Commit graph

160 commits

Author SHA1 Message Date
Matt Calvert
c2c97c36bc Add in tests for Calico with dual-stack networking 2021-02-05 00:04:52 -08:00
Cristian Klein
b77460ec34
contrib/terraform/exoscale: Rework SSH public keys (#7242)
* contrib/terraform/exoscale: Rework SSH public keys

Exoscale has a few limitations with `exoscale_ssh_keypair` resources.
Creating several clusters with these scripts may lead to an error like:

```
Error: API error ParamError 431 (InvalidParameterValueException 4350): The key pair "lj-sc-ssh-key" already has this fingerprint
```

This patch reworks handling of SSH public keys. Specifically, we rely on
the more cloud-agnostic way of configuring SSH public keys via
`cloud-init`.

* contrib/terraform/exoscale: terraform fmt

* contrib/terraform/exoscale: Add terraform validate

* contrib/terraform/exoscale: Inline public SSH keys

The Terraform scripts need to install some SSH key, so that Kubespray
(i.e., the "Ansible part") can take over. Initially, we pointed the
Terraform scripts to `~/.ssh/id_rsa.pub`. This proved to be suboptimal:
Operators sharing responbility for a cluster risk unnecessarily replacing resources.

Therefore, it has been determined that it's best to inline the public
SSH keys. The chosen variable `ssh_public_keys` provides some uniformity
with `contrib/azurerm`.

* Fix Terraform Exoscale test

* Fix Terraform 0.14 test
2021-02-03 07:32:28 -08:00
Florian Ruynat
9007d6621a
Update nginx, minor weave and misc CI tools (vagrant/terraform) (#7215) 2021-01-26 08:22:34 -08:00
Florian Ruynat
81b4ffa6b4
Add Fedora 33 CI, remove Fedora 31 (#7072) 2021-01-14 08:27:05 -08:00
Etienne Champetier
29f1c40580
Ignore all .git* for mardownlint (#7109)
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2021-01-07 10:16:53 -08:00
Kenichi Omichi
398a995798
Fix markdownlint failures under ./roles/ (#7089)
This fixes markdownlint failures under roles/
2020-12-30 05:07:49 -08:00
Kenichi Omichi
dc86b2063a
Fix markdown failures on contrib/terraform (#7082)
This fixes markdown failures on contrib/terraform.
2020-12-25 12:10:27 -08:00
Cristian Klein
fd3ebc13f7
Fix terraform0.13 errors (#7077)
* [terraform/aws] Fix Terraform >=0.13 warnings

Terraform >=0.13 gives the following warning:

```
Warning: Interpolation-only expressions are deprecated
```

The fix was tested as follows:
```
rm -rf .terraform && terraform0.12.26 init && terraform0.12.26 validate
rm -rf .terraform && terraform0.13.5 init && terraform0.13.5 validate
rm -rf .terraform && terraform0.14.3 init && terraform0.14.3 validate
```
which gave no errors nor warnings.

* [terraform/openstack] Fixes for Terraform >=0.13

Terraform >=0.13 gives the following error:
```
Error: Failed to install providers
Could not find required providers, but found possible alternatives:
  hashicorp/openstack -> terraform-provider-openstack/openstack
```

This patch fixes these errors.

This fix was tested as follows:
```
rm -rf .terraform && terraform0.12.26 init && terraform0.12.26 validate
rm -rf .terraform && terraform0.13.5 init && terraform0.13.5 validate
rm -rf .terraform && terraform0.14.3 init && terraform0.14.3 validate
```
which gave no errors nor warnings for Terraform 0.13.5 and Terraform
0.14.3. Unfortunately, 0.12.x gives a harmless warning, but
with 0.14.3 out the door, I guess we need to move on.

* [terraform/packet] Fixes for Terraform >=0.13

This fix was tested as follows:
```
export PACKET_AUTH_TOKEN=blah-blah
rm -rf .terraform && terraform0.12.26 init && terraform0.12.26 validate
rm -rf .terraform && terraform0.13.5 init && terraform0.13.5 validate
rm -rf .terraform && terraform0.14.3 init && terraform0.14.3 validate
```

Errors are gone, but warnings still remain. It is impossible to please
all three versions of Terraform.

* Add tests for Terraform >=0.13
2020-12-23 05:08:26 -08:00
Kenichi Omichi
5b5726bdd4
Improve markdownlint for contrib/network-storage (#7079)
This fixes markdownlint failures under contrib/network-storage and
contrib/vault.
2020-12-23 00:00:26 -08:00
Kenichi Omichi
1347bb2e4b
Improve markdownlint coverage (#7075)
Now markdownlint covers ./README.md and md files under ./docs only.
However we have a lot of md files under different directories also.
This enables markdownlint for other md files also.
2020-12-22 04:44:26 -08:00
Kenichi Omichi
43dbff938e
Exclude .git/ from shellcheck (#7048)
If a branch name contains '.sh', current shellcheck checks the branch
file under .git/ and outputs error because the format is not shell
script one.
This makes shellcheck exclude files under .git/ to avoid this issue.
2020-12-16 15:51:09 -08:00
Florian Ruynat
f6eed8091e
Remove contiv related files (#6964) 2020-11-30 06:48:50 -08:00
Florian Ruynat
947162452d
Forgotten debian10 test during nightly tests (#6769) 2020-09-30 07:19:26 -07:00
Florian Ruynat
49bcf91aaf
Allow period ci jobs to fail (#6737) 2020-09-24 09:22:06 -07:00
Maxime Guyot
09b8314057
Add support for periodic CI (#6715) 2020-09-18 08:08:46 -07:00
Florian Ruynat
705ad84ce7
Update third party librairies and tools (#6669) 2020-09-17 02:36:46 -07:00
Kuralamudhan Ramakrishnan
90e5f8ffe1
adding ovn4nfv in kubespray (#6381)
Signed-off-by: Kuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com>
2020-07-31 07:33:08 -07:00
Florian Ruynat
bf6168fca8
Move fedora30 jobs to fedora32 (#6426) 2020-07-30 23:31:07 -07:00
Arthur Outhenin-Chalandre
3550e3c145
Adding kube-proxy-replacement support in cilium (#6334)
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
2020-07-30 02:46:31 -07:00
Lovro Seder
96a2b386f2
Fix shellcheck url (#6462) 2020-07-28 05:57:08 -07:00
Maxime Guyot
b35e6558bc
Always enable GitLab CI artifacts for cluster-dump (#6412) 2020-07-16 13:45:00 -07:00
Arthur Outhenin-Chalandre
abfa1636e4
Fix kube-proxy post deployment removal (#5554)
* Fix kube-proxy removal

* Fix unwanted skipped task for kube-proxy
* Fix kube_proxy_remove default

Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>

* Add test for kube-router svc proxy

Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
2020-07-13 07:12:33 -07:00
Maxime Guyot
935c5093e2
Enable OVH CI (#6365) 2020-07-06 01:56:51 -07:00
Joel Seguillon
4c1e0b188d
Add .editorconfig file (#6307) 2020-06-29 12:39:59 -07:00
Maxime Guyot
69a48cbdd7
Add Vagrant CI for Ubuntu 20.04 (#6279) 2020-06-18 01:18:05 -07:00
Maxime Guyot
c6588856c7
Add Ubuntu 20.04 support and use Python 3 (#6157) 2020-06-16 13:04:05 -07:00
Maxime Guyot
9afd3f0c32
Use a random subnet for elastx CI (#6232) 2020-06-06 12:11:45 -07:00
Maxime Guyot
b98cb74f5e
Use 19.03.9 in localhost CI (#6201) 2020-06-04 08:59:14 -07:00
Maxime Guyot
fd59556222
Add Elastx CI (#6127) 2020-06-03 00:00:17 -07:00
Maxime Guyot
83d945127f
Make vagrant CI normal (#6074) 2020-05-28 00:46:02 -07:00
Maxime Guyot
1617a6ea8e
CI upgrade from v2.13.1 (#6188) 2020-05-27 05:22:40 -07:00
Florian Ruynat
e9ce7243b8
Match docker-cli version with docker-engine version (when available) (#6163) 2020-05-25 05:37:11 -07:00
Maxime Guyot
21ea079896
Disable OVH CI (#6114) 2020-05-09 15:19:50 -07:00
Florian Ruynat
c44f13114f
Allow containerd runtime with fedora os (30/31) - add CI test (#6094) 2020-05-08 07:55:43 -07:00
Maxime Guyot
641a2a8bb4
Skip molecule tests for Ubuntu 18.04 (#6077) 2020-05-05 07:17:09 -07:00
Florian Ruynat
38daee41d5
Reorder tests in packet file (#6067) 2020-05-03 12:36:26 -07:00
Maxime Guyot
412d560bcf
Add CI for 16x ubuntu servers (#6040) 2020-04-29 07:14:24 -07:00
Sergey
69603aed34
add strategy mitogen_linear when installed mitogen (#5985)
* add strategy mitogen_linear when installed mitogen

* add small docs

Rename playbook file

The raw action executes as a regular Mitogen connection, which requires Python on the target, so add strategy: linear to bootstrap-os role playbook.

* add mitogen to  CI test
fix typo

* enable mitogen test on deploy-part1 tests
change version from master to release
download tar.gz archive

* run all CI tests with mitogen

* disable mitogen with upgrade CI tests

* enable mitogen on CI tests via env vars

* disable mitogen on CI test by default, enable on some different OS

* disable mitogen CI test on centos8
(get error  /usr/bin/python: No such file or directory)
2020-04-24 05:20:07 -07:00
Maxime Guyot
6674be2572
Cleanup Vagrant VMs before molecule and vagrant CI (#6009) 2020-04-24 01:30:07 -07:00
Maxime Guyot
b44f7957d5
Update CI matrix (#6010) 2020-04-23 09:51:11 -07:00
Maxime Guyot
09bccc97ba
Add CRI-O CI (#5460) 2020-04-22 06:09:52 -07:00
Maxime Guyot
4d7eca7d2e
Add Dockerfile for vagrant image (#5977) 2020-04-18 13:53:36 -07:00
Maxime Guyot
3134dd4c0d
Drop support for Fedora 28 and add Fedora 30 and 31 (#5969) 2020-04-18 06:35:36 -07:00
Maxime Guyot
56a9c7a802
Add Vagrant CI (#5487) 2020-04-18 06:09:35 -07:00
Florian Ruynat
6a92e34994
Update tests names (#5904) 2020-04-15 09:24:03 -07:00
Florian Ruynat
c929b5e82e
Upgrade kube-ovn to v1.1.0 and move test from centos7 to centos8 (#5852) 2020-04-15 03:10:03 -07:00
Florian Ruynat
6a7c3c6e3f
Upgrade terraform version to 0.12.24 (#5928) 2020-04-10 23:47:56 -07:00
Maxime Guyot
7eaa7c957a
Fix conntrack for opensuse and docker support (#5880) 2020-04-08 07:37:44 -07:00
Etienne Champetier
75e743bfae
CentOS 8 CI (#5842)
* requirements.txt: Bump versions

Ansible 2.8+ allow ansible_python_interpreter autodetection

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>

* tests: do not force ansible_python_interpreter

we do not expect people to set ansible_python_interpreter, so we should not set it in the CI

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>

* Add CentOS 8 Calico to CI

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2020-04-07 05:49:43 -07:00
Maxime Guyot
e732df56a1
Move packet_centos7-calico-ha-once-localhost to the appropriate CI stage (#5881) 2020-04-02 02:02:24 -07:00
Maxime Guyot
ded58d3b66
Add molecule test for bootstrap-os (#5845) 2020-04-01 07:25:28 -07:00
Maxime Guyot
be9414fabe
Add cluster dump artifact in CI jobs (#5796) 2020-04-01 07:23:29 -07:00
Maxime Guyot
033afe1574
Fix Docker in Docker CI jobs (#5867) 2020-04-01 07:19:28 -07:00
Maxime Guyot
7ee2f0d918
Hide after_script output if return code is zero (#5862) 2020-03-31 05:28:40 -07:00
Maxime Guyot
b2d740dd1f
Add Ubuntu 20.04 RC image and test job (#5836) 2020-03-27 02:14:23 -07:00
Maxime Guyot
e03aa795fa
Move long running jobs into separate CI stage (#5837) 2020-03-26 13:56:24 -07:00
Maxime Guyot
221c6a8eef
Use a separate runner for light CI jobs (#5771) 2020-03-13 20:29:22 +03:00
Maxime Guyot
a4258b1244
Add automatic cleanup of OpenStack CI VMs (#5760) 2020-03-12 15:12:39 -07:00
Kubernetes Prow Robot
66408a87ee
Refactor download role (#5697)
* download file

* download containers

* fix push image to nodes

* pull if none image on host

* fix

* improve docker image tag checks.
do not pull already cached images

* rebase fix merge conflict

* add support download_run_once when upgrade and scale cluster
add some test with download_run_once

* set default values to temp flag for every download cycle

* add save,load abilty for containerd and crio when download_run_once=true

* return redefine image save/load command to  set_docker_image_facts.yml

* move set command to set_container_facts

* ctr in containerd_bin_dir

* fix order of ctr image export arguments

* temporary disable download_run_once for containerd and crio
due https://github.com/containerd/containerd/issues/4075

* remove unused files

* fix strict yaml linter warning and errors

* refactor logical conditions to pull and cache container images

* remove comment due lint check

* document role

* remove image_load_on_localhost, because cached images are always loaded to docker on remote sites

* remove XXX from debug output
2020-03-05 07:31:39 -08:00
qvicksilver
ac2135e450
Fix recover-control-plane to work with etcd 3.3.x and add CI (#5500)
* Fix recover-control-plane to work with etcd 3.3.x and add CI

* Set default values for testcase

* Add actual test jobs

* Attempt to satisty gitlab ci linter

* Fix ansible targets

* Set etcd_member_name as stated in the docs...

* Recovering from 0 masters is not supported yet

* Add other master to broken_kube-master group as well

* Increase number of retries to see if etcd needs more time to heal

* Make number of retries for ETCD loops configurable, increase it for recovery CI and document it
2020-02-11 01:38:01 -08:00
Maxime Guyot
9bdf6b00cc Remove inline shell in YAML for vagrant-validate (#5386) 2019-12-17 07:11:59 -08:00
Maxime Guyot
91b23caa19 Remove GCE tests files (#5459) 2019-12-17 07:09:59 -08:00
Maxime Guyot
5df48ef8fd [docs] Add CI matrix and script (#5461)
* Rename CI jobs from ubuntu to ubuntu16

* Add CI matrix and script
2019-12-17 07:07:59 -08:00
Maxime Guyot
95cf18ff00 Re introduce CI for upgrades (#5427) 2019-12-11 04:48:06 -08:00
Maxime Guyot
6ff5ccc938 Use kubespray/kubespray:v2.11.0 for CI (#5363) 2019-12-11 00:10:05 -08:00
Maxime Guyot
961c1be53e Remove Digital Ocean CI (#5418) 2019-12-10 04:39:29 -08:00
Maxime Guyot
37df9a10ff Add CI for Amazon Linux 2 (#5410) 2019-12-05 05:44:32 -08:00
Maxime Guyot
0f845fb350 Add support for Debian 10 (#5408) 2019-12-05 05:42:32 -08:00
Maxime Guyot
401d441c10 Fix Python code style for inventory_builder (#5362) 2019-12-05 01:48:32 -08:00
Maxime Guyot
a9b67d586b Add markdown CI (#5380) 2019-12-04 07:22:57 -08:00
Maxime Guyot
b1fbead531 Update to TF v0.12.12 (#5267) 2019-12-04 07:20:58 -08:00
Eric Lake
108a6297e9 Terraform dynamic inventory 0.12.12 (#5298)
* Update parsing of terraform state file for 0.12.12

* Resource does not seem to have a module element but instead has
provider
* Return the boolean right way if it is already a bool since a bool does
not have an lower method

* Remove the setting of ansible_ssh_user to root for all Packet

Not all servers in packet are accessed as root by default. CoreOS
systems use the `core` user. Removing this allows the user to specify
the remote user with an extra_var or in an ansible.cfg file.

* Default to root user for packet devices except on CoreOS

* Update TF_VERSION for packet in tf-validate-packet

Update TV_VERSION to 0.12.12 for gitlab-ci tf-validate-packet tests

* convert packet terraform files to TV_VERSION 4

* initalize terraform before copying the variable file to the top level dir
2019-10-29 00:02:42 -07:00
Matthew Mosesohn
a43e0d3f95 Switch to Kubernetes v1.16.0 (#5189)
* Switch to Kubernetes v1.16.0

Change-Id: I5d6a9528b2d443750fc5e031aff15ad3ffead158

* Fix download localhost cached file path

Change-Id: I65e79b70e3d1b37265ebc60f41b460cf4b0a0d47

* fix kubeadm etcd for v1.16

Change-Id: I6888a00fd48b530a38b0b31c4095492476af42d2

* disable tf packet jobs

Change-Id: I075c4666547fdea4c50ec04864f38e2cfaa79154

* Disable contiv packet jobs. Fix kube-router

Change-Id: I3170e8789e60711d4cee8faf65f2094480b79b8d

* bump sonobuoy version

Change-Id: Ib946905629c7c53ed88f08fb2f41c454457a0097
2019-10-02 02:21:07 -07:00
Hugo Blom
da015e0249 Updated Openstack to terraform 0.12 (#5062)
* update openstack to terraform 0.12(.5)

* replace cluter.tf with cluster.tfvars

* update README.md to terraform 0.12

* update Openstack CI tests to use terraform 0.12

* specify terraform version in openstack README

* gitlab CI to copy cluster.tfvars in case of openstack provider

* The terraform/openstack dynamic inventory can read
tfstate v4 (generated by terraform 0.12) and convert them internally
ro v3 (as generated by terraform 0.11.x).

Additionally the script has been updated to Python 3.
2019-08-18 01:30:05 -07:00
Andreas Holmsten
5337cff179 Add packet_ubuntu18-flannel-containerd (#5004) 2019-07-31 11:22:14 -07:00
Oilbeater
1be788f785 add Kube-OVN cni to kubespray (#5020) 2019-07-30 20:10:20 -07:00
Jeff Bornemann
728155a2a1 Support for Oracle Linux (#3655)
Fixed Issue #1032

test case for OEL7 AIL with kubeadm

Add packet CI stuff for oracle 7
2019-07-11 23:17:05 -07:00
Simon Lelievre
f599c2a691 add macvlan cni to kubespray (#4901)
* add macvlan cni to kubespray

* macvlan: lint yaml files and fix sample config file

* macvlan: add OWNERS file

* add macvlan to README

* macvlan : CI first shoot

* macvlan : CI add full masquerade

* delegate retrive pod cidr to master only

* macvlan: add config for CI

* macvlan: add netchecker deployment
2019-06-28 00:35:38 -07:00
Matthew Mosesohn
80fa294a31 Disable redundant CI test cases (#4918)
Change-Id: I1991bca8368adc20832d2bb15644411653446b51
2019-06-27 04:49:22 -07:00
Maxime Guyot
9b2d176617 Enable packet_ubuntu-contiv-sep (#4595) 2019-06-11 03:28:16 -07:00
Maxime Guyot
7a3547e4d1 Enable packet_*-kube-router jobs (#4594) 2019-06-11 02:58:18 -07:00
Maxime Guyot
4f05d801c3 Use short cluster_name for TF CI (#4835) 2019-06-04 04:25:00 -07:00
Maxime Guyot
956afcb33f Move tf-ovh to part2 (#4834) 2019-06-04 01:39:07 -07:00
Maxime Guyot
b45f3f0004 Add tf-ovh_coreos CI job (#4763) 2019-05-28 01:51:53 -07:00
Maxime Guyot
3f62492a15 Use standard testcases job for TF CI (#4732) 2019-05-14 02:01:14 -07:00
Maxime Guyot
5e3bd2dff1 Use common playbook to wait for SSH (#4734) 2019-05-10 01:25:59 -07:00
Maxime Guyot
3776000fc4 Run TF tests from repo root (#4723) 2019-05-08 23:40:49 -07:00
Maxime Guyot
f0572e59e7 Always do OVH CI (#4722) 2019-05-08 23:38:53 -07:00
Maxime Guyot
3f45122d0d Refactor Terraform CI (#4654) 2019-05-02 12:26:19 -07:00
Maxime Guyot
24b6698cc9 Disable CI deploys on master (#4690) 2019-05-02 12:20:20 -07:00
Andreas Krüger
73885d3b9e Validate Vagrantfile in CI unit-tests (#4642)
* Validate vagrant file on CI

* Install vagrant

* Install vagrant

* Install vagrant

* Install vagrant

* Install vagrant

* Install vagrant

* Test vagrant validate
2019-05-02 11:24:21 -07:00
Matthew Mosesohn
a5b46bfc8c Run dns_late preinstall tasks on all k8s nodes (#4672)
* Run dns_late preinstall tasks on all k8s nodes

Related issue: #4656

Change-Id: I63f8559ef1a497b7580ab084561e6603fe647834

* Fix ansible-lint

Change-Id: Ia5b33fa63dbc36d8c3e9557ef3f2ea02af2325a5

* Fix recover_control_plane lint issues

Change-Id: I16643a3193c11b6ba704e9698812cac7e4fd19a8
2019-04-29 05:12:21 -07:00
Andreas Krüger
38af93b60c Remove rkt support (#4671) 2019-04-29 01:14:20 -07:00
Matthew Mosesohn
009e208bcd Remove RHEL from packet deploy (#4661)
Change-Id: I131d77bb9d16cc0f252dd86166c29f72daa9a64a
2019-04-26 09:56:29 -07:00
Matthew Mosesohn
81e6877b02 Make cilium tests pass (#4660)
Cilium requires a high kernel. rhel7 and centos7 are too low, so they are removed.
Bumping ubuntu to ubuntu-1804

Change-Id: Ib1bffa45b8f9ed0ba500f751714372b3a3f7878b
2019-04-26 05:54:37 -07:00
Maxime Guyot
53e3463b5a Fix GCE tests with undefined CI_PLATFORM (#4650) 2019-04-25 04:20:47 -07:00
Maxime Guyot
696d481e3b Fix dynamic inventory parsing in contrib/tf/packet (#4645) 2019-04-25 00:40:46 -07:00
Andreas Krüger
3c5a4474ac Increase ansible-lint speed (#4632) 2019-04-24 05:28:00 -07:00
Andreas Krüger
f3e7615bef Switch deploy-part1 AIO job to Calico (#4628)
* Switch deploy-part1 AIO job to Calico

* Cleanup file

* Remove newline at end
2019-04-24 03:32:04 -07:00
Maxime Guyot
683efc5698 Move on_success test to deploy-part2 (#4627) 2019-04-24 01:42:04 -07:00