo
2020-08-31 03:30:28 -07:00
nic0las
f59d3fc4a3
Deviceroutesourceaddress (#6508)
* add FELIX_DEVICEROUTESOURCEADDRESS calico option

* add calico_use_default_route_src_ipaddr option 

add calico_use_default_route_src_ipaddr option to use FELIX_DEVICEROUTESOURCEADDRESS calico option

* Update k8s-net-calico.yml
2020-08-27 02:07:01 -07:00
Sulochan Acharya
36924b63dc
Allow webhook authorization (#6502) 2020-08-24 06:29:41 -07:00
Florian Ruynat
142b9e1eff
Update k8s hashes and set default version to 1.18.8 (#6532) 2020-08-21 00:09:39 -07:00
נυαη נυαηѕση
6c41f64a98
Correct sample inventory to pass yamllint (#6499)
Nit alert.  Sample inventory throws an error when processed
by yamllint.  The default line is currently commented out.
However, when uncommenting it our linters fail.
2020-08-05 01:52:48 -07:00
Mike Williams
e72dbf3dfc
Option for MetalLB to talk BGP (#6383)
* Option for MetalLB to talk BGP

* Check for BGP peers when metallb_protocol is bgp

* README clarification

* Commented values as documentation only in the sample inventory

* layer 2 or BGP, not both
2020-08-05 01:52:40 -07:00
Florent Monbillard
924cc11af6
Upgrade to kubernetes 1.18.6 (#6405)
- Add 1.17.9 and 1.16.13 SHAs
2020-07-29 14:54:09 -07:00