Commit graph

6784 commits

Author SHA1 Message Date
Zhong Jianxin
6dff39344b
preinstall: Add nodelocaldns to supersede_nameserver if enabled (#9282)
When a machine that use dhclient and resolvconf reboots, this will make /etc/resolv.conf
remain close to the one before reboot
2022-09-25 20:19:44 -07:00
Robin Wallace
c4de3df492
upcloud csi driver: bump version to v0.3.3 (#9317) 2022-09-24 13:18:04 -07:00
Ilya Margolin
f2e11f088b
Hotfix containerd restart (#9322) 2022-09-24 13:14:04 -07:00
Victor Morales
782f0511b9
Define ostree variable for runc (#9321)
The ostree variable is not defined previously raising an error when
the runtime tries to read it.
2022-09-24 13:00:11 -07:00
Kevin Huang
fa093ee609
feat(docs/openstack.md): Put Additional step needed when using calico or kube-router in own section (#9320) 2022-09-24 13:00:04 -07:00
Samuel Liu
612bcc4bb8
add liupeng0518 to approvers list (#9313) 2022-09-24 12:52:05 -07:00
Florian Ruynat
4ad67acedd
Move back vsphere csi to kube-system ns (#9312) 2022-09-23 10:46:26 -07:00
Kei Kori
467dc19cbd
support removing options in resolvconf with tab separator (#9304) 2022-09-23 10:42:27 -07:00
Ilya Margolin
726711513f
[containerd] Allow configuring base_runtime_spec per containerd runtime (#9302)
and supply a default runtime spec.
2022-09-23 10:38:27 -07:00
Emin AKTAS
9468642269
feat: allows users to have more control on DNS (#9270)
Signed-off-by: eminaktas <eminaktas34@gmail.com>

Signed-off-by: eminaktas <eminaktas34@gmail.com>
2022-09-23 10:28:26 -07:00
Samuel Liu
d387d4811f
replace createhome (#9314) 2022-09-23 00:26:39 -07:00
Kay Yan
1b3c2dab2e
add_max_concurrent_in_coredns (#9307) 2022-09-22 04:27:03 -07:00
Mohamed Zaian
76573bf293
[kubernetes] Add hashes for 1.24.6, 1.22.15, 1.23.12 and make v1.24.6 default (#9308) 2022-09-22 04:13:03 -07:00
Kay Yan
5d3326b93f
add-ping-package (#9284) 2022-09-21 23:55:05 -07:00
Mohamed Zaian
68dac4e181
[flannel] update to v1.19.2 & make it default (#9296) 2022-09-21 23:51:04 -07:00
Ilya Margolin
262c96ec0b
Remove duplication in template (#9301)
by concatenating default and additional runtimes
2022-09-21 08:33:15 -07:00
Mohamed Zaian
2acdc33aa1
[helm] upgrade to 3.9.4 (#9298) 2022-09-20 04:37:20 -07:00
Krystian Młynek
8acd33d0df
Calico: add wireguard support for Rocky Linux 9 (#9287) 2022-09-20 00:29:20 -07:00
pingrulkin
a2e23c1a71
vsphere-csi: add nodeAffinity to daemonset (#9293) 2022-09-19 17:47:22 -07:00
rtsp
1b5cc175b9
[cert-manager] Upgrade to v1.9.1 (#9295) 2022-09-19 17:43:22 -07:00
Mohamed Zaian
a71da25b57
[argocd] update argocd to v2.4.12 (#9297) 2022-09-19 17:37:22 -07:00
Vadim
5ac614f97d
fix duplicate field in ingress-nginx template (#9285) 2022-09-19 03:03:22 -07:00
ErmalKristo
b8b8b82ff4
Adds support for multiple architectures to yq (#9288) 2022-09-19 02:14:38 -07:00
Necatican Yıldırım
7da3dbcb39
Cilium 1.12 Upgrade (#9225)
* Drop support for Cilium < 1.10

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* Synchronize Cilium templates for 1.11.7

Signed-off-by: necatican <contact@necatican.com>

* Set Cilium v1.12.1 as the default version

Signed-off-by: necatican <contact@necatican.com>

Signed-off-by: necatican <necaticanyildirim@gmail.com>
Signed-off-by: necatican <contact@necatican.com>
2022-09-19 02:14:31 -07:00
Mohamed Zaian
680293e79c
[kubernetes] Add hashes for 1.24.5, 1.22.14, 1.23.11 and make v1.24.5 default (#9286) 2022-09-19 02:10:31 -07:00
Mahdi Abbasi
023b16349e
Add variable for the vsphere-csi namespace (#9278) 2022-09-15 02:01:23 -07:00
lijin-union
c4976437a8
Fix typos in docs (#9276) 2022-09-15 00:09:22 -07:00
Kay Yan
97ca2f3c78
add-timezone-support (#9263) 2022-09-14 21:11:22 -07:00
niesel
e76385e7cd
Update offline.yml (#9274)
Change "ubuntu_repo" to "debian_repo" for containerd_debian_repo_base_url and containerd_debian_repo_gpgkey
2022-09-13 16:55:01 -07:00
ERIK
7c2fb227f4
Add LimitMEMLOCK parameter configuration in containerd.service (#9269)
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>

Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2022-09-13 02:51:06 -07:00
ghostloda
08bfa0b18f
Upgrade ingress nginx webhook to 1.3.0 (#9271) 2022-09-13 01:47:05 -07:00
Ho Kim
952cad8d63
Remove mutual exclusivity in calico: NAT and router mode (#9255)
* Add optional NAT support in calico router mode

* Add a blank line in front of lists

* Remove mutual exclusivity: NAT and router mode

* Ignore router mode from NAT

* Update calico doc
2022-09-13 00:19:07 -07:00
rptaylor
5bce39abf8
add optional parameter extra_groups for k8s_nodes (#9211) 2022-09-13 00:13:08 -07:00
cleverhu
fc57c0b27e
fix number node name can't be added (#9266)
Signed-off-by: cleverhu <shouping.hu@daocloud.io>

Signed-off-by: cleverhu <shouping.hu@daocloud.io>
2022-09-13 00:09:05 -07:00
Samuel Liu
dd4bc5fbfe
[etcd] Sometimes, we do not need to run etcd role on all nodes. (#9173)
* WIP: sometimes,we not run etcd

* fix ansible lint

* like calico(kdd) cni, no need run etcd
2022-09-09 01:29:22 -07:00
Mohamed Zaian
d2a7434c67
[ingress-nginx] upgrade to 1.3.1 (#9264) 2022-09-09 00:37:23 -07:00
Kenichi Omichi
5fa885b150
Remove unused cri_dockerd_enabled configuration (#9259)
Since the commit fad296616c cri_dockerd_enabled
has not been used. But the packet_ubuntu22-aio-docker.yml still contains
the configuration and causes confusions.
This removes the configuration for cleanup.
2022-09-08 00:06:05 -07:00
ghostloda
f3fb758f0c
Remove useless file (#9258) 2022-09-07 17:10:49 -07:00
Krystian Młynek
6386ec029c
add retries for restart of kube-apiserver (#9256)
* add retries for restart of kube-apiserver

* change var name
2022-09-07 16:48:49 -07:00
Ho Kim
ad7cefa352
Ignore deleting nodes that are not in cluster (#9244) 2022-09-05 19:50:54 -07:00
Ho Kim
09d9bc910e
Fix typos in calico comments (#9254) 2022-09-05 18:46:54 -07:00
Kay Yan
e2f1f8d69d
add-Rocky-9-support (#9212) 2022-09-04 16:54:36 -07:00
Michael Schmitz
be2bfd867c
Add Support for Rewrite Plugin to CoreDNS/NodelocalDNS (#9245) 2022-09-03 16:16:35 -07:00
lou-lan
133a7a0e1b
Add featureDetectOverride configration of calico (#9249) 2022-09-02 04:58:05 -07:00
ERIK
efb47edb9f
Update kubespray version to v2.19.1 (#9241)
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>

Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2022-09-01 23:36:05 -07:00
Kay Yan
36bec19a84
add-yankay-to-reviewers (#9247) 2022-09-01 03:47:05 -07:00
Cristian Calin
6db6c8678c
disable kubelet_authorization_mode_webhook by default (#9238) 2022-08-31 04:53:00 -07:00
Florian Ruynat
5603f9f374
Update security contacts file (#9235) 2022-08-30 22:43:00 -07:00
蒋航
7ebb8c3f2e
make calico installation more stable (#9227)
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>

Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
2022-08-30 21:13:01 -07:00
Alessio Greggi
acb6f243fd
feat: add kubelet systemd service hardening option (#9194)
* feat: add kubelet systemd service hardening option

* refactor: move variable name to kubelet_secure_addresses

Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>

* docs: add diagram about kubelet_secure_addresses variable

Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>
2022-08-30 11:18:55 -07:00