Tree: 6cb027dfab

ant31-patch-1

component_hash_update/master

floryut-patch-1

lean/pre-commit-hook-2

master

master-patch-updates

packet-test

pre-commit-hook

reduce-vm-requests

release-2.10

release-2.11

release-2.12

release-2.13

release-2.14

release-2.15

release-2.16

release-2.17

release-2.18

release-2.19

release-2.20

release-2.21

release-2.22

release-2.23

release-2.24

release-2.25

release-2.26

release-2.27

release-2.7

release-2.8

release-2.9

revert-11831-ipv6only

symlinketcd

test-CI

test-ci

test-precommit

test/flatcar-4081

update-approvers-ant31

1.3.0

1.3.0_k1.1.3

1.4.0

1.5.0

test-tag-1

v1.0

v1.0.0

v1.0.1

v1.1

v1.1.0

v1.1.3

v2.0.0

v2.0.1

v2.1.0

v2.1.1

v2.1.2

v2.10.0

v2.10.3

v2.10.4

v2.11.0

v2.11.1

v2.11.2

v2.12.0

v2.12.1

v2.12.10

v2.12.2

v2.12.3

v2.12.4

v2.12.5

v2.12.6

v2.12.7

v2.12.8

v2.12.9

v2.13.0

v2.13.1

v2.13.2

v2.13.3

v2.13.4

v2.14.0

v2.14.1

v2.14.2

v2.15.0

v2.15.1

v2.16.0

v2.17.0

v2.17.1

v2.18.0

v2.18.1

v2.18.2

v2.19.0

v2.19.1

v2.2.0

v2.2.1

v2.20.0

v2.21.0

v2.22.0

v2.22.1

v2.22.2

v2.23.0

v2.23.1

v2.23.2

v2.23.3

v2.24.0

v2.24.1

v2.24.2

v2.24.3

v2.25.0

v2.25.1

v2.26.0

v2.27.0

v2.3.0

v2.4.0

v2.5.0

v2.6.0

v2.7.0

v2.8.0

v2.8.1

v2.8.2

v2.8.3

v2.8.4

v2.8.5

v2.9.0

Branches Tags

${ item.name }

Create branch ${ searchTerm }

from '6cb027dfab'

${ noResults }

Commit Graph

717 Commits (6cb027dfab7fc1d3372193bf6989b12b4638d77c)

Author	SHA1	Message	Date
emiran-orange	5c25b57989	Ability to define options for DNS upstream servers (#9311) * Ability to define options for DNS upstream servers * Doc and sample inventory vars	2 years ago
Olivier Lemasle	5d1fe64bc8	Update local-volume-provisioner (#9463) - Update and re-work the documentation: - Update links - Fix formatting (especially for lists) - Remove documentation about `useAlphaApi`, a flag only for k8s versions < v1.10 - Attempt to clarify the doc - Update to version 1.5.0 - Remove PodSecurityPolicy (deprecated in k8s v1.21+) - Update ClusterRole following upstream (cf https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner/pull/292) - Add nodeSelector to DaemonSet (following upstream)	2 years ago
lijin-union	c272421910	Add UOS linux support (#9432)	2 years ago
biqiang Wu	c681435432	Add switch cilium_enable_bandwidth_manager (#9441) Signed-off-by: dcwbq <biqiang.wu@daocloud.io> Signed-off-by: dcwbq <biqiang.wu@daocloud.io>	2 years ago
William Turner	eeb376460d	Fix inconsistent handling of admission plugin list (#9407) * Fix inconsistent handling of admission plugin list * Adjust hardening doc with the normalized admission plugin list * Add pre-check for admission plugins format change * Ignore checking admission plugins value when variable is not defined	2 years ago
杨刚	a84271aa7e	etcd arch can support arm64 and amd64 (#9421)	2 years ago
Kay Yan	1cc0f3c8c9	mirror-for-china	2 years ago
Kay Yan	e3339fe3d8	update_calico_doc_for_the_ChecksumOffloadBroken (#9388)	2 years ago
Kenichi Omichi	63b27ea067	Fix YAML format in hardening.md (#9387) When trying to add a hardening CI job by copying configuration from hardening.md, yamllint CI job deleted invalid format. This fixes it for maintaining the CI job.	2 years ago
Kenichi Omichi	24632ae81b	Add check_typo job (#9361) To block merging pull requests which contain typo automatically.	2 years ago
Kenichi Omichi	f8d5487f8e	Remove versions from setting-up-your-first-cluster (#9353) We are maintaining version info on the README.md, and it is not necessary to maintain that on setting-up-your-first-cluster.md	2 years ago
Ho Kim	18efdc2c51	Fix typos in calico (#9327)	2 years ago
Kevin Huang	fa093ee609	feat(docs/openstack.md): Put Additional step needed when using calico or kube-router in own section (#9320)	2 years ago
Florian Ruynat	4ad67acedd	Move back vsphere csi to kube-system ns (#9312)	2 years ago
Ilya Margolin	726711513f	[containerd] Allow configuring base_runtime_spec per containerd runtime (#9302) and supply a default runtime spec.	2 years ago
Emin AKTAS	9468642269	feat: allows users to have more control on DNS (#9270) Signed-off-by: eminaktas <eminaktas34@gmail.com> Signed-off-by: eminaktas <eminaktas34@gmail.com>	2 years ago
Necatican Yıldırım	7da3dbcb39	Cilium 1.12 Upgrade (#9225) * Drop support for Cilium < 1.10 Signed-off-by: necatican <necaticanyildirim@gmail.com> * Synchronize Cilium templates for 1.11.7 Signed-off-by: necatican <contact@necatican.com> * Set Cilium v1.12.1 as the default version Signed-off-by: necatican <contact@necatican.com> Signed-off-by: necatican <necaticanyildirim@gmail.com> Signed-off-by: necatican <contact@necatican.com>	2 years ago
Mahdi Abbasi	023b16349e	Add variable for the vsphere-csi namespace (#9278)	2 years ago
lijin-union	c4976437a8	Fix typos in docs (#9276)	2 years ago
Kay Yan	97ca2f3c78	add-timezone-support (#9263)	2 years ago
Ho Kim	952cad8d63	Remove mutual exclusivity in calico: NAT and router mode (#9255) * Add optional NAT support in calico router mode * Add a blank line in front of lists * Remove mutual exclusivity: NAT and router mode * Ignore router mode from NAT * Update calico doc	2 years ago
Kay Yan	e2f1f8d69d	add-Rocky-9-support (#9212)	2 years ago
Michael Schmitz	be2bfd867c	Add Support for Rewrite Plugin to CoreDNS/NodelocalDNS (#9245)	2 years ago
Cristian Calin	6db6c8678c	disable kubelet_authorization_mode_webhook by default (#9238)	2 years ago
Alessio Greggi	acb6f243fd	feat: add kubelet systemd service hardening option (#9194) * feat: add kubelet systemd service hardening option * refactor: move variable name to kubelet_secure_addresses Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com> * docs: add diagram about kubelet_secure_addresses variable Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>	2 years ago
lijin-union	8af86e4c1e	Fix typo.	2 years ago
Kay Yan	b46ddf35fc	kube-vip shoud fail if kube_proxy_strict_arp is false in arp mod (#9223) * fix-kube-vip-strict-arp * fix-kube-vip-strict-arp	2 years ago
Cristian Calin	e6976a54e1	add pre-commit hook to facilitate local testing (#9158) * add pre-commit hook configuration * add tmp.md to .gitignore * describe the use of pre-commit hook in CONTRIBUTING.md * fix docs/integration.md errors identified by markdownlint * fix docs/<file>.md errors identified by markdownlint * docs/azure-csi.md * docs/azure.md * docs/bootstrap-os.md * docs/calico.md * docs/debian.md * docs/fcos.md * docs/vagrant.md * docs/gcp-lb.md * docs/kubernetes-apps/registry.md * docs/setting-up-your-first-cluster.md * docs/vagrant.md * docs/vars.md * fix contrib/<file>.md errors identified by markdownlint	2 years ago
Bishal das	aeeae76750	Update vars.md (#9172)	2 years ago
Shelming.Song	30b062fd43	fix one bug in docs/nodes (#9203)	2 years ago
Bishal das	fddff783c8	Update vsphere-csi.md (#9170)	2 years ago
Tristan	bbd1161147	9035: Make Cilium rolling-restart delay/timeout configurable (#9176) See #9035	2 years ago
Ho Kim	e31890806c	Add 'avoid-buggy-ips' support of MetalLB (#9166)	2 years ago
Tomas Zvala	30c77ea4c1	Add the option to enable default Pod Security Configuration (#9017) * Add the option to enable default Pod Security Configuration Enable Pod Security in all namespaces by default with the option to exempt some namespaces. Without the change only namespaces explicitly configured will receive the admission plugin treatment. * Fix the PR according to code review comments * Revert the latest changes - leave the empty file when kube_pod_security_use_default, but add comment explaining the empty file - don't attempt magic at conditionally adding PodSecurity to kube_apiserver_admission_plugins_needs_configuration	2 years ago
maxgio92	68653c31c0	docs(kube-vip): fix broken links (#9165) Signed-off-by: Massimiliano Giovagnoli <me@maxgio.it> Signed-off-by: Massimiliano Giovagnoli <me@maxgio.it>	2 years ago
Samuel Liu	b36bb9115a	[calico] calico rr supports multiple groups (#9134) * update calico rr * fix bgppeer conf * fix yamllint * fix ansible lint * fix calico deploy * fix yamllint * fix some typo	2 years ago
ERIK	47050003a0	Add docker support for Kylin V10 (#9144) Signed-off-by: bo.jiang <bo.jiang@daocloud.io>	2 years ago
Florian Ruynat	4df6e35270	Move oracle7-canal to centos7-canal	2 years ago
ERIK	f2f9f1d377	Add kylin OS support (#9078) Signed-off-by: bo.jiang <bo.jiang@daocloud.io>	2 years ago
Florian Ruynat	9c51ac5157	Switch fedora36se to 35 and 35docker to 36	2 years ago
Florian Ruynat	07eab539a6	Add Fedora 36 support and CI, remove Fedora 34 (eol)	2 years ago
Alessio Greggi	3ce5458f32	hardening: Add `SeccompDefault` admission plugin for kubelet (#9074) * docs(hardening): add SeccompDefault admission plugin to kubelet feature gates * fix(kubelet-config): enable config through kubelet_feature_gates * feat(kubelet): add kubelet_seccomp_default variable	2 years ago
Kenichi Omichi	f3ea8cf45e	Add Rocky Linux 8 support for vagrant (#8905) To test Kubespray on Rocky Linux 8 with vagrant, this adds it to the Vagrantfile.	2 years ago
Kay Yan	4b03f6c20f	add-managed-ntp-support (#9027)	2 years ago
boeto	d0a2ba37e8	update deprecated syntax (#9040) * `ansible.builtin.include` removed in version 2.16 Read the `ansible.builtin.include DEPRECATED` doc: https://docs.ansible.com/ansible/latest/collections/ansible/builtin/include_module.html#deprecated * Update integration.md	2 years ago
rptaylor	6f82cf12f5	let containerd_default_runtime be undefined by default (#9026)	2 years ago
Calin Cristian Andrei	a22ae6143a	[CI] ensure upgrade tests cover defaults (containerd currently)	2 years ago
Alessio Greggi	97b4d79ed5	feat: make kubernetes owner parametrized (#8952) * feat: make kubernetes owner parametrized * docs: update hardening guide with configuration for CIS 1.1.19 * fix: set etcd data directory permissions to be compliant to CIS 1.1.12	2 years ago
Kay Yan	890fad389d	suggest-to-use-nft-in-centos8 (#8987)	2 years ago
Calin Cristian Andrei	24c8ba832a	[kubernetes] drop support for configuring insecure apiserver	2 years ago