kyrie
d59a5bf431
update containerd_max_container_log_line_size default value ( #11585 )
Signed-off-by: KubeKyrie <shaolong.qin@daocloud.io>
1 month ago
Kay Yan
fcbcf3c03b
cri-o Switch to libexecdir ( #11584 )
Signed-off-by: Kay Yan <kay.yan@daocloud.io>
1 month ago
Serge Hartmann
0eeac591ad
variables cilium_enable_host_firewall and cilium_policy_audit_mode for configmap/cilium-config ( #11230 )
capitalise values for Host Firewall and Policy Audit Mode
fix missing quotes
1 month ago
ChengHao Yang
fabf17a10c
Add Fedora 39/40 images in test-infra ( #11578 )
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
1 month ago
Baargav
860c15cec1
Update cluster-role for cilium to prevent errors in agent startup ( #11466 )
* Update cluster-role for cilium to prevent errors in agent startup
ciliumloadbalancerippools permissions exists in the cilium helm chart for version 1.13.0
https://github.com/cilium/cilium/blob/v1.13.0/install/kubernetes/cilium/templates/cilium-agent/clusterrole.yaml#L71
The agent also needs permissions to read/watch secrets for bgp auth secrets when using CiliumBGPPeeringPolicy with a secret.
* Remove list/watch permissions for secrets
* Remove secrets from list/watch permissions
1 month ago
Erwan Miran
8c3b2851f6
feat(calico): add support for numAllowedLocalASNumbers on bgppeers per node definition ( #11570 )
1 month ago
M. Hamzah Khan
24e1765ae2
Added containernetworking-plugins to fcos bootstrap packages ( #11273 )
1 month ago
Andrea Zonca
d3113ad869
[doc] Add previously undocumented options in Terraform/Openstack ( #11477 )
These options are available in 6ba3656410/contrib/terraform/openstack/modules/compute/variables.tf (L204-L218)
but are currently undocumented in the README.md
1 month ago
Kubernetes Prow Robot
bbd90f7657
Merge pull request #11568 from VannTen/cleanup/dont_rely_on_kube_node_existing
Only require minimum structure in inventory, part II
1 month ago
DirkTheDaring
3281c47f98
[kubernetes] Add hashes for kubernetes 1.29.8, 1.29.9, 1.30.5 ( #11581 )
* [kubernetes] Add hashes for kubernetes 1.29.8, 1.29.9, 1.30.5
* Update checksums.yml
reintroduce --- for yaml
1 month ago
janosbabik
6352fee0fd
Update nerdctl version to 1.7.7 ( #11575 )
1 month ago
janosbabik
9f6db4012c
Update runc version to v1.1.14 and add checksums ( #11574 )
1 month ago
Kubernetes Prow Robot
6c112a9b41
Merge pull request #11567 from VannTen/cleanup/remove_node_static_token_generation
Remove generation of static tokens for cluster members
1 month ago
janosbabik
656ed796b9
[etcd] make etcd 3.5.16 default ( #11572 )
* [etcd] make etcd 3.5.16 default
* Update etcd binary checksums for version 3.5.16 and lower
1 month ago
Bakke
e355bef79b
fix: vsphere image repositories, tags and docs ( #11564 )
The old repository for these has been deleted, leaving the previous
configuration not possible to deploy, and even currently running clusters
fail after a restart as the DeameonSet has ImagePullPolicy: Always. More
details can be found here: kubernetes-sigs/vsphere-csi-driver#3053
As of writing, only CSI driver versions 3.1.2 to 3.3.1 is available in
this registry. This "officially" supports Kubernetes 1.26 to 1.30. Since
older drivers are not available, I have removed some feature-gating for
those unavailable versions while I was at it. For the cloud provider,
the `latest` image is now missing, and only 1.28.0 to 1.31.0 are
available. I've set the latest of these as the new default.
I also updated the documented default versions, as they were all out of
date and not aligned with actual code defaults.
1 month ago
Philip Sabri
15bb5b0789
[kubernetes] Support kubernetes 1.31.1 ( #11533 )
2 months ago
Max Gautier
fbcc8cc336
control-plane: refactor group membership test
Testing with group_names does not require the groups to exist.
2 months ago
Max Gautier
0679d9c8e9
metrics-server: proper defaults, cleaner deploy template
2 months ago
Max Gautier
dba00f2d85
metrics-server: Unconditional control-plane tolerations
There is no harm on having unneeded toleration when control-plane node
are not tainted, so simplify the template to always use the toleration.
2 months ago
Max Gautier
9f45552201
Cleanup redundancy
k8s_cluster = kube_control_plane + kube_node
2 months ago
Max Gautier
ee0d9c5428
remove-etcd-node: cleanups, correct change semantics
2 months ago
Max Gautier
2a52e5f08c
remove-etcd-node: refactor shell to ansible filters
Remove unnecessary error handling. If the node ip is not defined, is
does not change anything whether we fail early of late.
2 months ago
dependabot[bot]
ebdc599b05
Bump tox from 4.18.1 to 4.20.0 ( #11562 )
Bumps [tox](https://github.com/tox-dev/tox ) from 4.18.1 to 4.20.0.
- [Release notes](https://github.com/tox-dev/tox/releases )
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst )
- [Commits](https://github.com/tox-dev/tox/compare/4.18.1...4.20.0 )
---
updated-dependencies:
- dependency-name: tox
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2 months ago
Max Gautier
a2a2dfa419
k8s/control-plane: cleanup excessive defaulting
2 months ago
Max Gautier
baf0a331c9
Don't generate static tokens for nodes and control planes
Nodes to api-server relies by default certificates, and bootstrap
tokens, and there should be no need to generate tokens for every nodes,
even when enabling static token auth.
2 months ago
Baargav
1c0718bb7d
update containerd 1.7.22 ( #11554 )
2 months ago
Kubernetes Prow Robot
03a055c383
Merge pull request #10643 from VannTen/cleanup/k8s_node_templates
Refactor kubernetes/node templates
2 months ago
Kubernetes Prow Robot
e9d406ed08
Merge pull request #11559 from VannTen/cleanup/less_inventory_boilerplate
Only require minimum structure in inventory, compute the rest
2 months ago
dependabot[bot]
99c6a884a9
Bump ansible-lint from 24.9.0 to 24.9.2 ( #11563 )
Bumps [ansible-lint](https://github.com/ansible/ansible-lint ) from 24.9.0 to 24.9.2.
- [Release notes](https://github.com/ansible/ansible-lint/releases )
- [Commits](https://github.com/ansible/ansible-lint/compare/v24.9.0...v24.9.2 )
---
updated-dependencies:
- dependency-name: ansible-lint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2 months ago
Max Gautier
1818993a8a
CI: for upgrade testing, checkout old version before provisioning
Otherwise, modifying the test inventory + it's expected structure will
always fail.
2 months ago
Max Gautier
88b6f08e26
Documentation of k8s_cluster auto-defined
Also remove the group from the example inventory, since it should not be
needed anymore.
2 months ago
Max Gautier
7580e59bbf
Define k8s_cluster dynamically
This allows inventories to not define the k8s_cluster group manually.
2 months ago
Max Gautier
2ec1c93897
Test group membership with group_names
Testing for group membership with group names makes Kubespray more
tolerant towards the structure of the inventory.
Where 'inventory_hostname in groups["some_group"] would fail if
"some_group" is not defined, '"some_group" in group_names' would not.
2 months ago
dependabot[bot]
89ff0710e9
Bump ansible-lint from 24.7.0 to 24.9.0 ( #11541 )
Bumps [ansible-lint](https://github.com/ansible/ansible-lint ) from 24.7.0 to 24.9.0.
- [Release notes](https://github.com/ansible/ansible-lint/releases )
- [Commits](https://github.com/ansible/ansible-lint/compare/v24.7.0...v24.9.0 )
---
updated-dependencies:
- dependency-name: ansible-lint
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2 months ago
dependabot[bot]
1fa4bb733d
Bump ansible from 9.8.0 to 9.10.0 ( #11540 )
Bumps [ansible](https://github.com/ansible-community/ansible-build-data ) from 9.8.0 to 9.10.0.
- [Changelog](https://github.com/ansible-community/ansible-build-data/blob/main/docs/release-process.md )
- [Commits](https://github.com/ansible-community/ansible-build-data/compare/9.8.0...9.10.0 )
---
updated-dependencies:
- dependency-name: ansible
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2 months ago
Kubernetes Prow Robot
93ee1226eb
Merge pull request #11521 from VannTen/cleanup/deduplicate_kubeadm_control_plane
Use in inventory variables rather than patch files for kubeadm_patches
2 months ago
Leeon Fu
4323e5d039
Reset operation, disable service enabled and clean container's logs. ( #11501 )
2 months ago
Kubernetes Prow Robot
163697951c
Merge pull request #11527 from VannTen/feat/vagrant_multi_inv
Cleanup Vagrantfile and allow to use multiples inventories
2 months ago
Kubernetes Prow Robot
893e9cb177
Merge pull request #11471 from VannTen/feat/config_plugin_list
Update the list of admission plugins which needs config
2 months ago
Max Gautier
76c42b4d3f
CI: cleanup '-scale' tests infra ( #11535 )
There is actually no test using this since ad6fecefa8
,
so there is no reason to keep that infra in our tests scripts.
2 months ago
Max Gautier
b3b00775ea
Remove unused test infrastructure ( #11529 )
These two files haven't been touched since 2016 and don't appear to be
referenced anywhere else
2 months ago
Qasim Mehmood
e550118314
Allow setting annotations on ingress-nginx service ( #11544 )
2 months ago
Max Gautier
c3de25c782
Move the CRI endpoint setting to kubelet config ( #11550 )
The `--container-runtime-endpoint` kubelet argument is deprecated in
favor of the config file alternative.
2 months ago
dependabot[bot]
59dd713585
Bump molecule from 24.8.0 to 24.9.0 ( #11542 )
Bumps [molecule](https://github.com/ansible-community/molecule ) from 24.8.0 to 24.9.0.
- [Release notes](https://github.com/ansible-community/molecule/releases )
- [Commits](https://github.com/ansible-community/molecule/compare/v24.8.0...v24.9.0 )
---
updated-dependencies:
- dependency-name: molecule
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2 months ago
Kay Yan
e5d2452828
fix elastx cleanup security groups ( #11411 )
2 months ago
ChengHao Yang
8cb081a3d0
Fix: download hash crictl link ( #11534 )
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
2 months ago
Max Gautier
4bf2d7a2c2
Rework vagrant documentation
- Use proper syntax highlighting for config.rb examples
- Consistent shell style ($ as prompt)
- Use only one way to do things
- Remove OS specific details
2 months ago
Max Gautier
1e769b7260
Rework vagrant inventory handling + support for multiples inventories
The current way to handle a custom inventory in vagrant is a bit
hackish, copy files around and can break Vagrantfile parsing in
cornercase scenarios (removing vagrant inventories, or the inventory
copied into vagrant inventory).
Instead, simply pass additional inventories to the ansible-playbook
command lines as raw arguments with `-i`.
This also makes supporting multiples inventories trivial, so we add a
new `$inventories` variable for that purpose.
2 months ago
Max Gautier
8d8d063de4
Remove useless file ( #11526 )
This was somehow copied from vagrant docs, not sure why it's there...
2 months ago
Kevin Huang
c601c8faf2
fix: Swap kubespray-defaults & boostrap-os ( #11441 )
- Execute boostrap-os before so that Python is installed for kubespray-defaults
- Remove outdated kubespray-defaults dependency on boostrap-os
2 months ago