Commit graph

696 commits

Author SHA1 Message Date
Bart Sloeserwij
59f62473c9
Update configuration of registries in cri-o (#7852)
* Update configuration of registries in cri-o

* Update docs to match new registry configuration
2022-01-05 07:36:40 -08:00
Cristian Calin
3eab1129b9
CI: Replace CentOS 8 with AlmaLinux 8 before CentOS 8 EOL end of 2021 (#8297) 2022-01-05 02:20:33 -08:00
Kenichi Omichi
78c83a8f26
Update containerd doc (#8369)
This is a follow-up change for https://github.com/kubernetes-sigs/kubespray/pull/7911
2022-01-05 00:32:33 -08:00
Nguyễn Trung
e72f8e0412
Update node about container_manager variable (#7911)
I was deploy my cluster with separate etcd cluster and not intersect with kube_control_plane or kube_node. And I want to run etcd cluster in docker but still used containerd to make container runtime for all other nodes. Therefore, I was added note to this doc for everyone 

Thank !
2022-01-04 14:29:20 -08:00
Nicolas MASSE
f01f7c54aa
Add support for CRI-O user namespaces (#8268)
* add support for cri-o user namespaces

* comply with yamllint rules
2021-12-20 06:37:25 -08:00
kakkotetsu
c59407f105
add support for Calico BGPPeer sourceAddress (#8306) 2021-12-20 01:51:25 -08:00
Hanna Bledai
615216f397
Fix if bind-address is not set to 0.0.0.0 (#8262)
* if bind-address is not set to 0.0.0.0

* Update docs and left comments

* fix yamllist check: remove space
2021-12-05 23:58:32 -08:00
Florian Ruynat
e19ce27352
Remove ovn4nfv support (#8265) 2021-12-03 11:56:35 -08:00
Florian Ruynat
e82443241b
Move opensuse CI to docker and fix ubuntu16 containerd version for docker (#8257) 2021-12-02 08:01:34 -08:00
Florian Ruynat
b38382a68f
Move cri-o default package to 1.22 (#8258) 2021-12-02 06:21:34 -08:00
Florian Ruynat
30ec03259d
Remove fedora33 - eol (#8246) 2021-11-30 15:53:17 -08:00
Cristian Calin
ee882fa462
Add capability to use swap, requires Kube 1.22 (#8241)
* Alpha-NodeSwap: allow nodes to use swap

* CI: Add Fedora 35 with experimental swap job
2021-11-30 00:52:56 -08:00
Cristian Calin
52ee5d0fff
Various documentation updates (#8243)
* Docs: update CONTRIBUTING.md

* Docs: clean up outdated roadmap and point to github issues instead

* Docs: update note on kubelet_cgroup_driver

* Docs: update kata containers docs with note about cgroup driver

* Docs: note about CI specific overrides
2021-11-29 15:05:21 -08:00
Florian Ruynat
a5f88e14d0
Cleanup tests (#8234)
* Add Fedora 35 image, support and CI

* Cleanup tests and allow_failure for vagrant
2021-11-26 09:00:51 -08:00
Cristian Calin
e78bda65fe
Defaults: replace docker with containerd as our default container_manager (#8175)
* Defaults: replace docker with containerd as our default container_manager

* CI: Use docker for download_localhost test

* Defaults: with container_manager=containerd we need etcd_deployment_type=host

* CI: Run weave jobs with docker

* CI: Vagrant don't download_force_cache

* CI: Fix upgrade tests

* should run compatible with old settings, this means docker
* we need to run with a distro that has at least modern containerd,
  this means move from debian9 to debian10 to allow `containerd_version`
  to match between 2.17 and master
2021-11-25 06:54:33 -08:00
zhengtianbao
e35a87e3eb
Update registry template (#8198)
* Add registry replica setting

* Add registry liveness and readiness probe

* Set the security context for registry

* Add registry pvc access mode option

* registry add replica requirement check

* docs: add registry replicas setting note

* Update docs/kubernetes-apps/registry.md

Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>

Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>
2021-11-22 02:45:09 -08:00
Karthikeya Viswanath
25316825b1
docs: remove basic auth reference in getting-started (#7823) 2021-11-19 14:49:23 -08:00
Mathieu Parent
0263c649f4
Allow to scrape etcd metrics using a service (#8203)
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
2021-11-17 23:53:01 -08:00
Lubos Mercl
424163c7d3
add gce support (#8179)
Author:    lmercl <lubos.mercl@gmail.com>
Date:      Wed Nov 10 15:30:04 2021 +0000

fix markdown
2021-11-16 08:58:28 -08:00
EDGsheryl
4d79a55904
Remove extra parameter kube_proxy_remove (#8158)
Signed-off-by: EDGsheryl <edgsheryl@gmail.com>
2021-11-15 00:02:48 -08:00
Cristian Calin
039205560a
nodelocaldns: allow a secondary pod for nodelocaldns for local-HA (#8100)
* nodelocaldns: allow a secondary pod for nodelocaldns for local-HA

* CI: add job to test nodelocaldns secondary
2021-11-09 09:57:47 -08:00
Cristian Calin
4a8757161e
Docker: replace the use of containerd_version with docker_containerd_version to avoid causing conflicts when bumping containerd_version (#8130) 2021-11-08 15:56:49 -08:00
Antoine Gatineau
b7eb1cf936
cert-manager: add trusted internal ca when configured (#8135)
* cert-manager: add trusted internal ca when configured

* wrong check for inventory variable

* Update documentation
2021-11-05 09:43:52 -07:00
Pasquale Toscano
6e5b9e0ebf
Fix Kubelet and Containerd when using cgroupfs as cgroup driver (#8123) 2021-11-05 07:59:54 -07:00
Cristian Calin
8d553f7e91
Mitogen: deprecate the use of mitogen and remove coverage from CI (#8147) 2021-11-05 00:57:52 -07:00
Erkan Zileli
8d82033bff
fix(doc): update typo (#8148)
I guess `kubernetes-the-hard-way` should be `kubernetes-the-kubespray-way` because of recently created network name is `kubernetes-the-kubespray-way`.
2021-11-02 01:16:58 -07:00
Florian Ruynat
331647f4ab
Remove deprecated Ambassador ingress code (#8086) 2021-10-26 15:19:09 -07:00
Cristian Calin
3c30be1320
cert-manager: update docs to reflect 1.5.x links (#8117) 2021-10-25 03:14:23 -07:00
Cristian Calin
6a5b87dda4
netchecker: update images to 1.2.2 from Mirantis (#8074)
* netchecker: update images to 1.2.2 from Mirantis which is slightly less ancinet than the l23networks images

* Netchecker: use local etcd instead of kubernetes v1beta1 crds which are no longer suported by kube 1.22+
2021-10-19 10:17:04 -07:00
Omar Aloraini
6aac59394e
Rocky Linux support (#8095)
* Add Rocky as a known OS

* Make sure Rocky includes bootstrap-centos.yml

* Update docs with Rocky Linux

* Rocky Linux wireguard and EPEL

* Rocky Linux in the list of supported distributions
2021-10-19 08:29:04 -07:00
Cristian Calin
cee481f63d
cert-manager: upgrade to 1.5.4 (#8069)
* cert-manager: update to 1.5.4

* cert-manager: remove outdated guidelines on creating an initial ClusterIssuer
2021-10-12 09:17:47 -07:00
Florian Ruynat
c68fb81aa7
Clarify documentation for integration.md (#8049) 2021-10-06 16:44:41 -07:00
Orhun Parmaksız
c5c10067ed
Update kubespray version to 2.17.x in first cluster guide (#8043) 2021-10-04 00:09:07 -07:00
Nicolas Goudry
af949cd967
Fix invalid documentation links (#7692)
* Fix invalid link to Ansible documentation

* Fix invalid link to mitogen doc page

* Fix invalid link to calico doc page

* Fix all invalid links to doc pages
2021-09-28 09:58:43 -07:00
Cristian Calin
33146b9481
CI: Add Calico eBPF in HA mode test (#7710)
* Sample-Inventory: add sample for calico_bpf_enabled

* Calico-Doc: note about CONFIG_NET_SCHED for eBPF support

* CI: Add Calico eBPF in HA mode test
2021-09-24 09:57:23 -07:00
Cristian Calin
ae44aff330
Calico: increase calico node probe timeouts and allow tunning (#7981) 2021-09-17 16:08:07 -07:00
andrew.k
85d18fc107
add node-based upgrade (#7785) 2021-09-13 23:59:07 -07:00
Florian Ruynat
7e4b176323
Update Ansible tags in documentation (#7933) 2021-09-02 10:08:58 -07:00
Florian Ruynat
207d3e7b4e
Add Debian-11 image and CI (#7919) 2021-08-31 14:02:22 -07:00
Cristian Calin
1afdb05ea9
Fedora and RHEL use etc_t and the convention is <type_name>_t (#7891)
* Fedora and RHEL use etc_t and the convention is <type_name>_t

* Docs: specify all values for preinstall_selinux_state

* CI: Add Fedora 34 with SELinux in enforcing mode
2021-08-27 14:20:53 -07:00
Léopold Jacquot
d635961120
Add Infomaniak to compatible public clouds list (#7910) 2021-08-26 06:47:24 -07:00
Hari Hud
d5b865da4d
Update etcd without rotating etcd certs (#7907) 2021-08-26 00:21:23 -07:00
Baargav
9dfade5641
Update nodes.md (#7902) 2021-08-24 02:43:14 -07:00
Hrittik Roy
dad4b26c6f
Update Azure.md (#7880) 2021-08-20 20:23:58 -07:00
rtsp
dfd35892f2
docs/cert_manager.md: Update docs for K8s v1.22 (#7877) 2021-08-19 18:31:24 -07:00
Frank Ritchie
1f09229740
Update cilium to 1.9.9 (#7871)
Now that 1.10 is out this is to make 1.9.9 the default. I am running
this version successfully.
2021-08-16 13:34:22 -07:00
Eugene Artemenko
e2b67b5700
Add suport of Vsphere CSI driver 2.2.X versions (#7848) 2021-08-09 08:19:38 -07:00
Vitaliy D
5db86f4c2b
Update vSphere CPI (#7838)
Changes:
  * ClusterRole updated according to the latest manifests from
    https://github.com/kubernetes/cloud-provider-vsphere
  * vSphere CPI/CSI default versions bumped and
    tested successfully on K8S 1.21.1
  * vSphere documentation updated

Signed-off-by: Vitaliy D <vi7alya@gmail.com>
2021-07-29 18:17:37 -07:00
Kenichi Omichi
20c284c276
doc: Update 'Kubespray vs Kubeadm' (#7834)
non-kubeadm mode has been removed since ddffdb63bf
2.5 years ago. The non-kubeadm makes unnecessary confusion today, then
this updates the documentation.
2021-07-28 03:15:34 -07:00
Markus Opolka
befc6cd650
Update MetalLB documentation (#7833)
- Added a hint about the kube_proxy_strict_arp configuration, which is required for MetalLB to work
 - See also https://github.com/kubernetes-sigs/kubespray/pull/5180/files
2021-07-27 08:46:45 -07:00
Atsushi Nukariya
417180246c
Fix: typos in docs and comments (#7805) 2021-07-16 18:58:50 -07:00
Karthikeya Viswanath
22b128dfd2
fix: update metallb docs url (#7802) 2021-07-16 03:38:08 -07:00
spaced
c2cf0d9945
add containerd on fedora CoreOS (#7794)
* set selinux type t_etc if selinux state is enforcing

* workaround with update repo is no longer needed
remove comments about failing playbook

* grubby is not available in distros using ostree

* remove docker support because removed in fcos
update install script example with live rootfs

* do not call grubby on ostree based distro

* update docs enabling containerd on fedora coreos
2021-07-15 00:00:48 -07:00
Cristian Calin
7516fe142f
Move to Ansible 3.4.0 (#7672)
* Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10

* Docs: add a note about ansible upgrade post 2.9.x

* CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures

* Ansible: use newer ansible-lint

* Fix ansible-lint 5.0.11 found issues

* syntax issues
* risky-file-permissions
* var-naming
* role-name
* molecule tests

* Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+

* Pin ansible-base to 2.10.11 to get package fix on RHEL8
2021-07-12 00:00:47 -07:00
Arian van Putten
394afc957b
Update vars.md to remove mention of string syntax of node_labels (#7776)
* Update vars.md to remove mention of string syntax of node_labels

Fixes https://github.com/kubernetes-sigs/kubespray/issues/6215

* Try fix makrdown linting

* Update docs/vars.md
2021-07-07 14:20:22 -07:00
andrew.k
63e92d719a
Clarify first master replace (#7761)
* Update nodes.md

* fix syntax

* fix syntax - part 2

* replace master with kube_control_plane

* return etcd-master
2021-07-07 13:42:23 -07:00
Julien Carpentier
9b87131b19
Fix Operating Systems menu for Amazon Linux 2 (#7772) 2021-07-05 01:30:55 -07:00
Kenichi Omichi
b77f207512
Docs: Replace master with control plane (#7767)
This replaces master with "control plane" in Kubespray docs
because of [1].

[1]: https://github.com/kubernetes/enhancements/blob/master/keps/sig-cluster-lifecycle/kubeadm/2067-rename-master-label-taint/README.md#motivation
2021-07-01 00:55:55 -07:00
Cristian Calin
05d864c913
Calico Docs: clarify the algorithm to calculate calico_veth_mtu (#7749)
* Claico Docs: clarify the algorithm to calculate calico_veth_mtu

* Update sample calico_veth_mtu
2021-06-27 23:59:25 -07:00
Cristian Calin
a2cf6816ce
Calico wireguard (#7638)
* Calico: add Wireguard support

* CI: Add Calico Wireguard scenario
2021-06-25 03:22:45 -07:00
rptaylor
70f1abbc18
fix broken link in doc (#7736)
* fix broken link in doc

* Revert "fix broken link in doc"

This reverts commit b427d1f57f.

* move metallb doc to right place, fixing broken link
2021-06-25 01:34:45 -07:00
Hamed Bahadorzadeh
271be92b02
Update kubernetes-reliability.md (#7724)
It's a minor change, I just corrected `–` char to `-`.
2021-06-21 10:36:51 -07:00
Cristian Calin
282a27a07c
gVisor: initial support for gVisor container runtime (#7661)
* Docker/Containerd: move downloads urls to containerd-common

* gVisor: initial support for gVisor container runtime
2021-06-21 05:18:51 -07:00
forselli-stratio
1069b05e68
Improve scale flow and documentation (#7610)
* Improve scale flow

* Add confirmation prompt again
2021-06-07 05:02:40 -07:00
Cristian Calin
ec0c0d4a28
Calico enable support for eBPF (#7618)
* Calico: align manifests with upstream

* allow enabling typha prometheus metrics

* Calico: enable eBPF support

* manage the kubernetes-services-endpoint configmap

* Calico: document the use of eBPF dataplane

* Calico: improve checks before deployment

* enforce disabling kube-proxy when using eBPF dataplane
* ensure calico_version is supported
2021-06-07 04:58:39 -07:00
Cristian Calin
6a2ea94b39
Docs improvements (#7660)
* Docs: update sidebar

* Docs: move registry documentation into docs/

* Docs: move rbd_provisioner documentation into docs/

* Docs: move cephfs_provisioner into docs/

* Docs: move local_volume_provisioner documentation into docs/

* Docs: move ambassador.md to docs/ingress_controller/

* Docs: move metallb.md to docs/ingress_controller/

* Docs: move ingress_nginx documentation into docs/

* Docs: move alb_ingress_controller documentation into docs/

* Docs: merge ambassador documentation into docs/ingress_controller/

* Docs: move cert_manager documentation into docs/

* Docs: move bootstrap-os documentation into docs/

* Docs: update file locations in sidebar
2021-06-01 07:30:27 -07:00
Cedric Hnyda
4674b03661
Add cinder_csi_ignore_volume_az (#7624)
Signed-off-by: Cedric Hnyda <cedric.hnyda@itera.io>
2021-06-01 07:10:27 -07:00
Guangwen Feng
e2f1964389
Fix typo (#7665)
Signed-off-by: Guangwen Feng <fenggw-fnst@cn.fujitsu.com>
2021-06-01 00:34:27 -07:00
Florian Ruynat
7896bc7831
Add Fedora 33 image and CI, remove Fedora 31 (EOL) + update docker packages (#7657)
* Update docker package to 20.10.6

* Add Fedora 33 image and CI, remove Fedora 31 (EOL)
2021-05-28 08:04:25 -07:00
Fredrik Liv
3ca205446e
Added possibility to specify vSphere credentials via env variables (#7646)
* Added possibility to specify vSphere credentials via env variables

* Removed excessive spacing
2021-05-27 12:02:30 -07:00
Marques Johansson
3a37a49690
Packet renamed (#7653)
* Packet->Equinix Metal rename #6901 

Updates throughout to reflect #6901 renaming for Packet to Equinix Metal.

* Rename Packet to Equinix Metal throughout the project #6901

Packet is renamed to Equinix Metal in more contexts including
documentation links. The Terraform provider used is still the Packet
provider. The environment variables and configuration options still
refer to the Packet name.

Signed-off-by: Marques Johansson <mjohansson@equinix.com>

Co-authored-by: Edward Vielmetti <ed@packet.net>
2021-05-27 11:58:24 -07:00
sangheee
d5fcbcd89f
Update nodes.md (#7649) 2021-05-26 09:07:21 -07:00
Catblade
23cd1d41fb
Minor spelling edits (#7640)
Minor spelling edits.  Was reading your documentation.
2021-05-24 23:48:22 -07:00
rptaylor
62f5369237
Remove warning about Docker-only support (#7626) 2021-05-20 00:01:05 -07:00
rptaylor
26c1d42fff
add note on download_localhost (#7623)
It can be counterintuitive for the downloaded files to show up on local host when download_localhost is false, this explains the reason.
2021-05-19 05:04:51 -07:00
Cristian Calin
5b93a97281
remove experimental note about CentOS 8 and derivatives (#7615) 2021-05-16 12:07:59 -07:00
Cristian Calin
e357d8678c
update README about supported OSes (#7608) 2021-05-14 00:06:05 -07:00
Cristian Calin
14cf3e138b
Support Calico advertisement of MetalLB LoadBalancer IPs (#7593)
* add initial MetalLB docs

* metallb allow disabling the deployment of the metallb speaker

* calico>=3.18 allow using calico to advertise service loadbalancer IPs

* Document the use of MetalLB and Calico

* clean MetalLB docs
2021-05-12 05:22:17 -07:00
Eugene Artemenko
6a001e4971
Add suport of Vsphere CSI driver 2.X versions (#7480) 2021-05-04 00:05:11 -07:00
bac-w
2556eb2733
Upgrade cilium role (#7521)
* Upgrade cilium roles

* Del old test result

* Add hubble ui examples

* Refactor hubble metrics

* Markdown fix pipeline errors

* yamllint check and fix

* refactor install from https://github.com/kubernetes-sigs/kubespray/pull/7520

* Docs syntax change (fix)

* Cilium set default 1.8.9

* Update cilium version in Readme
2021-04-30 08:09:59 -07:00
Cristian Calin
360aff4a57
Rename ansible groups to use _ instead of - (#7552)
* rename ansible groups to use _ instead of -

k8s-cluster -> k8s_cluster
k8s-node -> k8s_node
calico-rr -> calico_rr
no-floating -> no_floating

Note: kube-node,k8s-cluster groups in upgrade CI
      need clean-up after v2.16 is tagged

* ensure old groups are mapped to the new ones
2021-04-29 05:20:50 -07:00
muzi502
324c95d37f
Fix some docs.ansible.com url typo (#7550) 2021-04-26 08:33:02 -07:00
Cristian Calin
73db44b00c
Initial AlmaLinux support (#7538)
* AlmaLinux: ansible>2.9.19 is needed to know about AlmaLinux

* AlmaLinux: identify as a centos derrivative

* AlmaLinux: add AlmaLinux to checks for CentOS

* Use ansible_os_family to compare family and not distribution
2021-04-22 23:50:03 -07:00
Cristian Calin
384d30b675
add support for configuring cri-o pids_limit (#7525) 2021-04-21 10:55:51 -07:00
Samuel Liu
844ebb7838
fix offline mode (#7493)
* fix offline mode

* add offline messages
2021-04-13 00:46:50 -07:00
Florian Ruynat
42382e2cde
Update Terraform/Vagrant + increase tf_ovh retries (#7477) 2021-04-12 09:47:39 -07:00
Zachary Chang
f8e4650791
Fix typo (#7489) 2021-04-12 09:43:38 -07:00
emiran-orange
d56ac216f4
Use kubeadm_feature_gates instead of kube_feature_gates to leverage kubeadm feature gates and not to interfere with k8s components feature gates (#7447) 2021-04-12 01:05:59 -07:00
Necatican Yıldırım
be278f9dba
Add documentation for audit webhook variables (#7434)
* Add documentation for audit webhook variables

* Enclose the value of  audit_webhook_server_url in a codeblock

* Add default value for audit_webhook_batch_max_wait
2021-04-05 13:51:19 -07:00
dsy3502
5377aac936
fix typo (#7436) 2021-04-05 01:20:19 -07:00
Kenichi Omichi
af1e16b934
Remove old note related to offline installation (#7429)
The PR https://github.com/kubernetes-sigs/kubespray/pull/6927 has been
merged and the issue https://github.com/kubernetes-sigs/kubespray/issues/6233
was fixed.
This removes unnecessary note for the above PR.
2021-04-02 09:48:11 -07:00
Daniil Muidinov
2257181ca8
Set containerd version to 1.4.4 (#7398)
* Set containerd version to 1.4.3

* Set containerd version to 1.4.4

Co-authored-by: Barry Melbourne <9964974+bmelbourne@users.noreply.github.com>
2021-04-01 23:20:11 -07:00
Etienne Champetier
f0cdf71ccb
Remove vault (#7400)
* Remove contrib/vault

This is marked as broken since 2018 / 3dcb914607
This still reference apiserver.pem, not used since ddffdb63bf

Signed-off-by: Etienne Champetier <e.champetier@ateme.com>

* Finish nuking vault from the codebase

Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
2021-03-24 09:26:08 -07:00
Kenichi Omichi
486b223e01
Replace kube-master with kube_control_plane (#7256)
This replaces kube-master with kube_control_plane because of [1]:

  The Kubernetes project is moving away from wording that is
  considered offensive. A new working group WG Naming was created
  to track this work, and the word "master" was declared as offensive.
  A proposal was formalized for replacing the word "master" with
  "control plane". This means it should be removed from source code,
  documentation, and user-facing configuration from Kubernetes and
  its sub-projects.

NOTE: The reason why this changes it to kube_control_plane not
      kube-control-plane is for valid group names on ansible.

[1]: https://github.com/kubernetes/enhancements/blob/master/keps/sig-cluster-lifecycle/kubeadm/2067-rename-master-label-taint/README.md#motivation
2021-03-23 17:26:05 -07:00
Erwan Miran
1c62af0c95
Download Calico KDD CRDs (#7372)
* Download Calico KDD CRDs

* Replace kustomize with lineinfile and use ansible assemble module

* Replace find+lineinfile by sed in shell module to avoid nested loop

* add condition on sed

* use block for kdd tasks + remove supernumerary kdd manifest apply in start "Start Calico resources"
2021-03-18 17:06:36 -07:00
Mikael Johansson
f103ac7640
Change default OCCM internal and public networks variables to empty lists (#7380)
Signed-off-by: Mikael Johansson <mik.json@gmail.com>
2021-03-18 16:52:36 -07:00
zhangshj-inspur
a39f306184
correct a wrong word (#7383) 2021-03-18 00:55:19 -07:00
Maciej Wereski
69d11daef6
Upgrade openSUSE Leap to 15.2 (#7331)
15.1 has reached EOL on 2021-02-02.

Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
2021-03-17 09:12:56 -07:00
Kenichi Omichi
85007fa9a7
Update upgrades.md (#7361)
upgrades.md explains how to do upgrade from v1.4.3 to v1.4.6 as an
example. The versions are a little old, and the doc readers would
have a concern the upgrade works fine or not.
This updates versions after verifying the way works fine by hands.
2021-03-15 03:59:05 -07:00
Robin Opletal
5dba53a223
Fix dynamic inventory link (#7367) 2021-03-11 06:46:22 -08:00
Etienne Champetier
8800b5c01d Remove rotate_tokens logic
kubeadm never rotates sa.key/sa.pub, so there is no need to delete tokens/restart pods

Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
2021-03-04 23:42:22 -08:00
Florian Ruynat
e35becebf8
Move centos7-crio CI job to centos8 (#7327) 2021-03-01 09:57:26 -08:00
Sergey Mikhaltsov
a4cc416511
use external_openstack_lbaas_use_octavia for template openstack-cloud… (#7298)
* use external_openstack_lbaas_use_octavia for template openstack-cloud-config

* Delete external_openstack_lbaas_use_octavia from default values. Added description and default values of variables to docs

* markdown fix

* make this simple

* set external_openstack_lbaas_use_octavia in default values

* duplicated variable in doc
2021-02-25 11:25:25 -08:00
Matt Calvert
4cc065e66d Changes to support Dual Stack networking 2021-02-05 00:04:52 -08:00
Kenichi Omichi
c5db012c9a
Move kubernetes/master to kubernetes/control-plane (#7218)
This is a small step to replace "master" with "control-plane" in
Kubespray project.
2021-02-01 07:15:49 -08:00
Florian Ruynat
9007d6621a
Update nginx, minor weave and misc CI tools (vagrant/terraform) (#7215) 2021-01-26 08:22:34 -08:00
Ryler Hockenbury
774ec49396
Update azure cloud config (#7208)
* Allow configureable vni and port for flannel overlay

* additional options for azure cloud config
2021-01-26 07:24:35 -08:00
Etienne Champetier
8f2b0772f9
containerd,docker: stop installing extras repo on CentOS/RHEL (#7203)
This was introduced in 143e2272ff
Extra repo is enabled by default in CentOS, and is not the right repo for EL8
Instead of adding a CentOS repo to RHEL, enable the needed RHEL repos with rhsm_repository

For RHEL 7, we need the "extras" repo for container-selinux
For RHEL 8, we need the "appstream" repo for container-selinux, ipvsadm and socat

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-25 03:12:54 -08:00
Sergey
e3caff833c
Add prompt to upgrade node or delay before upgrade (#7168)
* Add prompt to upgrade node or delay before upgrade

* add docs
2021-01-17 23:53:43 -08:00
Guangwen Feng
c85f275bdb
Fix typo (#7164)
Signed-off-by: Guangwen Feng <fenggw-fnst@cn.fujitsu.com>
2021-01-15 02:19:52 -08:00
Florian Ruynat
81b4ffa6b4
Add Fedora 33 CI, remove Fedora 31 (#7072) 2021-01-14 08:27:05 -08:00
Gregor Krmelj
5dca5225dc
update docs main menu with CRI section (#7132) 2021-01-11 09:07:05 -08:00
Gregor Krmelj
1fcbbd3b9d
Update containerd documentation with etcd change (#7126)
* update containerd documentation with etcd change

* update conterind docs
2021-01-11 06:39:08 -08:00
Igor Vuk
6f471d1c5e
Typo fix: kuberntes -> kubernetes (#7125) 2021-01-10 12:19:06 -08:00
holmesb
b0ad8ec023
Fixed issue #7112.  Created new API Server vars that replace defunct Controller Manager one (#7114)
Signed-off-by: Brendan Holmes <5072156+holmesb@users.noreply.github.com>
2021-01-08 07:20:53 -08:00
Etienne Champetier
ab2bfd7f8c
Proxy small fixes (#7102)
* Improve how we set 'proxy=' in yum.conf or dnf.conf

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>

* Fixup spaces in no_proxy

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>

* Add svc,svc.{{ dns_domain }} to no_proxy

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-07 10:50:53 -08:00
Sergey
c36df6a78b
fix typo in containerd doc (#7057) 2020-12-18 00:34:24 -08:00
Daniel Abbatt
f0c7649158
Update ambassador.md (#7023)
Typo
2020-12-16 07:04:21 -08:00
Kenichi Omichi
e022e2e13c
Fix URL of offline container images (#7005)
When clicking the link, we faced NotFound error page of the github.com.
This fixes the link to avoid that.
2020-12-09 00:16:50 -08:00
Sergey
ed6cef85d8
add crio registry mirror support (#6977)
* add crio registry mirror support

* mdlint fix
2020-12-03 13:57:25 -08:00
Florian Ruynat
db4e942b0d
Remove hyperkube from codebase (#6965) 2020-12-02 13:50:59 -08:00
Etienne Champetier
68b96bdf1a
Helm v3 only (#6846)
* Fix etcd download dest

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>

* Only support Helm v3, cleanup install

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2020-12-02 00:20:50 -08:00
Florian Ruynat
f6eed8091e
Remove contiv related files (#6964) 2020-11-30 06:48:50 -08:00
Sergey
4a8a52bad9
containerd docker hub registry mirror support (#6962)
* containerd docker hub registry mirror support

* add docs

* fix typo

* fix yamllint

* fix indent in sample
and ansible-playbook param in testcases_run

* fix md

* mv common vars to tests/common/_docker_hub_registry_mirror.yml

* checkout vars to upgrade tests
2020-11-30 00:22:49 -08:00
Etienne Champetier
e909f84966
Bump nodelocaldns to 1.16.0 (#6916)
This new version uses the same base image as kube-proxy
(k8s.gcr.io/build-image/debian-iptables)
This allow to automatically pick iptables-legacy or iptables-nft,
and be compatible with RHEL/CentOS 8
https://github.com/kubernetes/dns/pull/367

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2020-11-25 17:10:19 -08:00
Andrii
8a153ed38e
Add serviceExternalIPs option for calico installation (#6928) 2020-11-25 05:34:39 -08:00
Barry Melbourne
eb16986f32
Add RHEL support subscription registration (#6572) 2020-11-24 08:33:00 -08:00
ZouYu
9c3bcd48ee
Some typos in docs (#6923)
Signed-off-by: zouyu <zouy.fnst@cn.fujitsu.com>
2020-11-23 12:49:00 -08:00
Hans Feldt
544aa00c17
install etcdctl to host when etcd deployment type is kubeadm (#6857)
* create a wrapper script with pki options
* supports all kubespray managed container engines

Co-authored-by: Hans Feldt <hafe@users.noreply.github.com>
2020-11-04 00:20:04 -08:00
David Medinets
4a5acad414
Fix missing spaces in section heading. (#6868)
When https://kubespray.io/#/docs/comparisons is generated, having the link in the heading creates the following HTML. When displayed there is no space between "vs" and the link. I simply moved the link into the following paragraph.

```
<h2 id="kubespray-vs-kops"><a href="#/docs/comparisons?id=kubespray-vs-kops" data-id="kubespray-vs-kops" class="anchor"><span>Kubespray vs </span></a><a href="https://github.com/kubernetes/kops" target="_blank" rel="noopener">Kops</a></h2>
```
2020-10-29 10:29:54 -07:00
David Medinets
102fb94524
Notes About Server In admin.conf (#6854)
* Add note about changing private IP in admin.conf.

When I run kubespray, a load balancer is created which should be used instead of the ip of the controller node.

* Procedure to find load balancer and update admin.conf

When I run kubespray, a load balancer is used instead of the private ip of the controller.
2020-10-28 18:30:59 -07:00
Hans Feldt
4781df587c
bump crio version to 1.19 (#6758)
* bump crio version to 1.19

* crio package name has changed for debian/ubuntu
* crio upgrade does not work, see #6757

* update crio info in docs
2020-10-13 02:08:26 -07:00
Hans Feldt
270f91e577
cleanup kubelet_deployment_type (#6815)
No longer used/supported
2020-10-12 00:04:47 -07:00
holmesb
1301e69c7d
If no_proxy_exclude_workers is true, workers will be excluded from the no_proxy variable.  This prevents docker engine restarting when scaling workers. (#6520)
Signed-off-by: holmesb <5072156+holmesb@users.noreply.github.com>
2020-10-09 01:15:07 -07:00
axelgobletbdr
77149e5d89
Fixes #6740: Allow disabling reverse DNS lookups in coredns (#6741)
* created variable to enable/disable reverse dns lookups in coredns

* fixed linting-error in dns-stack.md
2020-09-25 02:33:11 -07:00
Hans Feldt
28073c76ac
Calico upgrade path validation and old version cleanup (#6733)
* calico: add constant calico_min_version_required

and verify current deployed version against it.

* calico: remove upgrade support with data migration

The tool was used pre v3.0.0 and is no longer needed.

* calico: remove old version support from tasks

* calico: remove old ver support from policy ctrl

* calico: remove old ver support from node

* canal: remove old ver support

* remove unused calicoctl download checksums

calico_min_version_required is the oldest version that can be installed
Older versions can be removed.
2020-09-24 09:04:06 -07:00
Hans Feldt
6141b98bf8
calico: default to using kdd datastore (#6693)
If already deployed, get current datastore from CNI config file
2020-09-23 08:38:09 -07:00
Florent Monbillard
68118c2653
Expose offline install overrides in inventory (#6728)
* Expose offline install overrides in inventory

* Remove not recommended warning
2020-09-22 07:14:48 -07:00
Samuel Liu
a9e11623cd
fix remove node (#6666) 2020-09-17 02:45:05 -07:00
Barry Melbourne
b6b26c710f
Add support for Calico CNI host-local IPAM plugin (#6580) 2020-09-17 02:44:46 -07:00
Florian Ruynat
705ad84ce7
Update third party librairies and tools (#6669) 2020-09-17 02:36:46 -07:00
Florian Ruynat
a556f8f2bf
Remove deprecated (and removed in 1.19) flag and function --basic-auth-file (#6655) 2020-09-11 00:30:14 -07:00
Florent Monbillard
5a437add01
Fix upgrade playbook name (#6625)
* Fix upgrade playbook name

* Fix my fix :)
2020-09-07 02:11:42 -07:00
Hans Feldt
803d52ffce
kubernetes: remove unused variables (#6601) 2020-09-04 04:53:56 -07:00
Lovro Seder
c1ba8e1b3a
Rotate kubelet server certificate. (#6453)
* Rotate kubelet server certificate.

* CI test kubelet server cert rotation

* Approve kubelet serving certificates in tests.
2020-09-03 07:25:41 -07:00
Barry Melbourne
058438a25d
Remove support for CoreOS Container Linux (#6576) 2020-08-28 02:28:53 -07:00
Svendegroote91
f204212963
Add docs for 'setting up your first cluster' (#6544) 2020-08-21 00:05:40 -07:00
Maxime Guyot
85646c96ad
Add docs about CI setup (#6397) 2020-08-20 04:37:23 -07:00
Alvaro
49158dbe40
Minor Ambassador docs updates (#6503)
Signed-off-by: Alvaro Saurin <alvaro.saurin@gmail.com>
2020-08-06 08:37:42 -07:00
Arthur Outhenin-Chalandre
35682b5228
Fix cilium strict kube proxy replacement in HA (#6473)
* Update the cilium svc proxy test to HA mode

Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>

* Fix cilium strict kube-proxy in HA

Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>

* Add a single global endpoint variable

Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>

* Add cilium docs about kube-proxy replacement

Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>

* Fix issues in docs

Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
2020-08-06 00:14:55 -07:00