Commit graph

1400 commits

Author SHA1 Message Date
holmesb
d8a749fd27
Update apiserver-audit-policy.yaml.j2 (#6526) 2020-08-18 00:49:37 -07:00
Florian Ruynat
78ceef6b15
Remove unused variable (#6522) 2020-08-18 00:45:29 -07:00
Arthur Outhenin-Chalandre
33ec13293b
Fix cilium_deploy_additionally with kubeadm etcd (#6514)
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
2020-08-18 00:35:36 -07:00
Erwan Miran
ef3e98807e
tlsminversion and tlsciphersuites kubelet (#6490) 2020-08-13 02:48:13 -07:00
Maxime Guyot
fc23f37af7
Fix E306 in roles/kubernetes (#6500) 2020-08-05 07:56:28 -07:00
Sulochan Acharya
bfe143808f
Allows tls verify skip on webhook auth url (#6472) 2020-08-05 05:02:29 -07:00
Florent Monbillard
39b907cdfb
Remove workaround for kubeadm upgrade (#6478)
https://github.com/kubernetes/kubeadm/issues/1498 was closed
2020-08-03 01:17:40 -07:00
Konstantin Lebedev
2364a84579
fix src for audit webhook config yaml (#6470) 2020-08-01 00:33:56 -07:00
fulii
ce22c0e6a4
Add option to configure IPVS timeouts in kube-proxy configration manifest. (#6396) 2020-08-01 00:33:40 -07:00
Kuralamudhan Ramakrishnan
90e5f8ffe1
adding ovn4nfv in kubespray (#6381)
Signed-off-by: Kuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com>
2020-07-31 07:33:08 -07:00
Florian Ruynat
a78e861a89
Fix test if openstack_cacert is a base64 string (#6421) 2020-07-30 13:15:17 -07:00
Maxime Guyot
214e08f8c9
Fix ansible-lint E305 (#6459) 2020-07-28 01:39:08 -07:00
Maxime Guyot
e70f27dd79
Add noqa and disable .ansible-lint global exclusions (#6410) 2020-07-27 06:24:17 -07:00
Florian Ruynat
b680cdd0e4
Move healthz check to secure ports (#6446) 2020-07-27 00:26:17 -07:00
Igor Vuk
ea67bb6e41
Fix typo: Modprode -> Modprobe (#6429) 2020-07-21 23:58:25 -07:00
Konstantin Lebedev
a7ec0ed587
add audit webhook support (#6317)
* add audit webhook support

* use generic name auditsink
2020-07-20 01:32:54 -07:00
Arthur Outhenin-Chalandre
1a1fe99669
Add a way to deploy cilium alongside another CNI (#6373)
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
2020-07-17 05:57:01 -07:00
Florian Ruynat
5e22574402
Remove allow-release-candidate-upgrades already include in experimental-upgrades flag (#6349) 2020-07-15 00:26:37 -07:00
Arthur Outhenin-Chalandre
abfa1636e4
Fix kube-proxy post deployment removal (#5554)
* Fix kube-proxy removal

* Fix unwanted skipped task for kube-proxy
* Fix kube_proxy_remove default

Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>

* Add test for kube-router svc proxy

Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
2020-07-13 07:12:33 -07:00
Arthur Outhenin-Chalandre
05b9f14b76
Update cilium minimum kernel preinstall check (#6376)
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
2020-07-13 04:44:32 -07:00
Hans Feldt
22996babcf
allow kubeadm to upgrade etcd (#6345)
Co-authored-by: Hans Feldt <hafe@users.noreply.github.com>
2020-07-07 12:36:00 -07:00
Maxime Guyot
57eefdd458
Fix azure-cloud-config.j2 JSON syntax (#6364) 2020-07-02 23:38:47 -07:00
Florian Ruynat
2a82dff3ae
Remove runtime-config from kubeadm if empty (#6311) 2020-06-30 11:22:05 -07:00
Hans Feldt
ae003af262
Fix kubelet cgroup driver detection for crio (#6331)
* Fix kubelet cgroup driver detection for crio

Remove fact standalone_kubelet since it is not used

* Fix yamllint complaints of roles/kubernetes/node/tasks/facts.yml

Co-authored-by: Hans Feldt <hafe@users.noreply.github.com>
2020-06-30 02:32:05 -07:00
Joel Seguillon
4c1e0b188d
Add .editorconfig file (#6307) 2020-06-29 12:39:59 -07:00
bozzo
09b23f96d7
Use NetworkManager to manage resolv.conf in FedoraCoreOS (#6291) 2020-06-29 00:26:17 -07:00
Erwan Miran
d3ca9d1db9
kube_encryption_resources must be output as yaml (#6309) 2020-06-25 23:59:31 -07:00
Mike Dziedziela
8ca2a9a7d5
added azure_cloud parameter to Azure's cloud_config (#6321) 2020-06-25 14:35:30 -07:00
bozzo
276c450759
Use connection: local when delegate_to: localhost (#6322)
This will avoid SSH connection on the local host
2020-06-25 08:14:38 -07:00
Samuel Liu
c29b21717d
Add event-ttl duration (#6310)
* Add event-ttl duration

* Fix wrong location
2020-06-24 08:15:17 -07:00
Maxime Guyot
c6588856c7
Add Ubuntu 20.04 support and use Python 3 (#6157) 2020-06-16 13:04:05 -07:00
Samuel Liu
dba645421f
ADD tls cipher suites support (#6024)
* ADD tls cipher suites support

yaml lint

yamllint

* update test case

* update test case
2020-06-16 04:10:05 -07:00
mohsen
10e54eca26
make better condition for applying nf_conntrack kernel tweak (#6267)
* MINOR: Check kernel version before enable modprobe nf_conntrack

* CLEANUP: no more need to ignore error of this task

* MINOR: Fixing yaml and ansible lint error - remove trailling-space
2020-06-16 00:34:06 -07:00
Hans Feldt
a8740c6e13
fix a few tasks falsely reporting "changed" (#6269)
Co-authored-by: Hans Feldt <hafe@users.noreply.github.com>
2020-06-16 00:24:03 -07:00
Y0UZ45
06391b6dd9
Fix kubectl.sh parameter quoting (#6239)
If the special parameter "$@" is not quoted, the following command will not work:

./kubectl.sh patch storageclass my-storage-class -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
2020-06-14 13:57:57 -07:00
Florian Ruynat
a9de6dde33
Cleanup unneeded elif in kubelet env file (#6261) 2020-06-12 01:27:55 -07:00
Unai Arríen
1912df7e3e
Create /etc/gai.conf if not exists when disable_ipv6_dns is 'true' (#6258) 2020-06-12 00:55:55 -07:00
404notfoundhard
d036a04d4d
restart kubelet service when kube-config.yml is changed (#5402)
* fix(kubelet): exec notify restart kubelet service when kube-config.yml changed

* Revert "refactor(kubelet handler): change task name("reload kubelet") this is misleading"

This reverts commit 8f5d29560802c7c997293adb1ce9f84d3b20b6cb.

* fix(handlers,kubelet): setting right notify task name
2020-05-19 10:13:37 -07:00
bozzo
d948839320
Fix resolv.conf configuration for Fedora CoreOS. (#6138) 2020-05-18 02:27:36 -07:00
Mateus Caruccio
a5af58c05a
Fix apiserver port when upgrading (#6136) 2020-05-18 01:21:36 -07:00
Matthew Mosesohn
fda05df5f1
Only fix kube-proxy address on evaluating kube_master hosts (#6152)
Change-Id: I83a7101a6cd99eb531d8385de5c31aee4f474469
2020-05-17 13:05:36 -07:00
Florent Monbillard
324106e91e
Remove Kubernetes <1.16 conditionals (#6088) 2020-05-08 00:45:43 -07:00
Florian Ruynat
ca45d5ffbe
Fix retries keyword missing until instruction (#5989) 2020-04-21 07:20:56 -07:00
Maxime Guyot
3134dd4c0d
Drop support for Fedora 28 and add Fedora 30 and 31 (#5969) 2020-04-18 06:35:36 -07:00
Sergey
6318bb9f96
Return the ability to start control plain from the hyperkube image (#5422) 2020-04-18 05:59:36 -07:00
Florian Ruynat
83fe607f62
Cleanup deprecated labels beta.kubernetes.io/arch and beta.kubernetes.io/os (#5964) 2020-04-17 05:51:06 -07:00
Lovro Seder
b09fe64ff1
Calculate inventory list only once (#5956) 2020-04-16 06:12:45 -07:00
Florent Monbillard
54debdbda2
Generate unique username per cluster in client kubeconfig (#5943)
* Generate unique username per cluster

* rename admin kubeconfig shell output to raw_admin_kubeconfig

* Make the linter happy

* Fix lint errors

* Cleaning up tasks
2020-04-16 05:32:45 -07:00
Florian Ruynat
473a8beff0
Remove hard-coded dependance to docker.service in kubelet.service file (#5917) 2020-04-09 08:43:46 -07:00
Maxime Guyot
7eaa7c957a
Fix conntrack for opensuse and docker support (#5880) 2020-04-08 07:37:44 -07:00