Chris
883194afec
Fix Cilium permissions ( #5923 )
...
* added required permissions for querying endpointslice resources
* copy-pasted role permissions from cilium install manifests
* bumped cilium version to v1.7.2
2020-04-10 23:47:48 -07:00
Alexander Kross
0d675cdd1a
Update Calico to v3.13.2, Multus to v3.4.1. Add ConfigMap get permission to allow calico-node access to kubeadm config. ( #5912 )
2020-04-09 07:27:43 -07:00
Anshul Sharma
79a6b72a13
Removed deprecated label kubernetes.io/cluster-service ( #5372 )
2020-03-30 01:19:53 -07:00
Petr Enkov
474fbf09c4
fix wrong cilium_operator repo variable ( #5819 )
2020-03-25 02:17:03 -07:00
Petr Enkov
bc2eeb0560
use variables for cilium-operator instead of hardcoded value ( #5802 )
2020-03-24 07:40:47 -07:00
Mateus Caruccio
81f07c3783
Disable IPv6 support for canal's calico-node ( #5684 )
...
This implements the same behavior as a15a0b5eb9/roles/network_plugin/calico/templates/calico-node.yml.j2
More info: https://github.com/projectcalico/felix/issues/1447
2020-03-24 07:10:49 -07:00
bozzo
3cefd60c37
Add OWNERS file for kube-router ( #5782 )
...
I propose also my help as a reviewer
2020-03-17 04:14:22 -07:00
bozzo
974902af31
Update Kube-router version to v0.4.0 ( #5756 )
2020-03-17 02:40:21 -07:00
hfinucane
158d998ec4
Support configuring the Calico iptables insert mode ( #5473 )
...
* Support configuring the insert mode
Defaults to the upstream default https://docs.projectcalico.org/v3.9/reference/felix/configuration
so nothing should change for existing deployments.
This allows coexistence with other firewall management technologies.
* Add a note to the sample config
2020-03-14 06:36:35 -07:00
Christopher Randles
71c856878c
update multus to 3.4 and add crio support ( #5701 )
...
Signed-off-by: Chris Randles <randles.chris@gmail.com>
2020-03-13 04:22:39 -07:00
Sergey
e60b9f796e
add calico VXLAN mode, update docs and vars in sample inventory ( #5731 )
...
* calico VXLAN mode
* check vars if calico backend defined
2020-03-12 01:20:37 -07:00
Fredrik Lönnegren
e257d92f41
Cilium updates ( #5438 )
...
* Add resources needed to deploy 1.6.4
* Use cilium v1.6.4
* Change deprecated option name
* Add update crd to clusterrole cilium
* Cilium 1.6.4 -> 1.6.5
* Make monitor-aggregation config configurable as a variable
* Change monitor-aggregation default none->medium
* Cilium 1.6.5 -> 1.6.6
* Update to 1.7.0
* v1.7.0->v1.7.1
2020-03-11 08:15:36 -07:00
Arthur Outhenin-Chalandre
588896712e
Fix kube-router config generation ( #5531 )
...
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
2020-03-04 02:11:47 -08:00
Chad Swenson
a15a0b5eb9
Make calico iptables lock timeout configurable ( #5658 )
...
Adds `calico_iptables_lock_timeout_secs` variable to calico DS yaml.
2020-02-19 02:28:25 -08:00
Sylvain Chateau
0ca7aa126b
added "Flatcar", "Flatcar Container Linux by Kinvolk" for all coreOS role ( #5607 )
2020-02-18 00:15:29 -08:00
lcooper40
579976260f
Added in code to allow control over pull policy for local path provis… ( #5334 )
...
* Added in code to allow control over pull policy for local path provisioner
* change to imagePullPolicy to use globally used variable k8s_image_pull_policy
* removed unusued variable from defaults
* updated contiv-etcd and cinder-csi-controllerplugin to use k8s_image_pull_policy variable
2020-02-17 02:13:30 -08:00
Matthew Mosesohn
b35b816287
Raise typha max connections to 300 ( #5527 )
...
Raises limit from 100 to 300 because the default is far too low
and the pod can handle 300 with the given resources.
Change-Id: Ib1eec10da3d09d198933fcfe87291587e58d7cdb
2020-01-10 00:24:33 -08:00
Etienne Champetier
2c2ffa846c
Calico: update to 3.11.1, allow to configure calico_iptables_backend ( #5514 )
...
I've tested this update by deploying a containerd / etcd cluster on top CentOS7,
MetalLB + NGINX Ingress. Upgrade using upgrade-cluster.yml
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2020-01-08 02:27:40 -08:00
bozzo
c0b262a22a
Add kube-router configuration to enable metrics exposure ( #5416 )
2019-12-16 04:35:36 -08:00
Maxime Guyot
b15d41a96a
Add support to Ansible 2.9 ( #5361 )
2019-12-05 07:24:32 -08:00
Matthew Mosesohn
7da2083986
Add toleration for calico-typha on master ( #5405 )
...
Change-Id: Iea9a366cf6ccc4d491bfc49c5d2dba6d98f81b69
2019-12-05 06:24:32 -08:00
Aaron Crickenberger
f1498d4b53
fix OWNERS file ( #5359 )
...
Initially this was to fix a mis-indented approvers key. However, it turns
out that 'oilbeater' is not a member of kubernetes-sigs nor
kubernetes-incubator (the org this repo was migrated from). Thus this
OWNERS file is failing prow's validation check.
As a workaround I've opted to move them to emeritus_approver, which
isn't valiated and can be used as a hint for other approvers in this
repo
2019-11-25 17:59:11 -08:00
Jacopo Secchiero
97764921ed
Fix calico name resolution ( #5291 )
2019-11-11 04:01:41 -08:00
Quentin Gliech
8a406be48a
Fix indentation in cilium-ds.yml template ( #5305 )
2019-11-11 03:25:41 -08:00
Junho Suh
076f254a67
Add cilium_tunnel_mode variable to the cilium config ( #5295 )
2019-11-11 03:19:42 -08:00
Matthew Mosesohn
2c4e6b65d7
Raise delay and retry for rotate tokens ( #5304 )
...
Change-Id: I87844b43b9a18064e7a99567ce57c1ca1ffcc4a8
2019-10-30 01:56:52 -07:00
Matthew Mosesohn
94d4ce5a6f
Retry cleaning up calico-node container ( #5302 )
...
Change-Id: Iad27b107860213759c7ae51f0891d7e5e7c6d96b
2019-10-28 05:11:25 -07:00
Matthew Mosesohn
a1fff30bd9
Generate TLS certs for calico typha ( #5258 )
...
* Generate TLS certs for calico typha
Change-Id: I3883f49c124c52d0fc5b900ca2b44e4e2ed0d707
* Add group vars note
Change-Id: I63550dfef616e884efdbd42010a90b2c04c5eb69
2019-10-17 07:02:38 -07:00
Sergey
81d57fe658
set calico_datastore default value in role kubespray-default ( #5259 )
2019-10-17 05:58:38 -07:00
Hugo Blom
9dfb25cafd
fix typo ( #5275 )
2019-10-16 18:26:38 -07:00
Matthew Mosesohn
af6456d1ea
Fix selector for calico-typha deployment ( #5253 )
...
Change-Id: I79f43379cbe1c495cb416f0572e65f695d5ec2b8
2019-10-16 07:53:42 -07:00
陈谭军
8bc0710073
clean up document ( #5214 )
2019-10-02 04:41:07 -07:00
Matthew Mosesohn
fb591bf232
Apply workaround for NetworkManager and calico ( #5230 )
...
Change-Id: I5cb2bdf1a57707c1b8da3e5ac0c80e5c353480a4
2019-10-02 04:37:07 -07:00
Matthew Mosesohn
a43e0d3f95
Switch to Kubernetes v1.16.0 ( #5189 )
...
* Switch to Kubernetes v1.16.0
Change-Id: I5d6a9528b2d443750fc5e031aff15ad3ffead158
* Fix download localhost cached file path
Change-Id: I65e79b70e3d1b37265ebc60f41b460cf4b0a0d47
* fix kubeadm etcd for v1.16
Change-Id: I6888a00fd48b530a38b0b31c4095492476af42d2
* disable tf packet jobs
Change-Id: I075c4666547fdea4c50ec04864f38e2cfaa79154
* Disable contiv packet jobs. Fix kube-router
Change-Id: I3170e8789e60711d4cee8faf65f2094480b79b8d
* bump sonobuoy version
Change-Id: Ib946905629c7c53ed88f08fb2f41c454457a0097
2019-10-02 02:21:07 -07:00
陈谭军
99dbc6d780
clean-up doc,spelling mistakes ( #5206 )
2019-09-26 04:25:08 -07:00
陈谭军
3bcdf46937
fix-up some spelling mistakes ( #5202 )
2019-09-25 23:27:08 -07:00
Erwan Miran
f18e77f1db
Blocksize for calico default pool should be configurable ( #5198 )
2019-09-25 04:44:00 -07:00
Matthew Mosesohn
27ec548b88
Add support for k8s v1.16.0-beta.2 ( #5148 )
...
Cleaned up deprecated APIs:
apps/v1beta1
apps/v1beta2
extensions/v1beta1 for ds,deploy,rs
Add workaround for deploying helm using incompatible
deployment manifest.
Change-Id: I78b36741348f47a999df3841ee63cf4e6f377830
2019-09-10 12:06:54 -07:00
Matthew Mosesohn
184ac6a4e6
Parse calico nodes as json ( #5114 )
2019-08-27 10:16:42 -07:00
Matthew Mosesohn
7e1645845f
Allow calico settings to be modified ( #5101 )
...
Previous logic used calicoctl.sh create --skip-exists, which
allowed setting initial values, but not permitting changes.
2019-08-23 00:01:19 -07:00
Xiaodu
b0437516c1
Kube-router annotate.yml: Use group 'k8s-cluster' instead of 'all' ( #5087 ) ( #5088 )
2019-08-19 04:53:29 -07:00
Matthew Mosesohn
023108a733
Refactor calico route reflector to run in k8s cluster ( #4975 )
...
* Refactor calico-rr to run in k8s cluster with taint
Change-Id: I75a3169ff5b36ce8302fc7ef1c32d3eb697b5afa
* add preinstall checks
* rework calico/rr role
Change-Id: I2f0a7e6cb77cf91ad4a615923680760d2e5d9ca8
* add empty calico-rr group
Change-Id: I006c0a60db9b72d02245bf8fdfabcf982144a5ad
2019-08-08 07:37:22 -07:00
Holger Frydrych
bc6de32faf
Upgrade Cilium network plugin to v1.5.5. ( #5014 )
...
* Needs an additional cilium-operator deployment.
* Added option to enable hostPort mappings.
2019-08-06 01:37:55 -07:00
Oilbeater
1be788f785
add Kube-OVN cni to kubespray ( #5020 )
2019-07-30 20:10:20 -07:00
Aleksey Kasatkin
fb9103acd3
Update calico-typha deployment to address v3.7.x changes ( #5003 )
...
* Update calico-typha deployment to address v3.7.x changes
So that calico-typha works for Calico v3.7.x.
* Apply changes for v3.7.x only.
2019-07-24 09:12:16 -07:00
nico-netminded
49d921cf91
Restart canal after scale or upgrade. Just like PR#4531, but for canal ( #4992 )
2019-07-22 00:50:53 -07:00
Andreas Krüger
a3ca441998
Remove unused handlers from Flannel CNI ( #4984 )
...
* Only reload docker when is_atomic for Flannel
* Remove unused handlers from Flannel CNI
2019-07-21 00:16:54 -07:00
Sergey Kolekonov
428e52e0d1
Fix calico handler for containerd ( #4985 )
...
crictl tool must be used to delete containers in case of containerd
deployment
2019-07-16 08:35:24 -07:00
刘旭
de9443a694
remove unused code ( #4981 )
2019-07-16 01:39:24 -07:00
Matthew Mosesohn
23ae6027ab
remove support for calico v2.x ( #4974 )
...
* Remove support for calico below version v3.0.0
Change-Id: If8fe3036b9e054901a8b2c48516eff1e1271970f
* Update main.yml
* fixup node peering
Change-Id: Ifac4d363deba826f0c80e390ce80a28df9827323
* fixups
Change-Id: Ic35417330af6741962003b3930604393c90804d1
* fixups
Change-Id: I0ea82d634bb0c81d9b7dc50569c70988bc8d3a3b
2019-07-15 07:47:09 -07:00