C12s/c12s-kubespray

Author	SHA1	Message	Date
Kenichi Omichi	f80fd24a55	Fix risky-file-permissions (#8370 ) When running ansible-lint directly, we can see a lot of warning message like risky-file-permissions File permissions unset or incorrect This fixes the warning messages.	2022-01-09 01:51:12 -08:00
brainfair	465ffa3c9f	Weave: add extra_args for weave-npc (#8140 ) * add weave_npc_extra_args in template * add defaults weave_npc_extra_args * add sample for weave_npc_extra_args	2021-10-28 08:58:27 -07:00
Frank Filippone	eee2eb11d8	Update weave template to match source for 2.8.1 (#8013 )	2021-09-28 09:16:43 -07:00
Florian Ruynat	15dc3868c3	Update Weave to 2.8.0 (#7181 )	2021-01-19 08:35:48 -08:00
Florian Ruynat	1712ba1198	Add iptables_backend to weave options (#6639 )	2020-09-10 03:49:52 -07:00
Florian Ruynat	98f7485303	Update weave to 2.7.0 + minor update to Cilium (#6501 )	2020-08-20 04:33:36 -07:00
Flavien	ab44beba17	weave: support any taint effect in daemonset tolerations (#6159 ) Since weave 2.5.1, `NoExecute` taint effect is no more supported, this changes the daemonset tolerations to change this behavior. Also remove the toleration key `CriticalAddonsOnly` not required anymore.	2020-05-28 01:10:02 -07:00
Maxime Guyot	0924c2510c	Use role to copy CNI bin (#5953 )	2020-04-16 10:06:45 -07:00
Florian Ruynat	b5125e59ab	update rbac.authorization.k8s.io to non deprecated api-groups (#5517 )	2020-04-14 13:14:04 -07:00
Matthew Mosesohn	27ec548b88	Add support for k8s v1.16.0-beta.2 (#5148 ) Cleaned up deprecated APIs: apps/v1beta1 apps/v1beta2 extensions/v1beta1 for ds,deploy,rs Add workaround for deploying helm using incompatible deployment manifest. Change-Id: I78b36741348f47a999df3841ee63cf4e6f377830	2019-09-10 12:06:54 -07:00
刘旭	de9443a694	remove unused code (#4981 )	2019-07-16 01:39:24 -07:00
Simon Lelievre	2849191e67	CNI plugins: use last version 0.8.1 (#4878 ) * CNI plugins: bump version 0.8.1 * cni plugins : update checksums * cni : update readme	2019-06-14 02:42:23 -07:00
Andreas Krüger	818aa7aeb1	Set dnsPolicy to ClusterFirstWithHostNet when hostNetwork is true (#4843 )	2019-06-05 03:17:55 -07:00
Wong Hoi Sing Edison	1c12c19150	weave: Upgrade to 2.5.1 (#4248 ) Upstream Changes: - weave 2.5.1 (https://github.com/weaveworks/weave/releases/tag/v2.5.1) Our Changes: - Sync templates with upstream changes	2019-02-25 20:02:00 -08:00
Rong Zhang	225f765b56	Upgrade kubernetes to v1.13.0 (#3810 ) * Upgrade kubernetes to v1.13.0 * Remove all precense of scheduler.alpha.kubernetes.io/critical-pod in templates * Fix cert dir * Use kubespray v2.8 as baseline for gitlab	2018-12-06 12:11:48 -08:00
Rong Zhang	e0781483fa	Use download binary instead of copying from the container (#3786 )	2018-12-03 02:22:17 -08:00
Wong Hoi Sing Edison	9ebdf0e3cf	weave: Upgrade to 2.5.0 (#3660 ) * weave: Upgrade to 2.5.0 Upstream Changes: - weave 2.5.0 (https://github.com/weaveworks/weave/releases/tag/v2.5.0) - Adds support for Kubernetes `hostPort` mapping - Adds support for Kubernetes `ipBlock` NetworkPolicy feature Our Changes: - Templates sync with upstream manifests - Remove legacy nodePort fix * BC for weave < 2.5.0	2018-11-14 23:38:51 -08:00
Erwan Miran	7bec169d58	Fix ansible syntax to avoid ansible deprecation warnings (#3512 ) * failed * version_compare * succeeded * skipped * success * version_compare becomes version since ansible 2.5 * ansible minimal version updated in doc and spec * last version_compare	2018-10-16 15:33:30 -07:00
Cédric de Saint Martin	53d87e53c5	All CNIs: support ANY toleration. (#3391 ) Before, Nodes tainted with NoExecute policy did not have calico/weave Pod. Network pod should run on all nodes whatever happens on a specific node. Also always set the Pods to be critical. Also remove deprecated scheduler.alpha.kubernetes.io/tolerations annotations.	2018-09-27 05:28:54 -07:00
Kuldip Madnani	36898a2c39	Adding pod priority for all the components. (#3361 ) * Changes to assign pod priority to kube components. * Removed the boolean flag pod_priority_assignment * Created new priorityclass k8s-cluster-critical * Created new priorityclass k8s-cluster-critical * Fixed the trailing spaces * Fixed the trailing spaces * Added kube version check while creating Priority Class k8s-cluster-critical * Moved k8s-cluster-critical.yml * Moved k8s-cluster-critical.yml to kube_config_dir	2018-09-25 07:50:22 -07:00
Wong Hoi Sing Edison	a544e54578	weave: Upgrade to 2.4.1 Upstream Changes: - weave 2.4.1 (https://github.com/weaveworks/weave/releases/tag/v2.4.1) Our Changes: - Templates sync with upstream manifests	2018-09-17 17:09:19 +08:00
Erwan Miran	80cfeea957	psp, roles and rbs for PodSecurityPolicy when podsecuritypolicy_enabled is true	2018-08-22 18:16:13 +02:00
Wong Hoi Sing Edison	538cb3b1bd	weave: Upgrade to 2.4.0 Upstream Changes: - weave 2.4.0 (https://github.com/weaveworks/weave/releases/tag/v2.4.0) - Support `externalTrafficPolicy: Local` (https://github.com/weaveworks/weave/issues/2924) - Make the ipset list size bigger (https://github.com/weaveworks/weave/pull/3305) - Break out of kube rm-peers loop if nothing changes (https://github.com/weaveworks/weave/pull/3317) Our Changes: - Revamp weave-net.yml.j2 with upstream changes - Add more variables for customization - Replace WEAVE_PASSWORD with k8s secret - Remove hard-corded seed mode support, in favor of variables customization	2018-08-07 18:34:51 +08:00
Matthew Mosesohn	1a3b9dd864	Force copy cni files	2018-07-06 16:39:42 +03:00
Matthew Mosesohn	02cd5418c2	Weave limits (#2660 ) * Raise limits for weave * Adjust weave limits	2018-04-15 18:32:49 +03:00
Matthew Mosesohn	03bcfa7ff5	Stop templating kube-system namespace and creating it (#2545 ) Kubernetes makes this namespace automatically, so there is no need for kubespray to manage it.	2018-03-30 14:29:13 +03:00
Wong Hoi Sing Edison	848fc323db	Fixup for #2523 : - Rename template for /etc/cni/net.d/00-weave.conflist to 00-weave.conflist.j2 - Apply resources requests/limits to both container weave and weave-npc	2018-03-28 11:16:42 +08:00
Wong Hoi Sing Edison	3f5c60886b	Upgrade Weave to 2.2.1 - Fix #2414, so namespace isolation should now works - Update weave-net.yml.j2 as per latest https://cloud.weave.works/k8s/net - Other minor fixup	2018-03-24 17:27:12 +08:00
rong.zhang	d264da8f08	Fix yamllint roles error for #2188 commit	2018-03-13 14:28:49 +08:00
Aivars Sterns	973cc12ca9	Merge pull request #2188 from cornelius-keller/fix_weave fix nodePort for weave	2018-03-12 10:55:41 +02:00
Andreas Krüger	d84ff06f73	Set filemode to 0640 (#2315 ) * Set filemode to 0640 weave-net.yml file is readable by all users on the host. It however contains the weave_password to encrypt all pod communication. It should only be readable by root. * Set mode 0640 on users_file with basic auth	2018-02-21 23:13:46 +03:00
Wong Hoi Sing Edison	1a1d154e14	Support multiple inventory files under individual inventory directory	2018-02-08 08:08:15 +08:00
Andreas Krüger	5cd6b0c753	Adding missing defaults for weave The PR #2203 add's missing defaults for weave, but no signed CLA. So this PR fixes it.	2018-02-06 14:25:07 +01:00
woopstar	3289472e31	Added option to set MTU on Weave	2018-02-05 10:23:48 +01:00
Matthew Mosesohn	dc6a17e092	Use include/import tasks (#2192 ) import_tasks will consume far less memory, so it should be used whenever it is compatible.	2018-01-29 14:37:48 +03:00
Cornelius Keller	e22759d8f0	fix nodePort for weave	2018-01-24 10:31:51 +01:00
Aivars Sterns	5e558c361b	update weave-net to 2.0.5 version (#1877 )	2017-11-13 16:11:47 +00:00
Matthew Mosesohn	fc9a65be2b	Refactor downloads to use download role directly (#1824 ) * Refactor downloads to use download role directly Also disable fact delegation so download delegate works acros OSes. * clean up bools and ansible_os_family conditionals	2017-10-19 09:17:11 +01:00
Aivars Sterns	9c86da1403	Normalize tags in all places to prepare for tag fixing in future (#1739 )	2017-10-05 08:43:04 +01:00
Matthew Mosesohn	b294db5aed	fix apply for netchecker upgrade (#1659 ) * fix apply for netchecker upgrade and graceful upgrade * Speed up daemonset upgrades. Make check wait for ds upgrades.	2017-09-15 13:19:37 +01:00
Matthew Mosesohn	5d99fa0940	Purge old upgrade hooks and unused tasks (#1641 )	2017-09-09 23:41:20 +03:00
Chad Swenson	e26aec96b0	Consolidate kube-proxy module and sysctl loading (#1586 ) This sets br_netfilter and net.bridge.bridge-nf-call-iptables sysctl from a single play before kube-proxy is first ran instead of from the flannel and weave network_plugin roles after kube-proxy is started	2017-09-06 15:11:51 +03:00
Matthew Mosesohn	660282e82f	Make daemonsets upgradeable (#1606 ) Canal will be covered by a separate PR	2017-09-04 11:30:01 +03:00
Yuki KIRII	a98b866a66	Verify if br_netfilter module exists (#1492 )	2017-08-24 17:47:32 +03:00
Matthew Mosesohn	6bb3463e7c	Enable scheduling of critical pods and network plugins on master Added toleration to DNS, netchecker, fluentd, canal, and calico policy. Also small fixes to make yamllint pass.	2017-08-24 10:41:17 +01:00
Brad Beam	8b151d12b9	Adding yamllinter to ci steps (#1556 ) * Adding yaml linter to ci check * Minor linting fixes from yamllint * Changing CI to install python pkgs from requirements.txt - adding in a secondary requirements.txt for tests - moving yamllint to tests requirements	2017-08-24 12:09:52 +03:00
timtoum	3e457e4edf	Enable weave seed mode for kubespray (#1414 ) * Enable weave seed mode for kubespray * fix task Weave seed \| Set peers if existing peers * fix mac address variabilisation * fix default values * fix include seed condition * change weave var to default values * fix Set peers if existing peers	2017-07-26 19:09:34 +03:00
Matthew Mosesohn	e1faeb0f6c	Fix weave on RHEL deployment Reduce retry delay checking weave Always load br_netfilter module	2017-03-17 18:17:47 +03:00
Brad Beam	56664b34a6	Lower default memory requests This is to address out of memory issues on CI as well as help fit deployments for people starting out with kargo on smaller machines	2017-02-27 10:53:43 -06:00
Matthew Mosesohn	6ae70e03cb	fixup upgrades for canal and weave	2017-02-10 13:27:41 +03:00

1 2

72 commits