Wang Zhen
d62836f2ab
Replace seccomp profile docker/default with runtime/default ( #6170 )
Signed-off-by: Wang Zhen <lazybetrayer@gmail.com>
4 years ago
Florian Ruynat
b6243bfc1c
Fix ImagePullPolicy missing variable usage ( #6091 )
4 years ago
Florian Ruynat
965fe1db94
Update cni spec to 0.4.0 for network plugin allowing it ( #6053 )
4 years ago
Florian Ruynat
f6be326feb
Update kube-ovn to 1.1.1 ( #6060 )
4 years ago
Florian Ruynat
7d497e46c5
Update calico to 3.13.3 ( #6061 )
4 years ago
Florian Ruynat
361645e8b6
Fix multus missing cni and erroneous CI tests ( #6051 )
4 years ago
Florian Ruynat
3ff6a2e7ff
Update default (erroneous) backend value for calico ( #6031 )
4 years ago
Florian Ruynat
1ee3ff738e
Add option to enable usage reports to calico servers ( #6030 )
4 years ago
Qasim Sarfraz
52edd4c9bc
Fix liveness probe for cilium operator ( #6016 )
4 years ago
Pasquale Toscano
3d5988577a
Support Cilium from version 1.5 ( #6006 )
4 years ago
Florian Ruynat
299e35ebe4
Cleanup unused/erroneous variables ( #6003 )
4 years ago
Florian Ruynat
ca45d5ffbe
Fix retries keyword missing until instruction ( #5989 )
4 years ago
Sergey
6e29a47784
generate flannel manifest only on first master ( #5983 )
4 years ago
Sergey
baff4e61cf
remove image flannel cni ( #5980 )
4 years ago
Florian Ruynat
83fe607f62
Cleanup deprecated labels beta.kubernetes.io/arch and beta.kubernetes.io/os ( #5964 )
4 years ago
Maxime Guyot
0924c2510c
Use role to copy CNI bin ( #5953 )
4 years ago
Ryler Hockenbury
b061cce913
Allow configureable vni and port for flannel overlay ( #5939 )
4 years ago
Florian Ruynat
c929b5e82e
Upgrade kube-ovn to v1.1.0 and move test from centos7 to centos8 ( #5852 )
4 years ago
Florian Ruynat
58f48500b1
Update Flannel manifests, install script and version (0.12) + fix tests scripts ( #5937 )
* Add CI_TEST_VARS to tests
* Update flannel to 0.12.0 (with new manifests) and disable tx/rx
offloading in networking test
4 years ago
Florian Ruynat
b5125e59ab
update rbac.authorization.k8s.io to non deprecated api-groups ( #5517 )
4 years ago
Chris
883194afec
Fix Cilium permissions ( #5923 )
* added required permissions for querying endpointslice resources
* copy-pasted role permissions from cilium install manifests
* bumped cilium version to v1.7.2
4 years ago
Alexander Kross
0d675cdd1a
Update Calico to v3.13.2, Multus to v3.4.1. Add ConfigMap get permission to allow calico-node access to kubeadm config. ( #5912 )
4 years ago
Anshul Sharma
79a6b72a13
Removed deprecated label kubernetes.io/cluster-service ( #5372 )
4 years ago
Petr Enkov
474fbf09c4
fix wrong cilium_operator repo variable ( #5819 )
4 years ago
Petr Enkov
bc2eeb0560
use variables for cilium-operator instead of hardcoded value ( #5802 )
4 years ago
Mateus Caruccio
81f07c3783
Disable IPv6 support for canal's calico-node ( #5684 )
This implements the same behavior as a15a0b5eb9/roles/network_plugin/calico/templates/calico-node.yml.j2
More info: https://github.com/projectcalico/felix/issues/1447
4 years ago
bozzo
3cefd60c37
Add OWNERS file for kube-router ( #5782 )
I propose also my help as a reviewer
4 years ago
bozzo
974902af31
Update Kube-router version to v0.4.0 ( #5756 )
4 years ago
hfinucane
158d998ec4
Support configuring the Calico iptables insert mode ( #5473 )
* Support configuring the insert mode
Defaults to the upstream default https://docs.projectcalico.org/v3.9/reference/felix/configuration
so nothing should change for existing deployments.
This allows coexistence with other firewall management technologies.
* Add a note to the sample config
4 years ago
Christopher Randles
71c856878c
update multus to 3.4 and add crio support ( #5701 )
Signed-off-by: Chris Randles <randles.chris@gmail.com>
4 years ago
Sergey
e60b9f796e
add calico VXLAN mode, update docs and vars in sample inventory ( #5731 )
* calico VXLAN mode
* check vars if calico backend defined
4 years ago
Fredrik Lönnegren
e257d92f41
Cilium updates ( #5438 )
* Add resources needed to deploy 1.6.4
* Use cilium v1.6.4
* Change deprecated option name
* Add update crd to clusterrole cilium
* Cilium 1.6.4 -> 1.6.5
* Make monitor-aggregation config configurable as a variable
* Change monitor-aggregation default none->medium
* Cilium 1.6.5 -> 1.6.6
* Update to 1.7.0
* v1.7.0->v1.7.1
4 years ago
Arthur Outhenin-Chalandre
588896712e
Fix kube-router config generation ( #5531 )
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
4 years ago
Chad Swenson
a15a0b5eb9
Make calico iptables lock timeout configurable ( #5658 )
Adds `calico_iptables_lock_timeout_secs` variable to calico DS yaml.
4 years ago
Sylvain Chateau
0ca7aa126b
added "Flatcar", "Flatcar Container Linux by Kinvolk" for all coreOS role ( #5607 )
4 years ago
lcooper40
579976260f
Added in code to allow control over pull policy for local path provis… ( #5334 )
* Added in code to allow control over pull policy for local path provisioner
* change to imagePullPolicy to use globally used variable k8s_image_pull_policy
* removed unusued variable from defaults
* updated contiv-etcd and cinder-csi-controllerplugin to use k8s_image_pull_policy variable
4 years ago
Matthew Mosesohn
b35b816287
Raise typha max connections to 300 ( #5527 )
Raises limit from 100 to 300 because the default is far too low
and the pod can handle 300 with the given resources.
Change-Id: Ib1eec10da3d09d198933fcfe87291587e58d7cdb
4 years ago
Etienne Champetier
2c2ffa846c
Calico: update to 3.11.1, allow to configure calico_iptables_backend ( #5514 )
I've tested this update by deploying a containerd / etcd cluster on top CentOS7,
MetalLB + NGINX Ingress. Upgrade using upgrade-cluster.yml
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
4 years ago
bozzo
c0b262a22a
Add kube-router configuration to enable metrics exposure ( #5416 )
4 years ago
Maxime Guyot
b15d41a96a
Add support to Ansible 2.9 ( #5361 )
4 years ago
Matthew Mosesohn
7da2083986
Add toleration for calico-typha on master ( #5405 )
Change-Id: Iea9a366cf6ccc4d491bfc49c5d2dba6d98f81b69
4 years ago
Aaron Crickenberger
f1498d4b53
fix OWNERS file ( #5359 )
Initially this was to fix a mis-indented approvers key. However, it turns
out that 'oilbeater' is not a member of kubernetes-sigs nor
kubernetes-incubator (the org this repo was migrated from). Thus this
OWNERS file is failing prow's validation check.
As a workaround I've opted to move them to emeritus_approver, which
isn't valiated and can be used as a hint for other approvers in this
repo
5 years ago
Jacopo Secchiero
97764921ed
Fix calico name resolution ( #5291 )
5 years ago
Quentin Gliech
8a406be48a
Fix indentation in cilium-ds.yml template ( #5305 )
5 years ago
Junho Suh
076f254a67
Add cilium_tunnel_mode variable to the cilium config ( #5295 )
5 years ago
Matthew Mosesohn
2c4e6b65d7
Raise delay and retry for rotate tokens ( #5304 )
Change-Id: I87844b43b9a18064e7a99567ce57c1ca1ffcc4a8
5 years ago
Matthew Mosesohn
94d4ce5a6f
Retry cleaning up calico-node container ( #5302 )
Change-Id: Iad27b107860213759c7ae51f0891d7e5e7c6d96b
5 years ago
Matthew Mosesohn
a1fff30bd9
Generate TLS certs for calico typha ( #5258 )
* Generate TLS certs for calico typha
Change-Id: I3883f49c124c52d0fc5b900ca2b44e4e2ed0d707
* Add group vars note
Change-Id: I63550dfef616e884efdbd42010a90b2c04c5eb69
5 years ago
Sergey
81d57fe658
set calico_datastore default value in role kubespray-default ( #5259 )
5 years ago
Hugo Blom
9dfb25cafd
fix typo ( #5275 )
5 years ago