07e551ab77
pre-commit: auto-update all hooks
1 month ago
a7ace2e55b
ansible-lint: Adjust pre-commit hooks dependencies
Dropping the ansible dependencies for ansible-lint will allow us to
catch missing dependencies collections in galaxy.yml. For collections
needed for contrib/ or tests/ (i.e: not part of core kubespray
dependencies), we can just configure ansible-lint to mock them.
This mean it won't check the mocked module parameters, but for those
area of the code base it's an acceptable trade-off.
1 month ago
8aa4c9ac0c
Cleanup: Fedora 37/38 CI tests & docs ( #11600 )
* Feat: update the remaining Fedora 37 vagrant CI
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
* Cleanup: remove EOL Fedora 37/38 CI tests
Signed-off-by: ChengHao Yang
<17496418+tico88612@users.noreply.github.com>
* Docs: remove EOL Fedora 37/38
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
---------
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
1 month ago
fb92206918
Bump tox from 4.20.0 to 4.21.2 ( #11602 )
Bumps [tox](https://github.com/tox-dev/tox ) from 4.20.0 to 4.21.2.
- [Release notes](https://github.com/tox-dev/tox/releases )
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst )
- [Commits](https://github.com/tox-dev/tox/compare/4.20.0...4.21.2 )
---
updated-dependencies:
- dependency-name: tox
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 month ago
6b3eaf8312
Use correct secret name for csi-upcloud pull secret ( #11597 )
1 month ago
ddd92c998c
Merge pull request #11507 from VannTen/cleanup/shell_etcd_reset
Refactor remove-etcd-node
1 month ago
80b2765f20
Fix dynamic groups definition when using --limit ( #11577 )
Using the hosts directive at the play level prevent those tasks from
being run when using --limit and the group in question is not part of
the limit (ex: running scale.yml on new worker nodes only)
Instead, run on all hosts, and for each group, partition between that
group and '_' (generic group name which is not used; using an empty
string as the group is not supported by ansible.builtin.group_by)
Reported-by: asteppat <asteppat@cisco.com>
1 month ago
bb4f1b1168
update cilium to 1.15.9 ( #11593 )
1 month ago
583583942c
Fix Flatcar bug #11268 missing default value for ansible_interpreter_python_fallback variable ( #11270 )
1 month ago
b0563c20b0
Feat: support Fedora 39/40 ( #11573 )
* Add Fedora 39/40 to Vagrantfile
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
* Add CI tests for Fedora 39/40
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
* Update CI tests documentation
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
* Update support OS version in README.md
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
---------
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
1 month ago
6b499186b0
add cilium hubble-ui enable flag ( #10939 )
1 month ago
1ccf0df540
Bump tzdata from 2024.1 to 2024.2 ( #11590 )
Bumps [tzdata](https://github.com/python/tzdata ) from 2024.1 to 2024.2.
- [Release notes](https://github.com/python/tzdata/releases )
- [Changelog](https://github.com/python/tzdata/blob/master/NEWS.md )
- [Commits](https://github.com/python/tzdata/compare/2024.1...2024.2 )
---
updated-dependencies:
- dependency-name: tzdata
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 month ago
d59a5bf431
update containerd_max_container_log_line_size default value ( #11585 )
Signed-off-by: KubeKyrie <shaolong.qin@daocloud.io>
1 month ago
fcbcf3c03b
cri-o Switch to libexecdir ( #11584 )
Signed-off-by: Kay Yan <kay.yan@daocloud.io>
1 month ago
0eeac591ad
variables cilium_enable_host_firewall and cilium_policy_audit_mode for configmap/cilium-config ( #11230 )
capitalise values for Host Firewall and Policy Audit Mode
fix missing quotes
1 month ago
fabf17a10c
Add Fedora 39/40 images in test-infra ( #11578 )
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
1 month ago
860c15cec1
Update cluster-role for cilium to prevent errors in agent startup ( #11466 )
* Update cluster-role for cilium to prevent errors in agent startup
ciliumloadbalancerippools permissions exists in the cilium helm chart for version 1.13.0
https://github.com/cilium/cilium/blob/v1.13.0/install/kubernetes/cilium/templates/cilium-agent/clusterrole.yaml#L71
The agent also needs permissions to read/watch secrets for bgp auth secrets when using CiliumBGPPeeringPolicy with a secret.
* Remove list/watch permissions for secrets
* Remove secrets from list/watch permissions
1 month ago
8c3b2851f6
feat(calico): add support for numAllowedLocalASNumbers on bgppeers per node definition ( #11570 )
1 month ago
24e1765ae2
Added containernetworking-plugins to fcos bootstrap packages ( #11273 )
1 month ago
d3113ad869
[doc] Add previously undocumented options in Terraform/Openstack ( #11477 )
These options are available in 6ba3656410/contrib/terraform/openstack/modules/compute/variables.tf (L204-L218)
1 month ago
bbd90f7657
Merge pull request #11568 from VannTen/cleanup/dont_rely_on_kube_node_existing
Only require minimum structure in inventory, part II
1 month ago
3281c47f98
[kubernetes] Add hashes for kubernetes 1.29.8, 1.29.9, 1.30.5 ( #11581 )
* [kubernetes] Add hashes for kubernetes 1.29.8, 1.29.9, 1.30.5
* Update checksums.yml
reintroduce --- for yaml
1 month ago
6352fee0fd
Update nerdctl version to 1.7.7 ( #11575 )
1 month ago
9f6db4012c
Update runc version to v1.1.14 and add checksums ( #11574 )
1 month ago
6c112a9b41
Merge pull request #11567 from VannTen/cleanup/remove_node_static_token_generation
Remove generation of static tokens for cluster members
1 month ago
656ed796b9
[etcd] make etcd 3.5.16 default ( #11572 )
* [etcd] make etcd 3.5.16 default
* Update etcd binary checksums for version 3.5.16 and lower
1 month ago
e355bef79b
fix: vsphere image repositories, tags and docs ( #11564 )
The old repository for these has been deleted, leaving the previous
configuration not possible to deploy, and even currently running clusters
fail after a restart as the DeameonSet has ImagePullPolicy: Always. More
details can be found here: kubernetes-sigs/vsphere-csi-driver#3053
As of writing, only CSI driver versions 3.1.2 to 3.3.1 is available in
this registry. This "officially" supports Kubernetes 1.26 to 1.30. Since
older drivers are not available, I have removed some feature-gating for
those unavailable versions while I was at it. For the cloud provider,
the `latest` image is now missing, and only 1.28.0 to 1.31.0 are
available. I've set the latest of these as the new default.
I also updated the documented default versions, as they were all out of
date and not aligned with actual code defaults.
1 month ago
15bb5b0789
[kubernetes] Support kubernetes 1.31.1 ( #11533 )
1 month ago
fbcc8cc336
control-plane: refactor group membership test
Testing with group_names does not require the groups to exist.
1 month ago
0679d9c8e9
metrics-server: proper defaults, cleaner deploy template
1 month ago
dba00f2d85
metrics-server: Unconditional control-plane tolerations
There is no harm on having unneeded toleration when control-plane node
are not tainted, so simplify the template to always use the toleration.
1 month ago
9f45552201
Cleanup redundancy
k8s_cluster = kube_control_plane + kube_node
1 month ago
ee0d9c5428
remove-etcd-node: cleanups, correct change semantics
2 months ago
2a52e5f08c
remove-etcd-node: refactor shell to ansible filters
Remove unnecessary error handling. If the node ip is not defined, is
does not change anything whether we fail early of late.
2 months ago
ebdc599b05
Bump tox from 4.18.1 to 4.20.0 ( #11562 )
Bumps [tox](https://github.com/tox-dev/tox ) from 4.18.1 to 4.20.0.
- [Release notes](https://github.com/tox-dev/tox/releases )
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst )
- [Commits](https://github.com/tox-dev/tox/compare/4.18.1...4.20.0 )
---
updated-dependencies:
- dependency-name: tox
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 month ago
a2a2dfa419
k8s/control-plane: cleanup excessive defaulting
1 month ago
baf0a331c9
Don't generate static tokens for nodes and control planes
Nodes to api-server relies by default certificates, and bootstrap
tokens, and there should be no need to generate tokens for every nodes,
even when enabling static token auth.
1 month ago
1c0718bb7d
update containerd 1.7.22 ( #11554 )
1 month ago
03a055c383
Merge pull request #10643 from VannTen/cleanup/k8s_node_templates
Refactor kubernetes/node templates
1 month ago
e9d406ed08
Merge pull request #11559 from VannTen/cleanup/less_inventory_boilerplate
Only require minimum structure in inventory, compute the rest
1 month ago
99c6a884a9
Bump ansible-lint from 24.9.0 to 24.9.2 ( #11563 )
Bumps [ansible-lint](https://github.com/ansible/ansible-lint ) from 24.9.0 to 24.9.2.
- [Release notes](https://github.com/ansible/ansible-lint/releases )
- [Commits](https://github.com/ansible/ansible-lint/compare/v24.9.0...v24.9.2 )
---
updated-dependencies:
- dependency-name: ansible-lint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 month ago
1818993a8a
CI: for upgrade testing, checkout old version before provisioning
Otherwise, modifying the test inventory + it's expected structure will
always fail.
1 month ago
88b6f08e26
Documentation of k8s_cluster auto-defined
Also remove the group from the example inventory, since it should not be
needed anymore.
1 month ago
7580e59bbf
Define k8s_cluster dynamically
This allows inventories to not define the k8s_cluster group manually.
1 month ago
2ec1c93897
Test group membership with group_names
Testing for group membership with group names makes Kubespray more
tolerant towards the structure of the inventory.
Where 'inventory_hostname in groups["some_group"] would fail if
"some_group" is not defined, '"some_group" in group_names' would not.
1 month ago
89ff0710e9
Bump ansible-lint from 24.7.0 to 24.9.0 ( #11541 )
Bumps [ansible-lint](https://github.com/ansible/ansible-lint ) from 24.7.0 to 24.9.0.
- [Release notes](https://github.com/ansible/ansible-lint/releases )
- [Commits](https://github.com/ansible/ansible-lint/compare/v24.7.0...v24.9.0 )
---
updated-dependencies:
- dependency-name: ansible-lint
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 month ago
1fa4bb733d
Bump ansible from 9.8.0 to 9.10.0 ( #11540 )
Bumps [ansible](https://github.com/ansible-community/ansible-build-data ) from 9.8.0 to 9.10.0.
- [Changelog](https://github.com/ansible-community/ansible-build-data/blob/main/docs/release-process.md )
- [Commits](https://github.com/ansible-community/ansible-build-data/compare/9.8.0...9.10.0 )
---
updated-dependencies:
- dependency-name: ansible
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 month ago
93ee1226eb
Merge pull request #11521 from VannTen/cleanup/deduplicate_kubeadm_control_plane
Use in inventory variables rather than patch files for kubeadm_patches
1 month ago
4323e5d039
Reset operation, disable service enabled and clean container's logs. ( #11501 )
2 months ago
163697951c
Merge pull request #11527 from VannTen/feat/vagrant_multi_inv
Cleanup Vagrantfile and allow to use multiples inventories
2 months ago
Max Gautier
ChengHao Yang
dependabot[bot]
Kubernetes Prow Robot
Baargav
Olivier Boudry
peterw
kyrie
Kay Yan
Serge Hartmann
Erwan Miran
M. Hamzah Khan
Andrea Zonca
DirkTheDaring
janosbabik
Bakke
Philip Sabri
Leeon Fu