Qasim Mehmood
5a486a5cca
Calico: Fix Wireguard support for CentOS Stream 9/RHEL 9 Beta ( #8625 )
2022-03-17 04:11:20 -07:00
Cristian Calin
394857b5ce
[docker] add support for cri-dockerd as a replacement for dockershim ( #8623 )
2022-03-16 16:28:11 -07:00
Cristian Calin
5043517cfb
[containerd] avoid cleanup of /usr/bin on ostree distributions ( #8624 )
2022-03-15 13:47:48 -07:00
Max Gautier
307d122a84
Helm-apps role for installing helm charts ( #8347 )
...
* Sketch of helm-apps role interface
* helm-apps: Early implementation and settings
* helm-apps: Fix README.md example playbook
* fixup! Sketch of helm-apps role interface
* Make the argument specs more explicit
* Remove exposed options from hardcoded default
* Simplify example playbook in README.md
- Define directly the roles parameters
- Add an example of option override for one chart only
* Use release instead of charts
Make explicit that the role is mananing releases, not charts.
Simplify parameters naming
2022-03-14 08:29:58 -07:00
onock
d444a2fb83
[systemd-resolved] Fix DNS configuration according to docs/dns-stack.md and during reset of cluster ( #8560 ) ( #8561 )
2022-03-14 02:08:22 -07:00
spaced
2b79be68e7
fix typo and duplicated declaration of ingressclasses ( #8591 )
2022-03-12 23:36:23 -08:00
Mac Chaffee
512d5e3348
Restart etcd if the etcd version changes ( #8556 )
...
Signed-off-by: Mac Chaffee <me@macchaffee.com>
2022-03-11 18:08:23 -08:00
Unai Arríen
4b6892ece9
Add epoch to docker-ce and docker-ce-cli packages to ensure docker up… ( #8618 )
...
* Add epoch to docker-ce and docker-ce-cli packages to ensure docker upgrade
* Split container-engine redhat vars to support legacy RHEL 7 version management
* Support ansible_distribution_major_version when disvering vars with ansible_os_family
2022-03-11 02:45:07 -08:00
Toni Tauro
5a49ac52f9
feat(calico): add configurable ipam strictaffinity ( #8581 )
...
Signed-off-by: Toni Tauro <toni.tauro@adfinis.com>
2022-03-07 22:58:33 -08:00
Cristian Calin
db1e30e4fc
[calico] add 3.22.1 ( #8612 )
2022-03-07 22:54:34 -08:00
Cristian Calin
b4a61370c8
[cri-o] add cri-0 1.23.x ( #8599 )
2022-03-07 05:39:07 -08:00
kakkotetsu
58b2f39ce5
add IPv6 listen directive to nginx if enable_dual_stack_networks ( #8596 )
2022-03-07 05:39:00 -08:00
Tom Janson
56d882abed
Clarify confirmation prompt ( #8589 )
...
Entering any value causes the play to proceed, e.g., entering "no<Enter>". (This is simply how Ansible's pause module behaves.)
2022-03-07 05:38:54 -08:00
Takuya Murakami
39acb2b84d
Update ansible-lint to 5.4.0 ( #8607 ) ( #8608 )
...
* Update ansible-lint to 5.4.0 (#8607 )
It seems that the Rich version 11.0.0 has a breaking change.
So need to update ansible-lint to 5.3.2 or later.
* Fix for ansible-lint no-changed-when rule (#8607 )
2022-03-07 05:35:55 -08:00
Branko Mijuskovic
3ccba08983
Fix crio_packages for Rocky8 ( #8594 )
2022-03-07 05:29:05 -08:00
Mohamed Zaian
632aa764e6
etcd: add etcd v3.5.1 for kubernetes 1.22+ ( #8588 )
...
* There is an issue with etcd v3.5.0 where it resurrects ancient members see: https://github.com/etcd-io/etcd/issues/13196
This issue is clearly fixed in etcd v3.5.2
* Just keep the checksums
2022-03-07 05:28:54 -08:00
Cristian Calin
f6342b6cf4
[crun] upgrade to 1.4.3 ( #8598 )
2022-03-04 08:22:52 -08:00
Cristian Calin
471585dcd5
[containerd]: upgrade versions to fix CVE-2022-23648 ( #8597 )
...
* [containerd] add hashes for 1.6.1
* [contained] make 1.6.1 the default
* [containerd] add hashes for 1.5.10
* [containerd] add hashes for 1.4.13
* [nerdct] bump to 0.17.1
2022-03-03 14:51:16 -08:00
Maciej Wereski
51821a811f
MetalLB: update to v0.12.1 ( #8593 )
...
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
2022-03-03 08:49:48 -08:00
Cristian Calin
bf7a506f79
[containerd] Upgrade containerd to 1.6.0 and re-enable arm64 architecture with default options ( #8555 )
...
* [containerd] add checksums for 1.6.0
* [containerd] promote 1.6.0 as the new default
* [runc] promote 1.1.0 as the new default to allow arm deployments out of the box
* [nerdctl] bump to 0.17.0 to align with containerd 1.6.0
* [reset] allow crictl stopp and rmp commands to fail
2022-03-02 15:27:13 -08:00
Tom Janson
2e925f82ef
Revert "Fix: typos in docs and comments ( #7805 )" ( #8592 )
...
This reverts commit 417180246c
.
2022-03-02 11:57:13 -08:00
Tom Janson
ddef7e1139
missing "check_mode: no"s for several read-only tasks ( #8584 )
...
this is not complete -- there are almost certainly more instances of
this issue
2022-03-02 09:29:14 -08:00
cyril-corbon
672e47a7eb
feat: check & uninstall container engine ( #8439 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-02-28 10:59:46 -08:00
Mac Chaffee
b554246502
Fix host DNS config 1) being edited too soon and 2) not working with NM ( #8575 )
...
Signed-off-by: Mac Chaffee <me@macchaffee.com>
2022-02-26 10:29:23 -08:00
Nicolas Goudry
ee079f4740
fix(coredns): make sure to keep coredns repository namespace ( #8572 )
...
fix: regex
fix: wrong regex_replace usage
2022-02-24 01:01:33 -08:00
Florian Ruynat
4f1499bd23
Fixup remaining etcd_kubeadm_enabled variables ( #8576 )
2022-02-23 06:46:18 -08:00
Alex
36393d77d3
Encrypting Secret Data at Rest ( #8574 )
...
* change default value for Encrypting Secret Data at Rest to secretbox, remove experimental flag and add documentation
* fix MD012/no-multiple-blanks
2022-02-23 03:04:18 -08:00
Ilya Margolin
e053ee4272
Check all places with check_mode: no
for side effects ( #8573 )
...
and fix the one with side effect.
Also removes `notify` from this task as the task has `changed_when: false`
and notify is not going to fire.
2022-02-23 01:20:18 -08:00
jayonlau
1d46c07307
Cleanup crictl configuration file ( #8569 )
2022-02-23 00:58:19 -08:00
Ilya Margolin
f9b5e448c1
Prevent removing etcd member when running in check mode ( #8570 )
2022-02-22 23:34:18 -08:00
kakkotetsu
3effb008c9
improve validation conditions for MetalLB BGP Peers ( #8568 )
2022-02-22 23:12:18 -08:00
cyril-corbon
a088f492f4
chore: remove addon-resizer ( #8566 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-02-22 09:51:16 -08:00
Necatican Yıldırım
e9c8913248
Add kubeadm option to etcd_deployment_type to replace the etcd_kubeadm_enabled variable ( #8317 )
...
* Add kubeadm option to etcd_deployment_type to replace the etcd_kubeadm_enabled variable
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* Add etcd kubeadm deployment documentation
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* Refactor warning for the deprecated 'etcd_kubeadm_enabled' variable
Signed-off-by: necatican <necaticanyildirim@gmail.com>
2022-02-22 08:53:16 -08:00
Florian Ruynat
b9a27c91da
Update kubernetes dashboard to 2.5.0
2022-02-21 03:54:11 -08:00
Florian Ruynat
d4f654275b
Set default kubernetes version to 1.23.4
2022-02-21 03:54:11 -08:00
Florian Ruynat
f6eb4c749d
Add kubernetes hashes for 1.23.4/1.22.7/1.21.10
2022-02-21 03:54:11 -08:00
cyril-corbon
418fc00718
fix: kube-dns service deletion ( #8565 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-02-21 02:48:11 -08:00
Florian Ruynat
2537177929
Fix amazon docker version ( #8564 )
2022-02-18 23:50:11 -08:00
Sander Klein
9af719bf99
This fixes the etcd node removal. ( #8526 )
...
Since we are already on an etcd node while executing the commands, there
is no need to find out an etcd IP because it is on localhost.
2022-02-18 07:20:23 -08:00
Cristian Calin
063fc525b1
nerdctl: upgrade to 0.16.1 ( #8539 )
2022-02-16 02:04:37 -08:00
Mac Chaffee
0f73d87509
Allow pausing after upgrade but before uncordon ( #8530 )
...
* Allow pausing after upgrade but before uncordon
* Expand docs for upgrade pausing vars
Signed-off-by: Mac Chaffee <me@macchaffee.com>
2022-02-15 16:39:02 -08:00
Cristian Calin
402e85ad6e
[calico] upgrade release checksums ( #8544 )
...
* [calico] upgrade 3.19.x to 3.19.4
* [calico] upgrade 3.20.x to 3.20.4
* [calico] upgrade 3.21.x to 3.21.4 and make it the default
* [calico] add 3.22.0 checksums
* [calico] account for path changes in calico 3.21.4 crd archive and above
2022-02-15 16:35:02 -08:00
Tony Fouchard
1d635e04e4
Allow to specify a source address for metallb peerings, and target only some nodes using node selectors ( #8534 )
2022-02-15 13:57:19 -08:00
kakkotetsu
98d5d0cdd5
add support for Dual Stack node InternalIP ( #8542 )
2022-02-15 00:28:02 -08:00
kakkotetsu
1ebe456f2d
add support for Calico IP6_AUTODETECTION_METHOD ( #8541 )
2022-02-14 17:26:14 -08:00
Cristian Calin
c6e5314fab
implement download mirrors support ( #8474 )
...
* [download] add mechanism to support mirrors
* [calico] support alternate download url
2022-02-14 13:19:32 -08:00
Tom Stian Berget
84b93090a8
Change Cilium setting identity_allocation_mode to cilium_identity_allocation_mode ( #8519 )
...
* Change Cilium identity_allocation_mode to cilium_identity_allocation_mode
* Change inventory sample
2022-02-08 14:04:35 -08:00
Byeonggon Lee
5695c892d0
Fix wrong port name in metallb.yml.j2 ( #8510 )
2022-02-07 09:43:45 -08:00
Krystian Młynek
87928baa31
CRI-O: fix unqualified-search registries ( #8496 )
2022-02-04 23:46:50 -08:00
mgiessing
6a4fd33a03
Added ppc64le support ( #8505 )
...
* Added ppc64le support
* Fixed linting errors
2022-02-04 00:14:00 -08:00
cyril-corbon
790448f48b
feat: update cert-manager to 1.7.0 ( #8491 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-02-03 17:24:00 -08:00
Ilya Margolin
aed187e56c
Fix kubelet_kubelet_cgroups_cgroupfs ( #8500 )
...
If kubelet is run with systemd (as it always is when using kubespray),
it starts in systemd's /system.slice/kubelet.service cgroup.
This commit prevents a creation and usage of a second unrelated cgroup.
2022-02-02 00:50:22 -08:00
Cristian Calin
5ecb07b59a
[nerdctl] upgrade to 0.16.0 ( #8484 )
...
* [nerdctl] upgrade nerdctl to 0.16.0
* [nerdctl] add configuration file
2022-02-01 15:11:48 -08:00
Cristian Calin
ff621fb7f1
[ingress-nginx] upgrade to 1.1.1 ( #8490 )
2022-02-01 09:50:11 -08:00
Michael Schmitz
eacd55fbca
Use sysctl_file_path variable for all sysctl_file locations ( #8395 )
...
* Use sysctl_file_path variable for all sysctl_file locations
* Add sysctl_file_path variable to kubespay-defaults
* Remove previously used sysctl file locations if present
* Use explicit filename in roles/kubernetes/node/defaults/main.yml
* Defaults: use explicit value
2022-02-01 08:12:10 -08:00
Cristian Calin
c47634290e
[helm] upgrade to 3.8.0 ( #8489 )
2022-02-01 06:34:12 -08:00
Tristan
92d612c3e0
8487: Allow override of default CoreDNS zone cache ( #8488 )
...
Using the coredns_cluster_zone_cache_block variable
2022-02-01 00:48:18 -08:00
Ilya Margolin
2bbe5732b7
Add node label to etcd metrics ( #8475 )
...
targetRef on endpoints surfaces as
__meta_kubernetes_endpoint_address_target_kind/__meta_kubernetes_endpoint_address_target_name
in prometheus and gets converted to the label `node` by
prometheus-operator
2022-01-31 06:08:23 -08:00
Samuel Liu
e6e7fbc25f
fix reset containerd_storage_dir undefined ( #8478 )
...
* fix reset containerd_storage_dir
* add env to kubespray-defaults
2022-01-31 05:46:23 -08:00
Ilya Margolin
7d4d554436
Document host_resolvconf as default value for resolvconf_mode ( #8493 )
...
refs #8247
2022-01-31 03:12:24 -08:00
cyril-corbon
d31db847b7
feat: update local path to v0.0.21 ( #8492 )
2022-01-31 01:08:24 -08:00
Calin Cristian Andrei
ababcd5481
[kube] make 1.23.3 the new default
2022-01-31 00:22:24 -08:00
Calin Cristian Andrei
7caffde0b6
[kube] add 1.23.3 hashes
2022-01-31 00:22:24 -08:00
华忠啊
52f221f976
Adaptive Kube-ovn ( #8454 )
2022-01-27 01:08:10 -08:00
Cristian Calin
26a5948d2a
[reset] remove containerd storage during reset ( #8469 )
2022-01-26 05:10:01 -08:00
Florian Ruynat
d580014c66
Fix CI for Fedora (followup) + OpenSUSE Leap (update to 15.3) ( #8407 )
...
* Fix fedora jobs - followup
* Update OpenSUSE Leap to 15.3
* Fix cilium version in README + update minor 1.11.1
2022-01-24 23:24:30 -08:00
Calin Cristian Andrei
be9a1f80c1
[kube] make 1.23.2 the default version
2022-01-24 11:59:33 -08:00
Calin Cristian Andrei
73ff3b0d3b
[kubernetes] add hashes for 1.23.2, 1.22.6 and 1.21.9
2022-01-24 11:59:33 -08:00
cyril-corbon
9fce9ca42a
feat: upgrade azuredisk csi to v1.10.0 ( #8432 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-01-24 00:41:56 -08:00
Cristian Calin
f1adb734e3
[cri-tools] add hashes for 1.23.0 ( #8442 )
2022-01-24 00:21:56 -08:00
cyril-corbon
575e0ca457
feat: add eviction hard to kubelet config ( #8421 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-01-24 00:13:57 -08:00
Alex
69f088bb82
add hash-values for runc v1.1.0 - first upstream runc version for multi-arch ( #8447 )
2022-01-23 23:51:57 -08:00
Cristian Calin
ef34f5fe7d
[calico] switch default iptables backend detection to Auto ( #8429 )
2022-01-23 23:47:57 -08:00
Victor Morales
e88aa7c96b
Add youki runtime support ( #8411 )
2022-01-21 14:01:07 -08:00
Johann Schley
38d129a0b6
add external hcloud cloud controller manager ( #8440 )
2022-01-20 12:31:09 -08:00
onock
392815d97c
[cert-manager] Fix missing RBAC rules for ClusterRole cert-manager-cainjector kubernetes-sigs#8104. ( #8444 )
2022-01-20 12:17:09 -08:00
rtsp
e791089466
cert-manager: Fix incorrect leader election namespace lead to insufficient permission ( #8433 )
2022-01-17 02:37:29 -08:00
Cristian Calin
418f12f62a
[calico] drop 3.18.x and make 3.21.x the new default ( #8426 )
2022-01-17 02:29:29 -08:00
Necatican Yıldırım
caff539ccd
Add identity_allocation_mode support for Cilium ( #8430 )
...
Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
Signed-off-by: necatican <necaticanyildirim@gmail.com>
Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
2022-01-16 09:29:28 -08:00
Samuel Liu
1a69f8c3ad
parameterized snaphot controller namespaces ( #8305 )
...
* Parameterized snaphot controller namespaces
* add ns yml
* add docs
* namespace
2022-01-14 12:58:26 -08:00
rtsp
ccd3180a69
cert-manager: Allow to change leader election namespace for GKE Autopilot support ( #8424 )
...
More information:
- kubernetes-sigs/kubespray#8393
- jetstack/cert-manager#4102
- jetstack/cert-manager#3717
2022-01-14 12:54:26 -08:00
cyril-corbon
01dcbc18ac
feat: upgrade metallb to v0.11.0 ( #8420 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-01-14 05:22:28 -08:00
Florian Ruynat
7c67ec4976
Fix kubectl call before installing it ( #8412 )
2022-01-12 23:12:29 -08:00
Cristian Calin
1337c9c244
[csi-snapshotter] upgrade to 5.0 ( #8403 )
2022-01-11 09:14:33 -08:00
cyril-corbon
86953b2ac4
fix: add tolerations / affinity to cert-manager ( #8389 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-01-11 09:14:26 -08:00
Mathieu Parent
cfd9873bbc
Allow to choose container manager commands ( #8380 )
...
This allow to workaround #8375 by using image_command_tool=crictl
when containerd_registries is used for containerd.
Also changes image_info_command_on_localhost for docker to return digests.
2022-01-11 01:13:16 -08:00
Samuel Liu
b2b95cc8f9
fix 0090-etchosts ( #7634 )
2022-01-11 01:03:16 -08:00
Kenichi Omichi
73c889eb10
Fix failures of ansible-lint ( #8401 )
...
This fixes the following types of failures:
- empty-string-compare
- literal-compare
- risky-file-permissions
- risky-shell-pipe
- var-spacing
In addition, this changes .gitlab-ci/lint.yml to block the same issue
by using the same method at Kubespray CI.
2022-01-11 00:45:16 -08:00
Victor Morales
642725efe7
Bump containerd version to 1.5.9 ( #8402 )
2022-01-11 00:05:16 -08:00
Cristian Calin
29aafff2ce
etcd: add 3.5.1 for kubernetes 1.23+ ( #8320 )
2022-01-10 22:45:15 -08:00
forselli-stratio
df425ac143
Fix etcd certificates reference to support etcd_kubeadm_enabled:true ( #7766 )
...
* Fix etcd certificates reference to support etcd_kubeadm_enabled:true
* Add retries to ETCD Join Member task
* Fix etcd certificates reference when etcd_kubeadm_enabled:true
* Fix conflicts
2022-01-10 15:24:25 -08:00
Unai Arríen
57a1d18db3
Improve first_kube_control_plane variable management to avoid installation failures due to variable overlapping ( #8388 )
2022-01-10 01:35:19 -08:00
rtsp
aa4a3d7afd
Fix container engine still installed on dedicated etcd node even if etcd_deployment_type: host
( #8386 )
2022-01-10 01:35:12 -08:00
Alex
06ad5525b8
replace runc 1.0.3 arm64 hash with 0 ( #8391 )
2022-01-10 01:31:13 -08:00
Kenichi Omichi
f80fd24a55
Fix risky-file-permissions ( #8370 )
...
When running ansible-lint directly, we can see a lot of warning
message like
risky-file-permissions File permissions unset or incorrect
This fixes the warning messages.
2022-01-09 01:51:12 -08:00
Kenichi Omichi
51bd9bee0d
Move containerd_version to defaults/main.yml ( #8379 )
...
All container image versions were defined in download/defaults/main.yml
except containerd.
The inconsistency caused the offline script(generate_list.sh) could not
output the URL of containerd image.
This moves the definition into a valid file.
In addition, this adds host_os to generate_list.sh for downloading
krew from a valid URL.
2022-01-09 01:47:12 -08:00
Victor Morales
52266406f8
Bump cert-manager version to v1.6.1 ( #8377 )
2022-01-07 16:45:34 -08:00
cyril-corbon
cd601c77c7
feat: upgrade metrics server to v0.5.2 ( #8338 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-01-07 08:18:33 -08:00
Florian Ruynat
6abae713f7
Update helm / kube-router and coredns ( #8382 )
...
* Update kube-router to 1.4.0
* Update Helm to 3.7.2
* Up coredns to 1.8.6 when k8s is 1.23.x
2022-01-06 12:14:27 -08:00
Alex
1312f92a8d
adding 0 checksum for kata_containers_version on arm(64) ( #8383 )
2022-01-06 12:08:27 -08:00
Unai Arríen
92abf26d29
Ensure taint configuration for secondary control-plane nodes ( #8363 )
2022-01-05 23:56:28 -08:00
Bart Sloeserwij
59f62473c9
Update configuration of registries in cri-o ( #7852 )
...
* Update configuration of registries in cri-o
* Update docs to match new registry configuration
2022-01-05 07:36:40 -08:00
Choi Yongbeom
dda557ed23
Update config.toml.j2 ( #8340 )
...
* Update config.toml.j2
i think this commit code is not completed works
exam registry address : a.com:5000
insecure registry must be http://a.com:5000
but this code add insecure a.com:5000 (without http://)
If there is no http, containerd accesses with https even if insecure_skip_verify = true
solution is code edit
* Update config.toml.j2
* Update containerd.yml
* Update containerd.yml
* Update containerd.yml
* Update config.toml.j2
2022-01-05 02:56:33 -08:00
Max Gautier
cb54eb40ce
Use a variable for standardizing kubectl invocation ( #8329 )
...
* Add kubectl variable
* Replace kubectl usage by kubectl variable in roles
* Remove redundant --kubeconfig on kubectl usage
* Replace unecessary shell usage with command
2022-01-05 02:26:32 -08:00
Cristian Calin
3eab1129b9
CI: Replace CentOS 8 with AlmaLinux 8 before CentOS 8 EOL end of 2021 ( #8297 )
2022-01-05 02:20:33 -08:00
Choi Yongbeom
24f1402a14
nerdctl insecure registry config ( #8339 )
...
* Update prep_download.yml
nerdctl insecure registry config
* Update prep_download.yml
* Update prep_download.yml
apply conversations advice
* Update prep_download.yml
* Update prep_download.yml
* Update prep_download.yml
* Update prep_download.yml
* Update prep_download.yml
* Update prep_download.yml
* Update main.yml
* Update main.yml
* Update prep_download.yml
* Update prep_download.yml
2022-01-05 01:14:33 -08:00
Necatican Yıldırım
bf00550388
Upgrade Cilium to 1.11.0 ( #8354 )
...
* Remove kvstore args from Cilium DaemonSet
Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* Bump Cilium to 1.11.0
Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
Signed-off-by: necatican <necaticanyildirim@gmail.com>
Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
2022-01-05 00:36:32 -08:00
Florian Ruynat
6136fa7c49
Update Kubernetes version to 1.23.1
2022-01-04 10:25:00 -08:00
Florian Ruynat
8d2b4ed4a9
Move min k8s version to 1.21
2022-01-04 10:25:00 -08:00
Cristian Calin
4c4c83f0a1
crun update to 1.4 ( #8330 )
...
* [crun] update crun to 1.4
* [crun] drop pre-1.x versions
2022-01-04 08:30:53 -08:00
Unai Arríen
0e98814732
Configure PriorityClassName for MetalLB deployment ( #8362 )
2022-01-04 08:20:52 -08:00
Max Gautier
92f25bf267
Simplify usage of pre-remove role ( #8334 )
...
- Use builtin task scheduling of ansible (same task on each host)
instead of manual looping on master
Benefits:
- One less play in remove-node.yml playbook
- Parralel node drain
- Drain parameters (timeout, grace period, retries,
allow_ungraceful_removal) can be adjusted separately for each node
with ansible variables
2022-01-04 07:10:53 -08:00
Romain ALBON
63a53c79d0
Fix - Search root filesystem device ( #8366 )
2022-01-04 06:48:52 -08:00
Florian Ruynat
841c61aaa1
Revert "Fix external lb error ( #8299 )" ( #8360 )
...
This reverts commit 4f2e4524b8
.
2022-01-03 01:37:00 -08:00
Samuel Liu
157942a462
fix resolved config ( #8351 )
2022-01-03 00:06:59 -08:00
jbpratt
e88a27790c
fix spelling error ( #8342 )
2022-01-02 23:55:00 -08:00
Cristian Calin
ed3932b7d5
[cni-plugins] upgrade to stable 1.0.1 ( #8331 )
...
* [cni-plugins] upgrade to stable 1.0.1
* [flannel] use binary from dedicated project
2021-12-23 23:16:15 -08:00
emiran-orange
2b5c185826
calico_pool_blocksize must be cast as well in assertion when defined ( #8321 )
...
* calico_pool_blocksize must be cast as string in assertion when defined
* Cast as int rather than string
2021-12-23 00:58:37 -08:00
zhengtianbao
c3c128352f
Remove registry-proxy ( #8327 )
2021-12-21 23:55:35 -08:00
zhengtianbao
02a89543d6
registry: add ingress support ( #8311 )
2021-12-21 10:20:46 -08:00
Cristian Calin
c1954ff918
Support deploying kubernetes 1.23 ( #8323 )
...
* Ensure entries for 1.23 are added for supported_versions vars
* cri-o: add support for kubernetes 1.23 but still use cri-o 1.22
* kubescheduler-config: diferentiate config versions based on kube_version
2021-12-21 01:38:46 -08:00
Kenichi Omichi
b49ae8c21d
Delete "kubeadm alpha certs" code ( #8322 )
...
"kubeadm alpha certs" command has been promoted to "kubeadm certs" command,
and "kubeadm alpha certs" has been deprecated since Kubernetes v1.20 as [1].
In addition, Kubespray supports Kubernetes v1.20+.
This delete the deprecated command for cleanup.
[1]: https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.20.md#deprecation
2021-12-20 12:53:33 -08:00
Calin Cristian Andrei
1a7b4435f3
Bump default version of kubernetes to 1.22.5
2021-12-20 08:56:56 -08:00
Calin Cristian Andrei
db0e458217
Kubernetes: add hashes for v1.23.1, v1.23.0, v1.22.5, v1.21.8 and v1.20.14
2021-12-20 08:56:56 -08:00
Nicolas MASSE
f01f7c54aa
Add support for CRI-O user namespaces ( #8268 )
...
* add support for cri-o user namespaces
* comply with yamllint rules
2021-12-20 06:37:25 -08:00
kakkotetsu
c59407f105
add support for Calico BGPPeer sourceAddress ( #8306 )
2021-12-20 01:51:25 -08:00
Cristian Calin
fdc5d7458f
Upgrade to nerdctl 0.15.0 and some fixes ( #8315 )
...
* nerdctl: move to 0.15.0
* nerdctl: reduce verbosity when pulling images
* download: use proxy environment when using nerdctl to download containers
2021-12-20 00:33:26 -08:00
Antoine Gatineau
6aafb9b2d4
fix bad indentation ( #8314 )
2021-12-17 07:36:29 -08:00
Samuel Liu
aa9ad1ed60
clean files for kube-ovn ( #8310 )
2021-12-15 23:39:19 -08:00
zhengtianbao
aa9b8453a0
registry: service add clusterIP, nodePort, loadBalancer support ( #8291 )
...
* registry: service add clusterIP, nodePort, loadBalancer support
* modify camelcase name to underscore
* Add registry service type compatibility check
2021-12-15 00:18:19 -08:00
singeleaf
4f2e4524b8
Fix external lb error ( #8299 )
2021-12-13 14:46:27 -08:00
Marat Talipov
4f27c763af
containerd insecure registry support ( #8298 )
2021-12-13 00:41:58 -08:00
Cristian Calin
0e969c0b72
vSphere-CSI: update to 2.4.0 ( #8295 )
2021-12-10 11:07:23 -08:00
Steven Reitsma
b396801e28
Update Cinder CSI to v1.22 ( #8296 )
2021-12-10 10:49:11 -08:00
Cristian Calin
682c8a59c2
containerd: change default resolvconf_mode to host_resolvconf ( #8247 )
...
* containerd: change default resolvconf_mode to host_resolvconf
* Wait for kube-apiserver to come back after pod refresh
* Handle resolv.conf gracefully
* Retain currently configured DNS entries to ensure we don't break the resolvers
* Suse uses wickedd for network management so no dhcp hooks
* Molecule: increase ansible timeout
* CI: Increase ansible timeout to 120s for Packet jobs
2021-12-09 14:09:06 -08:00
Florian Ruynat
5a25de37ef
Revert "remove no longer present etcd nodes from APIEndpoints list in kubeadm-config configmap ( #8244 )" ( #8287 )
...
This reverts commit dc767c14b9
.
2021-12-09 08:24:16 -08:00
zhengtianbao
4ef2cf4c28
Registry add TLS and authentication support ( #8229 )
...
* Add registry TLS support
* Add registry configmap and htpasswd auth
2021-12-07 08:32:00 -08:00
Cristian Calin
990ca38d21
Kata-Containers: add 2.3.0 ( #8276 )
...
* Kata-Containers: add checksums for 2.3.0
* Kata-Containers: version 2.3.0 requires kubernetes 1.22.0+
2021-12-07 08:18:08 -08:00
Cristian Calin
c7e430573f
Calico: upgrade 3.21.x to 3.21.2 ( #8275 )
2021-12-07 08:18:01 -08:00
Cristian Calin
a328b64464
runc: upgrade to v1.0.3 ( #8274 )
2021-12-07 06:10:02 -08:00
zhengtianbao
a16d427536
Set etcd-events listen port to 2383 ( #8232 )
2021-12-07 00:28:01 -08:00
Cristian Calin
c98a07825b
Use cgroupsv2 where available (fedora) ( #8237 )
...
* Containerd: use cgroupsv2 where available (fedora)
* Docker: use cgroupsv2 where available (fedora)
* cri-o: use cgroupsv2 where available (fedora)
2021-12-06 11:19:33 -08:00
Samuel Liu
a98ca6fcf3
Update loadbalancers versions ( #8272 )
...
* Update loadbalancers versions
* fix haproxy_config_dir mode
2021-12-06 09:40:32 -08:00
Samuel Liu
4550f8c50f
calico_flexvol ( #8273 )
2021-12-06 05:00:32 -08:00
toplordsaito
9afca43807
change dns upstream condition for coredns ( #8263 )
...
upstream_dns_servers should change corefile config even resolvconf_mode=docker_dns
2021-12-06 02:46:32 -08:00
Alvaro Campesino
27ab364df5
Improve control plane scale flow ( #13 ) ( #7989 )
...
* Improve control plane scale flow (#13 )
* Added version 1.20.10 of K8s
* Setting first_kube_control_plane to a existing one
* Setting first_kube_control_plane to a existing one
* change first_kube_master for first_kube_control_plane
* Ansible-lint changes
2021-12-06 00:16:32 -08:00
Hanna Bledai
615216f397
Fix if bind-address is not set to 0.0.0.0 ( #8262 )
...
* if bind-address is not set to 0.0.0.0
* Update docs and left comments
* fix yamllist check: remove space
2021-12-05 23:58:32 -08:00
Kenichi Omichi
46b1b7ab34
Fix k8scsi/csi-resizer repo ( #8270 )
...
If trying to pull k8scsi/csi-resizer image from gcr.io, we face the error
like:
$ docker pull gcr.io/k8scsi/csi-resizer:v1.0.0
Error response from daemon: Head https://gcr.io/v2/k8scsi/csi-resizer/
manifests/v1.0.0: unknown: Project 'project:k8scsi' not found or deleted.
$
We can pull the image from quay.io instead.
This fixes the issue.
2021-12-05 23:42:32 -08:00
Alvaro Campesino
30d9882851
Add nodelocaldns only if it is enabled ( #7731 )
2021-12-03 20:36:31 -08:00
Cristian Calin
dfdebda0b6
Calico: remove duplicate values for CALICO_DISABLE_FILE_LOGGING and FELIX_DEFAULTENDPOINTTOHOSTACTION ( #8269 )
2021-12-03 20:32:31 -08:00