c710c93c02
upgrade kubevip to v0.5.11 ( #9852 )
Signed-off-by: panguicai008 <1121906548@qq.com>
2 years ago
62f34c6085
add image garbage collection ( #9832 )
2 years ago
64e4de371e
fix(kubelet): no cloud config for external cloud provider ( #9793 )
2 years ago
6ff845a199
Enable control plane load balancing for kube-vip ( #9785 )
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2 years ago
2c93c997cf
pre-commit autocorrected files ( #9750 )
2 years ago
c5debf013c
Update kubevip to v0.5.8 ( #9734 )
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
2 years ago
5fbbcedebc
9693: Fix comma-separated-list splitting of kubelet_enforce_node_allocatable ( #9694 )
See https://github.com/kubernetes-sigs/kubespray/issues/9693
2 years ago
391dd97f95
[kubernetes] support 1.26.x ( #9570 )
2 years ago
050fde6327
Add enableServicesElection env variable. ( #9595 )
2 years ago
1c4db6132d
optimize cgroups settings for node reserved ( #9209 )
* optimize cgroups settings for node reserved
* fix
* set cgroup slice for multi container engine
* set cgroup slice for crio
* add reserved cgroups variables to sample files
* Compatible with cgroup path for different container managers
* add cgroups doc
* fix markdown
2 years ago
990f87acc8
Update kube-vip to v0.5.5 ( #9437 )
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
2 years ago
1901b512d2
Make the port of kube-vip dynamic based on the kube_apiserver_port ( #9414 )
variable
Fix wrong referenced variable on bgp_peers
Fix bgp_peeras field to be a string
Set default value for bgp_peeras
2 years ago
1530411218
use cri-o from upstream instead of kubic/OBS ( #9374 )
* [cri-o] use cri-o from upstream instead of kubic/OBS
* [cri-o] add proper molecule coverage
* [skopeo] download skopeo from upstream build
* [cri-o] clean up legacy deployments
* disable cri-o per-distribution variables
2 years ago
ad3f503c0c
Fix default value for kubelet_secure_addresses ( #9355 )
2 years ago
acb6f243fd
feat: add kubelet systemd service hardening option ( #9194 )
* feat: add kubelet systemd service hardening option
* refactor: move variable name to kubelet_secure_addresses
Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>
* docs: add diagram about kubelet_secure_addresses variable
Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>
2 years ago
b46ddf35fc
kube-vip shoud fail if kube_proxy_strict_arp is false in arp mod ( #9223 )
* fix-kube-vip-strict-arp
* fix-kube-vip-strict-arp
2 years ago
c8a61ec98c
optimize the format of evictionHard in kubelet-config.yaml template ( #9204 )
2 years ago
e73803c72c
pid reserved must be str ( #9124 )
2 years ago
3ce5458f32
hardening: Add `SeccompDefault` admission plugin for kubelet ( #9074 )
* docs(hardening): add SeccompDefault admission plugin to kubelet feature gates
* fix(kubelet-config): enable config through kubelet_feature_gates
* feat(kubelet): add kubelet_seccomp_default variable
2 years ago
3bb9542606
Adding support for node & pod pid limit ( #9038 )
2 years ago
24c8ba832a
[kubernetes] drop support for configuring insecure apiserver
2 years ago
2cd8c51a07
[kubeadm] use v1beta3 configuration version
* extra admission controls now don't have a version in their file names
eventratelimit.v1beta2.yaml.j2 -> eventratelimit.yaml.j2
* cri_socket variable includes the unix:// prefix to be conformat with
upstream
2 years ago
589823bdc1
[CI] remove docker stand-alone molecule test
2 years ago
fad296616c
[docker] use cri-dockerd instead of dockershim for any kubernetes version deployed with docker as the container_manager
2 years ago
ae1dcb031f
[kubernetes] drop pre 1.22.0 workarounds
2 years ago
7d3e59cf2e
Remove unneeded socat installation for Flatcar ( #8970 )
2 years ago
77f436fa39
Fix: set fallback value of kubelet ip6 ( #8858 ) ( #8926 )
* Fix: set fallback value of kubelet ip6 (#8858 )
* Prune the spurious comma in the end of kubelet_address
- Update `roles/kubernetes/node/defaults/main.yml`
Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>
* Fix: set fallback value of kubelet ip6 (#8858 )
- Apply the lint: 132606368e
2 years ago
01ca7293f5
support reserve ephemeral-storage ( #8895 )
2 years ago
5512465b34
Revert "Set exact user for Kubelet services" ( #8872 )
This reverts commit e375678674
2 years ago
73fc70dbe8
Delete kube_version v1.20- related code ( #8869 )
Current Kubespray supports the Kubernetes version 1.21 or upper with
`kube_version_min_required: v1.21.0`
Then kube_version v1.20- related code is not used at all.
This deletes those code for cleanup.
2 years ago
3d8f3bc0b7
Fix the invalid kube vip manifest ( #8831 )
* add Feature synchronized time checking
* fix-invalid-kube-vip-manifest
2 years ago
37a5271f5a
feat: add variables to manage makeIPTablesUtilChains and streamingConnectionIdleTimeout kubelet parameters ( #8796 )
2 years ago
323a111362
[kubelet] set correct resolv.conf for Ubuntu 22.04 ( #8795 )
2 years ago
996ef98b87
Add support for kube-vip ( #8669 )
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
2 years ago
394857b5ce
[docker] add support for cri-dockerd as a replacement for dockershim ( #8623 )
2 years ago
58b2f39ce5
add IPv6 listen directive to nginx if enable_dual_stack_networks ( #8596 )
3 years ago
ddef7e1139
missing "check_mode: no"s for several read-only tasks ( #8584 )
this is not complete -- there are almost certainly more instances of
this issue
3 years ago
98d5d0cdd5
add support for Dual Stack node InternalIP ( #8542 )
3 years ago
aed187e56c
Fix kubelet_kubelet_cgroups_cgroupfs ( #8500 )
If kubelet is run with systemd (as it always is when using kubespray),
it starts in systemd's /system.slice/kubelet.service cgroup.
This commit prevents a creation and usage of a second unrelated cgroup.
3 years ago
575e0ca457
feat: add eviction hard to kubelet config ( #8421 )
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
3 years ago
a98ca6fcf3
Update loadbalancers versions ( #8272 )
* Update loadbalancers versions
* fix haproxy_config_dir mode
3 years ago
615216f397
Fix if bind-address is not set to 0.0.0.0 ( #8262 )
* if bind-address is not set to 0.0.0.0
* Update docs and left comments
* fix yamllist check: remove space
3 years ago
e19ce27352
Remove ovn4nfv support ( #8265 )
3 years ago
ee882fa462
Add capability to use swap, requires Kube 1.22 ( #8241 )
* Alpha-NodeSwap: allow nodes to use swap
* CI: Add Fedora 35 with experimental swap job
3 years ago
a5f88e14d0
Cleanup tests ( #8234 )
* Add Fedora 35 image, support and CI
* Cleanup tests and allow_failure for vagrant
3 years ago
424163c7d3
add gce support ( #8179 )
Author: lmercl <lubos.mercl@gmail.com>
Date: Wed Nov 10 15:30:04 2021 +0000
fix markdown
3 years ago
6e5b9e0ebf
Fix Kubelet and Containerd when using cgroupfs as cgroup driver ( #8123 )
3 years ago
41e0ca3f85
Move kube_feature_gates to kubelet config ( #8048 )
to remove deprecation warning:
> Flag --feature-gates has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag.
3 years ago
43958614e3
Fix kubespray flatcar ansible_os_family and ansible_distribution ( #8029 )
Closes https://github.com/kubernetes-sigs/kubespray/issues/8028
Signed-off-by: Iago Santos <iago.santos.pardo@adfinis.com>
3 years ago
d57ddf0be8
Feature DynamicKubeletConfig is deprecated in 1.22 and will not move to GA ( #7938 )
* Feature DynamicKubeletConfig is deprecated in 1.22 and will not move to GA
* Add check for dynamic_kubelet_configuration with kube >= 1.22
3 years ago
panguicai
Jack
Maxime Leroy
ERIK
Bas
蒋航
Tristan
Mohamed Zaian
mKlaris
Shelming.Song
Wouter Goedhart
Cristian Calin
William Turner
Alessio Greggi
Kay Yan
Samuel Liu
h9-HSFRQDH
Calin Cristian Andrei
Ho Kim
Thearas
Max Gautier
Kenichi Omichi
Andy
Mathieu Parent
kakkotetsu
Tom Janson
Ilya Margolin
cyril-corbon
Hanna Bledai
Florian Ruynat
Lubos Mercl
Pasquale Toscano
Iago Santos