63cdf87915
Removed equinix provider ( #12229 )
4 months ago
175babc4df
Move some approvers to emeritus ( #12156 )
Thanks for you work !
4 months ago
6c5c45b328
Allow stopping ubuntu unattended-upgrades ( #12174 )
Signed-off-by: Ekko Tu <lihai.tu@daocloud.io>
4 months ago
019cf2ab42
Merge pull request #12101 from tico88612/refactor/cilium-install
Refactor Cilium CNI installation
4 months ago
571e747689
build(deps): bump cryptography from 44.0.3 to 45.0.2 ( #12235 )
Bumps [cryptography](https://github.com/pyca/cryptography ) from 44.0.3 to 45.0.2.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/44.0.3...45.0.2 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-version: 45.0.2
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 months ago
1266527014
Add cilium cli binary hash before 0.18.3
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
4 months ago
5e2e63ebe3
Make cilium dnsProxy transparent mode configure
When Cilium is configured to replace kube-proxy, it automatically
enables dnsProxy, which can conflict with nodelocaldns.
4 months ago
db290ca686
Add cilium gateway api support
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
4 months ago
6619d98682
Add cilium hubble export dynamic content
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
4 months ago
b771d73fe0
Add cilium hubble export file max backups & size mb
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
4 months ago
65751e8193
Add cilium operator tolerations default values
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
4 months ago
4c16fc155f
Cilium values k8sServiceHost and k8sServicePort use auto
Signed-off-by: ChengHao Yang
<17496418+tico88612@users.noreply.github.com>
5 months ago
dcd3461bce
Cilium values use image variables
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
5 months ago
48f75c2c2b
Upgrade Cilium related images
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
5 months ago
a4b73c09a7
Upgrade cilium version to 1.17.3
Signed-off-by: ChengHao Yang
<17496418+tico88612@users.noreply.github.com>
6 months ago
af62570110
Change cilium_kube_proxy_replacement to true for CI tests
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
6 months ago
bebba47eb4
Change kube_owner to root for cilium CI test
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
6 months ago
86437730de
Use cilium-cli install Cilium
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
6 months ago
6fe64323db
Remove old cilium templates install
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
6 months ago
1e471d5eeb
Upgrade outdated cilium_min_version_required
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
6 months ago
3a2862ea19
Move checksums to kubespray_defaults/vars ( #12234 )
The checksums are not a defaults and are not meant to be changed from
the inventories.
Furthermore, role defaults have a lower priority that hosts facts, which
technically means a rogue hosts could hijack the hashes for its
variables.
4 months ago
8a4f4d13f7
fix manage-offline-container-images.sh create_registry ( #11964 )
4 months ago
46a0dc9a51
Add support for hubble-export-file-max-backups and max-size-mb variables ( #12072 )
* feat(cilium): add configurable Hubble export log rotation parameters
- Adds support for `cilium_hubble_export_file_max_backups` and `cilium_hubble_export_file_max_size_mb`
- Applies values only if `cilium_hubble_export_file_path` is defined
- Default values are set in role defaults
- Cleans up template logic by removing unnecessary conditionals
* Fix indentation for hubble export settings
* Fix undefined variable issue with ipwrap in kubeconfig override that caused pre-commit errors
* Update main.yml
rollback
4 months ago
faae36086c
Patch versions updates ( #12226 )
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
4 months ago
9c2bdeec63
Decouple etcd defaults in a separate role
This allows us to reuse the defaults in other places without putting
everything in kubespray-defaults.
In that, for kubernetes/control-plane.
4 months ago
e4c0c427a3
improve NTP package conflict handling ( #12212 )
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
4 months ago
bca5a4ce3b
CI: remove ci-not-authorized job ( #12225 )
This is now handled directly at the failfast-ci level (== integration
Github <-> Gitlab).
The whole pipeline will not be triggered unless:
- The author is a maintainer
- The PR has the /ok-to-test label
4 months ago
5c07c6e6d3
Add option to [not] install coredns via Kubespray ( #12218 )
4 months ago
c6dfe22a41
Improve logging of kubeadm init failure of first control plane node ( #12216 )
Split retry task of 'kubeadm init' to show the failure log of
the first execution.
4 months ago
ec85b7e2c9
download: respect enable_dns_autoscaler when enabling dnsautoscaler ( #12217 )
dnsautoscaler should only be enabled when enable_dns_autoscaler is
set to true. without this, it could be enabled without any manifest
actually using it, which makes it a false signal.
Signed-off-by: Seena Fallah <seenafallah@gmail.com>
4 months ago
acd6872c80
Merge pull request #12219 from VannTen/test/ha_etcd_separate
Fix broken workaround for separate etcd setup
4 months ago
22d3cf9c2b
Move 'pretend certificates' **after** cert distribution
The link target will only exist after we distribute the certs on each node.
4 months ago
2d3bd8686f
Add testcase separate ha-etcd
Also use a distinct node to test certificate distribution.
4 months ago
2c3b6c9199
feat: add trigger to restart kube-apiserver when config files change ( #12172 )
* feat: add trigger to restart kube-apiserver when config files change
* fix: remove not upgrade_cluster_setup condition
* refactor: streamline kube-apiserver restart notifications
4 months ago
a55932e1de
Patch versions updates ( #12204 )
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
4 months ago
973bd2e520
Stop cleaning up containerd packages ( #12213 )
The switch to not use system packages for containerd packages happened
multiples releases ago ; there should not be any up-to-date installation
of kubespray needing that cleanup.
Remove those steps and variables only used by them.
4 months ago
ea7331f5fc
Merge pull request #12211 from VannTen/cleanup/rename_remove_node
rename-without-hypens: remove-node/pre-remove
4 months ago
df241800ce
Merge pull request #12203 from VannTen/cleanup/rename_bootstrap_os
Rename bootstrap-os to bootstrap_os
4 months ago
8cc5694580
calico: update calico-kube-controller manifest ( #12169 )
4 months ago
1d15baf405
Add compat and deprecation warning for boostrap-os
4 months ago
47508d5c6e
Rename bootstrap-os to bootstrap_os
Role names in ansible collections should not have hyphens.
4 months ago
2a1ae14275
Compat layer remove-node/pre-remove
4 months ago
e361def9cd
Rename remove-node/pre-remove (no hypens for role in collection)
4 months ago
fa6888df4c
kubernetes_audit: Remove redundant defaults filter ( #12208 )
4 months ago
373b952a0c
Cleanup CI scripts ( #12205 )
* Delete unused scripts
- gen_tags.sh: not the right file, produce garbage even if path is fixed
- premoderator.sh: not used since ef6d24a49#11251 ), 2024-05-31)
- gitlab-branch-cleanup: unused AFAICT
* CI: inline molecule logs
Single use site -> less indirection makes it easier to read.
4 months ago
9bbd597e20
create cilium_operator_tolerations variable in group_var ( #12200 )
- This enables ithe override of the tolerations for the cilium-operator deployment
- default behaviour is to leave the toleration as is unless the var is set
4 months ago
fceb1516b8
Update: add Cilium LB IP Pool configuration to support ranges ( #12140 )
4 months ago
43e19ab281
Merge pull request #12202 from VannTen/cleanup/rename_kubespray_defaults
Rename kubespray-defaults to kubespray_defaults
4 months ago
4052cd5237
Add compat and deprecation warning for kubespray-defaults
4 months ago
e1be469995
fix: do not mount hubble-ui tls volume when cilium_hubble_tls_generate is false ( #12143 )
4 months ago
Anshuman Agarwala
Max Gautier
Ekko
Kubernetes Prow Robot
dependabot[bot]
ChengHao Yang
Jay.H
ErmolenkoMaxim
ERIK
Antoine Legrand
Takuya Murakami
Seena Fallah
Hyeonki Hong
Cyclinder
felipe88alves
Cheolhui Kim
Kim Hyunyoung, Abel