1f9020f0b4
Fix: if cilium release exist, the action will set upgrade
`cilium install` is equivalent to `helm install`, it will failed if
cilium relase exist. `cilium version` can know the release exist without
helm binary
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
4 months ago
7bb9552e94
Fix: add cilium remove old resources option
Give users two options: besides skip Cilium, add
`cilium_remove_old_resources`, default is `false`, when set to `true`,
it will remove the content of the old version, but it will cause the
downtime, need to be careful to use.
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
4 months ago
d1bd610049
Fix indentation issue in Cilium values file and ensure booleans are lowercase ( #12280 )
This patch fixes the indentation in the `encryption` section.
Previously configuration like this:
```yml
cilium_encryption_enabled: true
cilium_encryption_type: wireguard
```
Would template to a `values.yaml` file with indentation that looks like this:
```yml
encryption:
enabled: True
type: wireguard
nodeEncryption: False
```
instead of this:
```yml
encryption:
enabled: true
type: wireguard
nodeEncryption: false
```
This syntax issue causes an error during Cilium installation.
This patch also makes all boolean values in this template file go through the `to_json` filter.
Since values like `True` and `False` are not compliant with the YAML v1.2 spec,
avoiding them is preferable.
`to_json` may be used for all other values in this template to ensure we end up with
a valid YAML document in all cases (even when various strings include special characters),
but this was left for another (future) patch.
4 months ago
5243b33bd7
Cleanup support for removed OS in bootstrap
- centos < 8
- debian 10
4 months ago
d5b2a9b5ba
opensuse: move package installation to system_packages
No reason to special case
4 months ago
2152022926
debian-based distro: handle apt update cache when installing packages
The package module pass options to the underlying packages manager
module if they support it. No need to handle it in bootstrap.
4 months ago
f13b80cac0
ClearLinux: remove special casing
- put package install in system_packages
- docker should be handled by the approriate roles if used as container
engine
4 months ago
a87b86c6d3
Make main_ip cacheable in facts ( #12243 )
4 months ago
d287420e8e
Merge pull request #11868 from tico88612/test/flatcar-4081
Add Flatcar 4081 CI test
4 months ago
85b0be144a
Fix: check expiry before do breaking renew and container restart actions ( #12194 )
* Fix: check expiraty before renew
Since certificate renewal and container restarts involve higher risks,
they should be executed with extra caution.
* squash to Fix: check expiraty before renew
* squash to Fix: address more comments from VannTen
Signed-off-by: Peter Pan <Peter.Pan@daocloud.io>
---------
Signed-off-by: Peter Pan <Peter.Pan@daocloud.io>
4 months ago
6f7822d25c
[flannel] upgrade to 0.26.7 ( #12260 )
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
4 months ago
b1fc870750
Add tico88612 as approver ( #12281 )
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
4 months ago
d0e9088976
build(deps): bump cryptography from 45.0.2 to 45.0.3 ( #12259 )
Bumps [cryptography](https://github.com/pyca/cryptography ) from 45.0.2 to 45.0.3.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/45.0.2...45.0.3 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-version: 45.0.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 months ago
ce26f17e9e
fix unquoted san cert causing issues with ips ( #12256 )
4 months ago
a9f600ffa2
Import centos bootstrap os task for Alma/Rocky Linux ( #12264 )
4 months ago
3454cd2c69
feat: Support certificate validity period config in kubeadm v1beta4 ( #12272 )
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
4 months ago
0d5e18053e
Test: remove `bin_dir` from other tasks move to common_vars.yml
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
4 months ago
2fbbf2e1e4
CI/kubevirt: Configure ignition provisioning
Flatcar does not support cloud-init
4 months ago
3597b8d7fe
Kubevirt: use Ignition cloud config
5 months ago
68d8f14f0d
Update CI.md document
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
9 months ago
32675695d7
Add flatcar 4081 CI packet test
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
9 months ago
c7c3d2ba95
Merge pull request #12163 from VannTen/cleanup/etcd_inv_sample
Move etcd inventory sample doc to role defaults
4 months ago
c89c34f4d6
Update load balancers versions to Nginx 1.28.0, Haproxy 3.1.7 ( #12178 )
4 months ago
92e8ac9de2
Remove tag 'master' ( #12228 )
* Remove tag master
Following it's deprecation in 4b324cb0f#11394 ), 2024-09-06)
* Add fail fast path when using removed tags
- Used for the master tag, but this could be used for other things in
the future
4 months ago
73b3e9b557
Removed weave support ( #12230 )
4 months ago
b79f7d79f0
docs: remove obsolete cgroups variables ( #12239 )
Those variables are removed since 1bc61c9f3
4 months ago
490dece3bf
Cleanup assert after 2.28 ( #12245 )
Users should have used 2.28 and adapted their inventories now.
4 months ago
c1e3f3120c
CI: Use ubuntu-2204 for crio test
4 months ago
16c05338d9
Update cri-o to 1.33.0 for kubernetes 1.33
Use ubuntu 22.04 for molecule test of cri-o,
because crun included in the cri-o does not work on
ubuntu 20.04.
5 months ago
8ad1253b4f
[kubernetes] Support kubernetes 1.33.1
- Add checksum entries.
- Set min required version to Kubernetes 1.31.x
- Update supported versions
- Refactor coredns_version
4 months ago
cee065920f
fix: The 'AppArmor' feature gate is removed from kubernetes 1.33
Signed-off-by: Takuya Murakami <murakami_da@nec.com>
4 months ago
871941f663
Chore: upgrade galaxy.yml version ( #12241 )
* Chore: upgrade galaxy.yml version
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
* Docs: upgrade version to v2.28.0
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
---------
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
4 months ago
63cdf87915
Removed equinix provider ( #12229 )
4 months ago
175babc4df
Move some approvers to emeritus ( #12156 )
Thanks for you work !
4 months ago
6c5c45b328
Allow stopping ubuntu unattended-upgrades ( #12174 )
Signed-off-by: Ekko Tu <lihai.tu@daocloud.io>
4 months ago
019cf2ab42
Merge pull request #12101 from tico88612/refactor/cilium-install
Refactor Cilium CNI installation
4 months ago
571e747689
build(deps): bump cryptography from 44.0.3 to 45.0.2 ( #12235 )
Bumps [cryptography](https://github.com/pyca/cryptography ) from 44.0.3 to 45.0.2.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/44.0.3...45.0.2 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-version: 45.0.2
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 months ago
1266527014
Add cilium cli binary hash before 0.18.3
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
4 months ago
5e2e63ebe3
Make cilium dnsProxy transparent mode configure
When Cilium is configured to replace kube-proxy, it automatically
enables dnsProxy, which can conflict with nodelocaldns.
4 months ago
db290ca686
Add cilium gateway api support
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
4 months ago
6619d98682
Add cilium hubble export dynamic content
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
4 months ago
b771d73fe0
Add cilium hubble export file max backups & size mb
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
4 months ago
65751e8193
Add cilium operator tolerations default values
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
4 months ago
4c16fc155f
Cilium values k8sServiceHost and k8sServicePort use auto
Signed-off-by: ChengHao Yang
<17496418+tico88612@users.noreply.github.com>
5 months ago
dcd3461bce
Cilium values use image variables
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
5 months ago
48f75c2c2b
Upgrade Cilium related images
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
5 months ago
a4b73c09a7
Upgrade cilium version to 1.17.3
Signed-off-by: ChengHao Yang
<17496418+tico88612@users.noreply.github.com>
6 months ago
af62570110
Change cilium_kube_proxy_replacement to true for CI tests
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
6 months ago
bebba47eb4
Change kube_owner to root for cilium CI test
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
6 months ago
86437730de
Use cilium-cli install Cilium
Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
6 months ago
ChengHao Yang
Slavi Pantaleev
Max Gautier
Shuu
Kubernetes Prow Robot
Peter Pan
dependabot[bot]
Imran Ahmed
Christos Papageorgiou
ERIK
ant31
Ali Afsharzadeh
Anshuman Agarwala
Takuya Murakami
Ekko