Victor Morales
e88aa7c96b
Add youki runtime support ( #8411 )
2022-01-21 14:01:07 -08:00
Johann Schley
38d129a0b6
add external hcloud cloud controller manager ( #8440 )
2022-01-20 12:31:09 -08:00
onock
392815d97c
[cert-manager] Fix missing RBAC rules for ClusterRole cert-manager-cainjector kubernetes-sigs#8104. ( #8444 )
2022-01-20 12:17:09 -08:00
rtsp
e791089466
cert-manager: Fix incorrect leader election namespace lead to insufficient permission ( #8433 )
2022-01-17 02:37:29 -08:00
Cristian Calin
418f12f62a
[calico] drop 3.18.x and make 3.21.x the new default ( #8426 )
2022-01-17 02:29:29 -08:00
Necatican Yıldırım
caff539ccd
Add identity_allocation_mode support for Cilium ( #8430 )
...
Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
Signed-off-by: necatican <necaticanyildirim@gmail.com>
Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
2022-01-16 09:29:28 -08:00
Samuel Liu
1a69f8c3ad
parameterized snaphot controller namespaces ( #8305 )
...
* Parameterized snaphot controller namespaces
* add ns yml
* add docs
* namespace
2022-01-14 12:58:26 -08:00
rtsp
ccd3180a69
cert-manager: Allow to change leader election namespace for GKE Autopilot support ( #8424 )
...
More information:
- kubernetes-sigs/kubespray#8393
- jetstack/cert-manager#4102
- jetstack/cert-manager#3717
2022-01-14 12:54:26 -08:00
cyril-corbon
01dcbc18ac
feat: upgrade metallb to v0.11.0 ( #8420 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-01-14 05:22:28 -08:00
Florian Ruynat
7c67ec4976
Fix kubectl call before installing it ( #8412 )
2022-01-12 23:12:29 -08:00
Cristian Calin
1337c9c244
[csi-snapshotter] upgrade to 5.0 ( #8403 )
2022-01-11 09:14:33 -08:00
cyril-corbon
86953b2ac4
fix: add tolerations / affinity to cert-manager ( #8389 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-01-11 09:14:26 -08:00
Mathieu Parent
cfd9873bbc
Allow to choose container manager commands ( #8380 )
...
This allow to workaround #8375 by using image_command_tool=crictl
when containerd_registries is used for containerd.
Also changes image_info_command_on_localhost for docker to return digests.
2022-01-11 01:13:16 -08:00
Samuel Liu
b2b95cc8f9
fix 0090-etchosts ( #7634 )
2022-01-11 01:03:16 -08:00
Kenichi Omichi
73c889eb10
Fix failures of ansible-lint ( #8401 )
...
This fixes the following types of failures:
- empty-string-compare
- literal-compare
- risky-file-permissions
- risky-shell-pipe
- var-spacing
In addition, this changes .gitlab-ci/lint.yml to block the same issue
by using the same method at Kubespray CI.
2022-01-11 00:45:16 -08:00
Victor Morales
642725efe7
Bump containerd version to 1.5.9 ( #8402 )
2022-01-11 00:05:16 -08:00
Cristian Calin
29aafff2ce
etcd: add 3.5.1 for kubernetes 1.23+ ( #8320 )
2022-01-10 22:45:15 -08:00
forselli-stratio
df425ac143
Fix etcd certificates reference to support etcd_kubeadm_enabled:true ( #7766 )
...
* Fix etcd certificates reference to support etcd_kubeadm_enabled:true
* Add retries to ETCD Join Member task
* Fix etcd certificates reference when etcd_kubeadm_enabled:true
* Fix conflicts
2022-01-10 15:24:25 -08:00
Unai Arríen
57a1d18db3
Improve first_kube_control_plane variable management to avoid installation failures due to variable overlapping ( #8388 )
2022-01-10 01:35:19 -08:00
rtsp
aa4a3d7afd
Fix container engine still installed on dedicated etcd node even if etcd_deployment_type: host
( #8386 )
2022-01-10 01:35:12 -08:00
Alex
06ad5525b8
replace runc 1.0.3 arm64 hash with 0 ( #8391 )
2022-01-10 01:31:13 -08:00
Kenichi Omichi
f80fd24a55
Fix risky-file-permissions ( #8370 )
...
When running ansible-lint directly, we can see a lot of warning
message like
risky-file-permissions File permissions unset or incorrect
This fixes the warning messages.
2022-01-09 01:51:12 -08:00
Kenichi Omichi
51bd9bee0d
Move containerd_version to defaults/main.yml ( #8379 )
...
All container image versions were defined in download/defaults/main.yml
except containerd.
The inconsistency caused the offline script(generate_list.sh) could not
output the URL of containerd image.
This moves the definition into a valid file.
In addition, this adds host_os to generate_list.sh for downloading
krew from a valid URL.
2022-01-09 01:47:12 -08:00
Victor Morales
52266406f8
Bump cert-manager version to v1.6.1 ( #8377 )
2022-01-07 16:45:34 -08:00
cyril-corbon
cd601c77c7
feat: upgrade metrics server to v0.5.2 ( #8338 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-01-07 08:18:33 -08:00
Florian Ruynat
6abae713f7
Update helm / kube-router and coredns ( #8382 )
...
* Update kube-router to 1.4.0
* Update Helm to 3.7.2
* Up coredns to 1.8.6 when k8s is 1.23.x
2022-01-06 12:14:27 -08:00
Alex
1312f92a8d
adding 0 checksum for kata_containers_version on arm(64) ( #8383 )
2022-01-06 12:08:27 -08:00
Unai Arríen
92abf26d29
Ensure taint configuration for secondary control-plane nodes ( #8363 )
2022-01-05 23:56:28 -08:00
Bart Sloeserwij
59f62473c9
Update configuration of registries in cri-o ( #7852 )
...
* Update configuration of registries in cri-o
* Update docs to match new registry configuration
2022-01-05 07:36:40 -08:00
Choi Yongbeom
dda557ed23
Update config.toml.j2 ( #8340 )
...
* Update config.toml.j2
i think this commit code is not completed works
exam registry address : a.com:5000
insecure registry must be http://a.com:5000
but this code add insecure a.com:5000 (without http://)
If there is no http, containerd accesses with https even if insecure_skip_verify = true
solution is code edit
* Update config.toml.j2
* Update containerd.yml
* Update containerd.yml
* Update containerd.yml
* Update config.toml.j2
2022-01-05 02:56:33 -08:00
Max Gautier
cb54eb40ce
Use a variable for standardizing kubectl invocation ( #8329 )
...
* Add kubectl variable
* Replace kubectl usage by kubectl variable in roles
* Remove redundant --kubeconfig on kubectl usage
* Replace unecessary shell usage with command
2022-01-05 02:26:32 -08:00
Cristian Calin
3eab1129b9
CI: Replace CentOS 8 with AlmaLinux 8 before CentOS 8 EOL end of 2021 ( #8297 )
2022-01-05 02:20:33 -08:00
Choi Yongbeom
24f1402a14
nerdctl insecure registry config ( #8339 )
...
* Update prep_download.yml
nerdctl insecure registry config
* Update prep_download.yml
* Update prep_download.yml
apply conversations advice
* Update prep_download.yml
* Update prep_download.yml
* Update prep_download.yml
* Update prep_download.yml
* Update prep_download.yml
* Update prep_download.yml
* Update main.yml
* Update main.yml
* Update prep_download.yml
* Update prep_download.yml
2022-01-05 01:14:33 -08:00
Necatican Yıldırım
bf00550388
Upgrade Cilium to 1.11.0 ( #8354 )
...
* Remove kvstore args from Cilium DaemonSet
Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* Bump Cilium to 1.11.0
Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
Signed-off-by: necatican <necaticanyildirim@gmail.com>
Co-authored-by: Emin Aktaş <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
2022-01-05 00:36:32 -08:00
Florian Ruynat
6136fa7c49
Update Kubernetes version to 1.23.1
2022-01-04 10:25:00 -08:00
Florian Ruynat
8d2b4ed4a9
Move min k8s version to 1.21
2022-01-04 10:25:00 -08:00
Cristian Calin
4c4c83f0a1
crun update to 1.4 ( #8330 )
...
* [crun] update crun to 1.4
* [crun] drop pre-1.x versions
2022-01-04 08:30:53 -08:00
Unai Arríen
0e98814732
Configure PriorityClassName for MetalLB deployment ( #8362 )
2022-01-04 08:20:52 -08:00
Max Gautier
92f25bf267
Simplify usage of pre-remove role ( #8334 )
...
- Use builtin task scheduling of ansible (same task on each host)
instead of manual looping on master
Benefits:
- One less play in remove-node.yml playbook
- Parralel node drain
- Drain parameters (timeout, grace period, retries,
allow_ungraceful_removal) can be adjusted separately for each node
with ansible variables
2022-01-04 07:10:53 -08:00
Romain ALBON
63a53c79d0
Fix - Search root filesystem device ( #8366 )
2022-01-04 06:48:52 -08:00
Florian Ruynat
841c61aaa1
Revert "Fix external lb error ( #8299 )" ( #8360 )
...
This reverts commit 4f2e4524b8
.
2022-01-03 01:37:00 -08:00
Samuel Liu
157942a462
fix resolved config ( #8351 )
2022-01-03 00:06:59 -08:00
jbpratt
e88a27790c
fix spelling error ( #8342 )
2022-01-02 23:55:00 -08:00
Cristian Calin
ed3932b7d5
[cni-plugins] upgrade to stable 1.0.1 ( #8331 )
...
* [cni-plugins] upgrade to stable 1.0.1
* [flannel] use binary from dedicated project
2021-12-23 23:16:15 -08:00
emiran-orange
2b5c185826
calico_pool_blocksize must be cast as well in assertion when defined ( #8321 )
...
* calico_pool_blocksize must be cast as string in assertion when defined
* Cast as int rather than string
2021-12-23 00:58:37 -08:00
zhengtianbao
c3c128352f
Remove registry-proxy ( #8327 )
2021-12-21 23:55:35 -08:00
zhengtianbao
02a89543d6
registry: add ingress support ( #8311 )
2021-12-21 10:20:46 -08:00
Cristian Calin
c1954ff918
Support deploying kubernetes 1.23 ( #8323 )
...
* Ensure entries for 1.23 are added for supported_versions vars
* cri-o: add support for kubernetes 1.23 but still use cri-o 1.22
* kubescheduler-config: diferentiate config versions based on kube_version
2021-12-21 01:38:46 -08:00
Kenichi Omichi
b49ae8c21d
Delete "kubeadm alpha certs" code ( #8322 )
...
"kubeadm alpha certs" command has been promoted to "kubeadm certs" command,
and "kubeadm alpha certs" has been deprecated since Kubernetes v1.20 as [1].
In addition, Kubespray supports Kubernetes v1.20+.
This delete the deprecated command for cleanup.
[1]: https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.20.md#deprecation
2021-12-20 12:53:33 -08:00
Calin Cristian Andrei
1a7b4435f3
Bump default version of kubernetes to 1.22.5
2021-12-20 08:56:56 -08:00