Erwan Miran
2ab2f3a0a3
Ability to define SSL certificates duration and SSL key size ( #3482 )
* Ability to specify ssl certificate duration and ssl key size - etcd/secrets
* Ability to specify ssl certificate duration and ssl key size - helm/contiv + fix contiv missing copy certs generation script
6 years ago
Luke Seelenbinder
3cfbc1a79a
Add Pod IP to Flannel manifest. ( #3379 )
6 years ago
Cédric de Saint Martin
53d87e53c5
All CNIs: support ANY toleration. ( #3391 )
Before, Nodes tainted with NoExecute policy did not have calico/weave Pod.
Network pod should run on all nodes whatever happens on a specific node.
Also always set the Pods to be critical.
Also remove deprecated scheduler.alpha.kubernetes.io/tolerations annotations.
6 years ago
Erwan Miran
232020ef96
skip-exists is an flag for create command, not for calicoctl ( #3401 )
6 years ago
arzarif
6b71229d3f
Resolve issues associated with Calico deployment in policy-only mode. ( #3392 )
6 years ago
Kuldip Madnani
36898a2c39
Adding pod priority for all the components. ( #3361 )
* Changes to assign pod priority to kube components.
* Removed the boolean flag pod_priority_assignment
* Created new priorityclass k8s-cluster-critical
* Created new priorityclass k8s-cluster-critical
* Fixed the trailing spaces
* Fixed the trailing spaces
* Added kube version check while creating Priority Class k8s-cluster-critical
* Moved k8s-cluster-critical.yml
* Moved k8s-cluster-critical.yml to kube_config_dir
6 years ago
Rui Cao
02de35cfc3
Fix some typos ( #3382 )
Signed-off-by: Rui Cao <ruicao@alauda.io>
6 years ago
Kevin Schuck
639010b3df
Uses environment vars for etcd cert paths
6 years ago
Kevin Schuck
6f9f80acee
Uses etcdv3 for calico 3 rr_v4 resources
6 years ago
Kevin Schuck
fb1678d425
Ensures BGPPeer resource names are unique
6 years ago
Alex Yakovenko
884053aaa7
Make Felix healthhost configurable
6 years ago
Kevin Schuck
d3adf09bde
Fixes BGPPeer resource for calico >= 3.0.0
6 years ago
Erwan Miran
afa2a5f1c4
enhanced reset for contiv
6 years ago
Erwan Miran
bcaf2f9ea3
contiv 1.2.1
6 years ago
Wong Hoi Sing Edison
a544e54578
weave: Upgrade to 2.4.1
Upstream Changes:
- weave 2.4.1 (https://github.com/weaveworks/weave/releases/tag/v2.4.1 )
Our Changes:
- Templates sync with upstream manifests
6 years ago
Matthew Mosesohn
c83350e597
refactor to base on calico_version
6 years ago
Matthew Mosesohn
55d76ea3d8
Update install.yml
6 years ago
rabi
1df0b67ec1
Add volume and volumeMount for crio-socket
This commit fixes #3295
6 years ago
Matthew Mosesohn
1091e82327
Update install.yml
6 years ago
Matthew Mosesohn
cc79125d3e
Update install.yml
6 years ago
Matthew Mosesohn
d91f9e14e6
Put back legacy support for calico ippools and bgp settings
6 years ago
Takashi Okamoto
b2a7a27dfb
Fix indent error by yamllint.
6 years ago
mlushpenko
ea2c9d8f57
Fix yaml checks
6 years ago
mlushpenko
f958b32c83
Fix calico health checks
6 years ago
Matthew Mosesohn
dc3e317d20
Fix backward compatibility with calico 2.6
6 years ago
Luis Nunez
6569180654
remove capitalize filter
6 years ago
Pablo Estigarribia
7cbe3c2171
ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version
ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version
remove empty when line
ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version
force kubeadm upgrade due to failure without --force flag
ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version
added nodeSelector to have compatibility with hybrid cluster with win nodes, also fix for download with missing container type
fixes in syntax and LF for newline in files
fix on yamllint check
ensure there is pin priority for docker package to avoid upgrade of docker to incompatible version
some cleanup for innecesary lines
remove conditions for nodeselector
6 years ago
Antoine Legrand
2f1fe44762
update images to use arch
6 years ago
Fernando Crespo Grávalos
ac4ef719cc
canal should mount xtables.lock to share the lock with other processes like kube-proxy
6 years ago
Aivars Sterns
23fd3461bc
calico upgrade to v3 ( #3086 )
* calico upgrade to v3
* update calico_rr version
* add missing file
* change contents of main.yml as it was left old version
* enable network policy by default
* remove unneeded task
* Fix kubelet calico settings
* fix when statement
* switch back to node-kubeconfig.yaml
6 years ago
Erwan Miran
80cfeea957
psp, roles and rbs for PodSecurityPolicy when podsecuritypolicy_enabled is true
6 years ago
Wong Hoi Sing Edison
c3b3572025
Always create service account even rbac_enabled = false
6 years ago
Erwan Miran
7f16b46ed5
Reset tasks specific to a network_plugin moved inside its role directory + Reset tasks specific to cilium
6 years ago
Zinin D.A
22b89edbbc
cilium v1.1.2
Update all configs to current upstream state.
Add more resources (unable to pass tests now)...
6 years ago
Wong Hoi Sing Edison
538cb3b1bd
weave: Upgrade to 2.4.0
Upstream Changes:
- weave 2.4.0 (https://github.com/weaveworks/weave/releases/tag/v2.4.0 )
- Support `externalTrafficPolicy: Local` (https://github.com/weaveworks/weave/issues/2924 )
- Make the ipset list size bigger (https://github.com/weaveworks/weave/pull/3305 )
- Break out of kube rm-peers loop if nothing changes (https://github.com/weaveworks/weave/pull/3317 )
Our Changes:
- Revamp weave-net.yml.j2 with upstream changes
- Add more variables for customization
- Replace WEAVE_PASSWORD with k8s secret
- Remove hard-corded seed mode support, in favor of variables customization
6 years ago
Matthew Mosesohn
1a3b9dd864
Force copy cni files
6 years ago
elementyang
8fee1ab102
change create to apply
6 years ago
Erwan Miran
11d87ecc37
removed surnumerary definition of contiv_etcd_init_image_* (already in download role)
6 years ago
Erwan Miran
2a4fc70e1c
contiv-etcd-init image as default instead hardcoded
6 years ago
Daniel Mohr
476b14b06e
Make Calico nodename overridable on bare metal
Signed-off-by: Daniel Mohr <daniel.mohr@supercrunch.io>
6 years ago
Matthew Mosesohn
02cd5418c2
Weave limits ( #2660 )
* Raise limits for weave
* Adjust weave limits
6 years ago
Wong Hoi Sing Edison
195d6d791a
Integrate jetstack/cert-manager 0.2.3 to Kubespray
6 years ago
Matthew Mosesohn
03bcfa7ff5
Stop templating kube-system namespace and creating it ( #2545 )
Kubernetes makes this namespace automatically, so there is
no need for kubespray to manage it.
6 years ago
Wong Hoi Sing Edison
848fc323db
Fixup for #2523 :
- Rename template for /etc/cni/net.d/00-weave.conflist to 00-weave.conflist.j2
- Apply resources requests/limits to both container weave and weave-npc
6 years ago
Wong Hoi Sing Edison
3f5c60886b
Upgrade Weave to 2.2.1
- Fix #2414 , so namespace isolation should now works
- Update weave-net.yml.j2 as per latest https://cloud.weave.works/k8s/net
- Other minor fixup
6 years ago
Anton Fayzrahmanov
a75598b3f4
IP_AUTODETECTION_METHOD docs
6 years ago
Anton Fayzrahmanov
60a057cace
Update calico-node.yml.j2
6 years ago
Anton Fayzrahmanov
dd9d0c0530
optional calico_ip_auto_method variable with IP_AUTODETECTION_METHOD
can be set to one of
first-found
can-reach
interface
6 years ago
Erik Stidham
60bfc56e8e
Update Calico and Canal
- Updating to use calico-node v2.6.7
- A few updates to their manifests too
6 years ago
melkosoft
ae30009fbc
changed version to 1.0.0-rc8
6 years ago