Maxime Leroy
9a8bf0e38a
fix(contrib/terraform): do not add access_ip when not wanted ( #9869 )
1 year ago
Maxime Leroy
659fa0eddc
feat(contrib/terraform): support custom ssh port ( #9836 )
1 year ago
Maxime Leroy
835811ec84
fix(contrib/terraform): do not set ssh port ( #9828 )
Signed-off-by: Maxime Leroy <19607336+maxime1907@users.noreply.github.com>
1 year ago
Robin Wallace
5bb54ef6a2
upcloud: add server groups and target port for lb ( #9831 )
1 year ago
Sean Knight
8a2e1189fb
correct typo hhttps -> https ( #9763 )
1 year ago
Bas
2c93c997cf
pre-commit autocorrected files ( #9750 )
1 year ago
Florian Ruynat
1f36df666d
Update fedora35 vagrant box url ( #9699 )
* Update fedora35 vagrant box url
* Update Terraform to 1.3.7
* Update Vagrant to 2.3.4
1 year ago
Cristian Calin
64dbf2e429
update equinox terraform code to fix kubespray CI ( #9702 )
* add terraform lock files to ignore list
* move contrib/terraform/metal to contrib/terraform/equinix to reflect upstream change
1 year ago
Mathieu Parent
58fe1a0ed6
Terraform vsphere cleanup ( #9672 )
* contrib/terraform/vsphere: mark vsphere_password as sensitive
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
* contrib/terraform/vsphere: remove unused modules
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
1 year ago
Mathieu Parent
c80bb0007a
contrib/terraform/gcp: allow extra ingress firewalls ( #9658 )
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
1 year ago
Fredrik Liv
ffad2152b3
Added override variable, additional server groups and cloudinit config ( #9452 )
1 year ago
florianow
8267922a16
add flatcar support for Hetzner ( #9618 )
1 year ago
Aveline
f7d0fb9ab2
rename ansible groups to use _ instead of ( #9569 )
1 year ago
Brian King
44a4f356ba
Terraform Openstack: replace deprecated template provider with supported cloudinit provider ( #9536 )
2 years ago
Fredrik Liv
07ad5ecfce
[upcloud] Fixed issue where DNS would be blocked while using allowlist ( #9510 )
* [upcloud] Fixed issue where DNS would be blocked while using allowlist
* Missed one NTP rule
2 years ago
Ayoub Ed-dafali
4cd949c7e1
Add missing zone input variable - Exoscale ( #9495 )
* Add missing zone input variable
* Fix terraform formatting
2 years ago
Hugo Blom
4189008245
Try fix issue where ports doesn't get an ip assigned ( #9345 )
Co-authored-by: Jonathan Süssemilch Poulain <jonathan@sofiero.net>
2 years ago
Hugo Blom
49196c2ec4
[Openstack] Add bastion_allowed_ports to allow custom security group rules on bastion node ( #9336 )
* make it possible to configure bastion remote ips
* Update README.md
2 years ago
rptaylor
5bce39abf8
add optional parameter extra_groups for k8s_nodes ( #9211 )
2 years ago
Cristian Calin
e6976a54e1
add pre-commit hook to facilitate local testing ( #9158 )
* add pre-commit hook configuration
* add tmp.md to .gitignore
* describe the use of pre-commit hook in CONTRIBUTING.md
* fix docs/integration.md errors identified by markdownlint
* fix docs/<file>.md errors identified by markdownlint
* docs/azure-csi.md
* docs/azure.md
* docs/bootstrap-os.md
* docs/calico.md
* docs/debian.md
* docs/fcos.md
* docs/vagrant.md
* docs/gcp-lb.md
* docs/kubernetes-apps/registry.md
* docs/setting-up-your-first-cluster.md
* docs/vagrant.md
* docs/vars.md
* fix contrib/<file>.md errors identified by markdownlint
2 years ago
Robin Ramquist
f4daf5856e
Subnet setup order fix & Number of master nodes syntax fix ( #9159 )
* Subnet setup order fix & Number of master nodes syntax fix
* Mistake fix!
* Formatting
2 years ago
Ajarmar
0d32c0d92b
[upcloud] Add firewall default deny policy and port allowlisting ( #9058 )
2 years ago
Robin Wallace
bf477c24d3
Chnage from deprecated variable
2 years ago
Kenichi Omichi
0e6b727e53
Update docs for using venv ( #8842 )
Due many patterns of Linux distributions, it is difficult to install
ansible dependencies as system-wide stably.
Apart of Kubespray doc[1] recommends to use venv to avoid such issue,
and this applies venv usage to the other parts of the doc.
[1]: https://github.com/kubernetes-sigs/kubespray/blob/master/docs/setting-up-your-first-cluster.md#set-up-kubespray
2 years ago
Cyclinder
dc8ad78206
fix: incorrect condition type ( #8822 )
Signed-off-by: cyclinder qifeng.guo@daocloud.io
2 years ago
Ajarmar
b9e5b0cb53
UpCloud server plan, firewall, load balancer integration ( #8758 )
* [upcloud] add option to use preconfigured cpu/mem plan
* [upcloud] add option to use firewall rules for API server/SSH access
* [upcloud] add option to use managed load balancer
2 years ago
Robin Wallace
fe66121287
[Openstack] master foreach and fixes ( #8709 )
* [openstack] fix for new network modules
* [openstack] for-each master nodes
2 years ago
Cristian Calin
6cc5b38a2e
[terraform] use modern day equinix metal provider ( #8748 )
* [terraform] use modern day equinix metal provider
* [CI] ensure packet job tests metal
2 years ago
Olle Larsson
a4f26dc8f3
[terraform/openstack] add safespring to provider list ( #8735 )
2 years ago
SOPHAL HONG
3d4baea01c
Add tag to AWS VPC subnets for automatic subnet discovery by load balancers or ingress controllers ( #8705 )
2 years ago
Robin Wallace
d7254eead6
UpCloud integration ( #8653 )
* [upcloud] add upcloud csi-driver
* Option to use ansible_host as api ip for kubueconfig
2 years ago
Anthony Bible
9dced7133c
Fixes for Hetzner terraform and Hetzner Cloud ( #8702 )
* - add ability to specify the network_zone in hetzner terraform
- Export the network id from hetzner terraform the the generated inventory.ini
* - Add with_networks variable to allow different deployments of hcloud controller manager
- Add network id to hcloud controller secret (added via the inventory)
- Don't include extra_args if it's not set
2 years ago
Christian Rohmann
90883e76af
terrform/openstack: Fix templating of ansible_ssh_common_args in no_floating.yml if used as TF module ( #8646 )
* terraform/openstack: Use path.module for ansible_bastion_template.txt
This extends on #7643 by not using path.root, but switching to path.module
to allow use of the terraform code as a module itself. This change then keeps
all calls to the template file stable even for that use-case.
* terraform/openstack: Make sed calls fail on errors
By using a single call with two replacements to use of sed will create proper exit codes
and allowing for errors to be recognized by terraform.
2 years ago
Mathieu Parent
299a9ae7ba
terraform/gcp: Add ingress_whitelist ( #8590 )
Also, do not create unneeded resources (target pools are charged and should
only be created when needed).
2 years ago
SOPHAL HONG
6d683c98a3
[Terraform-AWS] Replace CLB with NLB ( #8578 )
2 years ago
Mathieu Parent
31d4a38f09
terraform/gcp: Allow to change extra disk types ( #8524 )
2 years ago
SOPHAL HONG
a6a79883b7
Fix: Error when creating subnets more than AZ ( #8516 )
2 years ago
Cristian Calin
7759494c85
[terraform][openstack] allow disabling port_security at port level ( #8455 )
Use openstack_networking_port_v2 and openstack_networking_floatingip_associate_v2
to attach floating ips. This gives us more flexibility on disabling port security
when binding instances directly on provider networks in private cloud scenario.
2 years ago
Mathieu Parent
958bca8800
terraform/gcp: Do not create unused subnetworks and Upgrade to latest google provider ( #8497 )
* terraform/gcp: Do not create unused subnetworks
By default terraform creates a subnetwork in each 39 regions
* terraform/gcp: Upgrade to latest google provider
... where "one of source_tags, source_ranges, or source_service_accounts must be defined"
2 years ago
Mathieu Parent
3562d3378b
terraform/gcp: Allow to use preemptible VM instances ( #8480 )
2 years ago
ceesios
d86a3b962c
Proposing fixes for contrib/terraform/vsphere/ #8436 ( #8441 )
* fixes issues in vSphere Terraform contrib. #8436
* fix formatting
* add variables to the main module and document changes
* add missing newline
2 years ago
Mathieu Parent
d64b341b38
Update terraform GCP to Ubuntu 20.04 (latest LTS) ( #8463 )
* Fix terraform Warning
Version constraints inside provider configuration blocks are deprecated
Terraform 0.13 and earlier allowed provider version constraints inside the
provider configuration block, but that is now deprecated and will be removed
in a future version of Terraform. To silence this warning, move the provider
version constraint into the required_providers block.
* Fix terraform Warning: Quoted references are deprecated
* terraform: Update GCP Ubuntu to latest LTS
2 years ago
Cristian Calin
ea44d64511
[contrib] terraform openstack: allow disabling port security ( #8410 )
2 years ago
moss2k13
135c9b29a7
contrib: add cloud-init support for terraform vms ( #8394 )
* contrib: add cloud-init support for terraform vms
This change enables instance customization via cloud-init,
for example: additional CA certs, custom SSH access etc.
* contrib: update docs for terraform cloud-init
* contrib: disable yamllint in cloud-init
require-starting-space rule breaks cloud-init header
* contrib: documenation formatting
* yamllint: disable comments related checks
* docs: markdown formatting
2 years ago
Robin Wallace
38c12288f1
Add option for boot volume type for k8s node ( #8256 )
3 years ago
Olle Larsson
fe0810aff9
Add option to set different server group policy for etcd, node, and master server ( #8046 )
3 years ago
Febrian Setianto
f48ae18630
Use Pre-existing Floating IP for Bastion ( #8214 )
* use pre-existing floating IP for bastion
* document bastion_fips in readme
3 years ago
Lars Larsson
6eeb4883af
Fixes various issues in vSphere Terraform code ( #8178 )
* Fixes various issues in vSphere Terraform code
Provided to address various shortcomings and to fix the following
issue in upstream Kubespray:
https://github.com/kubernetes-sigs/kubespray/issues/8176
* Resolves Terraform formatting issues
* Sets default prefix to human-readable name
* Documents new default prefix in README
3 years ago
Fredrik Liv
e87d4e9ce3
Added terraform script for Hetzner cloud ( #8053 )
3 years ago
Ray Terrill
1edb7d771f
Modify connection_strings_etcd to only return etcd nodes ( #7966 )
Modify connection_strings_etcd to only return etcd nodes - not master nodes - since this results in duplicate hosts in the generated Ansible inventory and is unnecessary.
3 years ago