C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
6799 commits 17 branches 66 tags 141 MiB
Commit graph

688 commits

Author SHA1 Message Date
biqiang Wu
78624c5bcb
When using cilium CNI, install Cilium CLI (#9436) 
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>

Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
 2022-10-30 17:02:45 -07:00
biqiang Wu
c681435432
Add switch cilium_enable_bandwidth_manager (#9441) 
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>

Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
 2022-10-28 03:08:31 -07:00
Kay Yan
32f3d92d6b
Remove PodSecurityPolicies in Calico (#9395) 2022-10-17 05:51:07 -07:00
Kay Yan
859df84b45
remove-psp-in-flannel (#9365) 2022-10-14 00:16:47 -07:00
Kay Yan
4701abff4c
upgrade-api-version-for-PodDisruptionBudget (#9369) 2022-10-10 17:51:02 -07:00
Rene Luria
3646dc0bd2
fix: remove trailing backslash and yaml indent (#9339) 
* fix: remove trailing backslash

* fixed indent in cilium config template
 2022-09-27 19:45:35 -07:00
biqiang Wu
31caab5f92
Fix: The Hubble certificate is faulty because the cluster name is hard coded (#9340) 
Signed-off-by: dcwbq <biqiang.wu@daocloud.io>

Signed-off-by: dcwbq <biqiang.wu@daocloud.io>
 2022-09-27 05:57:52 -07:00
Shelming.Song
d62c67a5f5
allow user to set env: FELIX_MTUIFACEPATTERN in calico-node.yml (#9330) 2022-09-26 21:57:45 -07:00
Ho Kim
18efdc2c51
Fix typos in calico (#9327) 2022-09-26 00:11:44 -07:00
Krystian Młynek
8acd33d0df
Calico: add wireguard support for Rocky Linux 9 (#9287) 2022-09-20 00:29:20 -07:00
Necatican Yıldırım
7da3dbcb39
Cilium 1.12 Upgrade (#9225) 
* Drop support for Cilium < 1.10

Signed-off-by: necatican <necaticanyildirim@gmail.com>

* Synchronize Cilium templates for 1.11.7

Signed-off-by: necatican <contact@necatican.com>

* Set Cilium v1.12.1 as the default version

Signed-off-by: necatican <contact@necatican.com>

Signed-off-by: necatican <necaticanyildirim@gmail.com>
Signed-off-by: necatican <contact@necatican.com>
 2022-09-19 02:14:31 -07:00
Ho Kim
952cad8d63
Remove mutual exclusivity in calico: NAT and router mode (#9255) 
* Add optional NAT support in calico router mode

* Add a blank line in front of lists

* Remove mutual exclusivity: NAT and router mode

* Ignore router mode from NAT

* Update calico doc
 2022-09-13 00:19:07 -07:00
Ho Kim
09d9bc910e
Fix typos in calico comments (#9254) 2022-09-05 18:46:54 -07:00
lou-lan
133a7a0e1b
Add featureDetectOverride configration of calico (#9249) 2022-09-02 04:58:05 -07:00
蒋航
7ebb8c3f2e
make calico installation more stable (#9227) 
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>

Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
 2022-08-30 21:13:01 -07:00
tasekida
220f149299
Fix abort because calicoctl.sh is not a full path (#9217) 2022-08-30 08:07:02 -07:00
Florian Ruynat
617b17ad46
Fix kube_ovn_hw_offload value (#9218) 2022-08-30 03:21:01 -07:00
Chad Swenson
de762400ad
Fixes for calico_datastore: etcd (#9228) 
It seems that PR #8839 broke `calico_datastore: etcd` when it removed ipamconfig support for etcd mode.

This PR fixes some failing tasks when `calico_datastore == etcd`, but it does not restore ipamconfig support for calico in etcd mode. If someone wants to restore ipamconfig support for `calico_datastore: etcd` please submit a follow up PR for that.
 2022-08-29 22:41:00 -07:00
Tristan
bbd1161147
9035: Make Cilium rolling-restart delay/timeout configurable (#9176) 
See #9035
 2022-08-22 02:37:44 -07:00
Thearas
ea29cd0890
add list nodes rules to cilium-operator clusterrole (#9178) 2022-08-18 01:02:36 -07:00
Samuel Liu
b36bb9115a
[calico] calico rr supports multiple groups (#9134) 
* update calico rr

* fix bgppeer conf

* fix yamllint

* fix ansible lint

* fix calico deploy

* fix yamllint

* fix some typo
 2022-08-18 00:52:37 -07:00
Florian Ruynat
307f598bc8 Move flannel to etcd datastore 2022-08-02 16:55:52 -07:00
Florian Ruynat
eb10249a75 Align canal templates with calico official ones (k8s datastore) 2022-08-02 16:55:52 -07:00
Denis Khachyan
8306adb102
update cilium to v1.11.7 (#9119) 2022-07-26 10:33:11 -07:00
忘尘
6525461d97
Add reset tasks specific to calico network_plugin (#9103) 2022-07-19 13:15:27 -07:00
Cyclinder
2e1863af78
feat: change default blockSize for calico (#9055) 
Signed-off-by: cyclinder qifeng.guo@daocloud.io
 2022-07-19 13:05:27 -07:00
Samuel Liu
d821bed2ea
Fix some typo (#9056) 
* fix ingress controller task name

* fix calico word

* add check typo
 2022-07-11 09:49:48 -07:00
Mohamed Zaian
a7ba7cdcd5
[calico] add v3.23.2 and make it default (#9041) 2022-07-08 10:41:48 -07:00
Emin AKTAS
5071529a74
feat: upgrade cilium and add default variables (#9065) 
Signed-off-by: eminaktas <eminaktas34@gmail.com>
Signed-off-by: Emin Aktas <emin.aktas@trendyol.com>
 2022-07-07 10:35:34 -07:00
Tom Stian Berget
e1f06dd406
Add support for the updated (startup|liveness|readiness)Probe.Port numbers in Cilium (#9031) 2022-06-27 11:00:59 -07:00
orange-llajeanne
b33896844e
apply calico bgp peer definition task to all nodes, but delegate to (#8974) 
first control plane node
 2022-06-24 19:42:57 -07:00
Cyclinder
c3c9a42502
support multus multi-architecture installation (#9012) 
Signed-off-by: cyclinder qifeng.guo@daocloud.io
 2022-06-21 10:56:26 -07:00
Alessio Greggi
97b4d79ed5
feat: make kubernetes owner parametrized (#8952) 
* feat: make kubernetes owner parametrized

* docs: update hardening guide with configuration for CIS 1.1.19

* fix: set etcd data directory permissions to be compliant to CIS 1.1.12
 2022-06-17 01:34:32 -07:00
Calin Cristian Andrei
2de5c4821c [calico] clean up workarounds for older versions 2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
9efe145688 [calico] make 3.23.1 the default and drop 3.20.x and 3.19.x 2022-06-15 00:57:20 -07:00
Viktor Jacynycz
77de7cb785
Expose calico-typha metrics port (#8855) 2022-06-14 07:17:33 -07:00
Ho Kim
889454f2bc
Fix typo in calico check (#8969) 2022-06-13 14:10:12 -07:00
Ilya Margolin
cc6cbfbe71
Allow disabling calico CNI logs with calico_cni_log_file_path (#8921) 
* Allow disabling calico CNI logs with calico_cni_log_file_path

Calico CNI logs up to 1G if it log a lot with current default settings:
log_file_max_size	100	Max file size in MB log files can reach before they are rotated.
log_file_max_age	30	Max age in days that old log files will be kept on the host before they are removed.
log_file_max_count	10	Max number of rotated log files allowed on the host before they are cleaned up.

See https://projectcalico.docs.tigera.io/reference/cni-plugin/configuration#logging

To save disk space, make the path configurable and allow disabling this log by setting
`calico_cni_log_file_path: false`

* Fix markdown

* Update roles/network_plugin/canal/templates/cni-canal.conflist.j2

Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com>

Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com>
 2022-06-07 09:22:56 -07:00
mahjonp
8030e6f76c
fix 8893#issuecomment-1147154353 (#8933) 
Signed-off-by: mahjonp <junpeng.man@gmail.com>
 2022-06-06 12:40:21 -07:00
Kenichi Omichi
814760ba25
Use blocks for macvlan tasks for each distribution (#8918) 
For the code readability, this adds blocks for each distribution.
 2022-06-06 07:50:24 -07:00
vanyasvl
a4f752fb02
Add subjectAltName to calico-apiserver certificate (#8907) 
* Add AltName to calico-apiserver certificate

* fix support for centos7 openssl
 2022-06-06 07:38:23 -07:00
Daniil Muidinov
5c136ae3af
[calico] add 3.22.3 and 3.23.1 (#8897) 
* [calico]
* add 3.22.3 and 3.23.1
* set 3.22.3 default
* fix download crd for calico 3.22.3 and upper

* update calico README.md
 2022-05-31 13:27:23 -07:00
mahjonp
c927da00e0
Support cilium ip-masq-agent configuration (#8893) 
* fix deploy Cilium with eBPF-based Masquerading failed

Signed-off-by: mahjonp <junpeng.man@gmail.com>

* forget to add the enable-ip-masq-agent flag

Signed-off-by: mahjonp <junpeng.man@gmail.com>
 2022-05-31 09:26:53 -07:00
Kenichi Omichi
dc2a18e436
Merge pull request #8815 from simplekube-ro/dont_clobber_calico 
[calico] don't clobber calico options set by the user
 2022-05-24 10:25:48 -07:00
Ross Kusler
4c97ce747c
Adding support for the kube-router flag --cluster-asn flag (#8837) 2022-05-23 16:39:10 -07:00
Tamas Pasztor
9d3a894991
Possible remove ippools from cni config (#8845) 
* Possible remove ippools from cni config

* Typo

* Update roles/network_plugin/calico/templates/cni-calico.conflist.j2

Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com>

* Update cni-calico.conflist.j2

Incorrectly deleted calico forwarding content.

* Update roles/network_plugin/calico/templates/cni-calico.conflist.j2

Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com>

Co-authored-by: Kenichi Omichi <ken1ohmichi@gmail.com>
 2022-05-19 23:45:13 -07:00
Samuel Liu
a28b58dbd0
[calico]use ipamconfig instead of calico ipam command (#8839) 
* use ipamconfig instead of calico ipam command

* fix ansible lint
 2022-05-19 11:13:20 -07:00
Samuel Liu
eea7bb7692
only need run this once (#8833) 
calicoctl ipam xx
calicoctl apply xx
 2022-05-17 09:52:27 -07:00
Calin Cristian Andrei
569a319ff5 [calico] don't clobber user set bgp configuration options that are not managed by kubespray 2022-05-12 15:50:38 +00:00
Calin Cristian Andrei
47812ec002 [calico] don't clobber user set ippool options that are not managed by kubespray 2022-05-12 15:50:05 +00:00