faruryo
975f84494c
Fix calico-kube-controller becomes Error ( #7548 )
Change mode so that calico-kube-controllers can be read because it was changed to run as non-root
https://github.com/projectcalico/kube-controllers/pull/566
3 years ago
Florian Ruynat
7c86734d2e
Add cri-o 1.20/1.21 ( #7544 )
3 years ago
Cristian Calin
8665e1de87
Fix cri-o support for Oracle and AlmaLinux ( #7541 )
3 years ago
Florian Ruynat
c16efc9ab8
Fix Opensuse not working with ansible_distribution ( #7551 )
3 years ago
muzi502
324c95d37f
Fix some docs.ansible.com url typo ( #7550 )
3 years ago
muzi502
69806e0a46
Add nerdctl cli tool for containerd user ( #7500 )
* Add nerdctl cli tool for containerd user
* Add nerdctl enable option
* Add nerdctl enable option and update nerdctl version to 0.8.0
3 years ago
Cristian Calin
ad15a4b755
Bump calico versions ( #7543 )
* add calico 3.16.10 hashes
* drop old calico version 3.16.9
3 years ago
Cristian Calin
002a4b03a4
Drop calico 3.15 ( #7545 )
* calico: drop support for version 3.15
* drop check for calico version >= 3.3, we are at 3.16 minimum now
* we moved to calico 3.16+ so we can default to /opt/cni/bin/install
3 years ago
muzi502
96476430a3
Update cni-plugins and kubernetes version in README.md ( #7540 )
3 years ago
Cristian Calin
73db44b00c
Initial AlmaLinux support ( #7538 )
* AlmaLinux: ansible>2.9.19 is needed to know about AlmaLinux
* AlmaLinux: identify as a centos derrivative
* AlmaLinux: add AlmaLinux to checks for CentOS
* Use ansible_os_family to compare family and not distribution
3 years ago
Florian Ruynat
b32d25942d
Minor update to cni-plugins and kube-router
3 years ago
Florian Ruynat
fce705a92b
Helm minor update to 3.5.4
3 years ago
Florian Ruynat
6164c90f70
Update kube-ovn to 1.6.2
3 years ago
Cristian Calin
e036b899a3
update calico default version in README.md ( #7537 )
3 years ago
Samuel Liu
8c7b90ebbf
add ingress controller class ( #7522 )
3 years ago
Ian Martin
38d9d2ea0e
Ambassador can watch multiple namespaces ( #7516 )
* Ambassador can watch multiple namespaces
* update variable name per PR review
3 years ago
Cristian Calin
384d30b675
add support for configuring cri-o pids_limit ( #7525 )
3 years ago
Cristian Calin
add61868c6
Add Calico v3.17.3 and v3.18.1 ( #7524 )
* add hashes for calico v3.17.3
* add hashes for claico v3.18.1
* bump default calico version to v3.17.3
* calico crds are missing yaml separator breaking kdd
3 years ago
Florian Ruynat
b599f3084f
Fix OpenStack StyleGuide rule H216 (On by default in latest version) ( #7535 )
ref: b921c4de51
3 years ago
Xachman
a7493e26e1
add enablerepo: amzn2extra-docker for docker install on aws 2 ( #7507 )
3 years ago
Kenichi Omichi
ae3a1d7c01
Fix keepcache values of yum_repository ( #7506 )
As the official document[1], the parameter keepcache should be
'0' or '1' as string. To avoid the following warning message,
this fixes the parameter value:
[WARNING]: The value False (type bool) in a string field was
converted to u'False' (type string). If this does not look
like what you expect, quote the entire value to ensure it
does not change.
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/yum_repository_module.html
3 years ago
Mathieu Parent
e39e3d5c26
Fix OpenId Connect example prefixes ( #7527 )
Fixes "mapping values are not allowed in this context
3 years ago
holmesb
1e7d48846a
Fixes issue #7528 - allow configuring CALICO_STARTUP_LOGLEVEL via a new variable: calico_node_startup_loglevel ( #7530 )
Signed-off-by: Brendan Holmes <5072156+holmesb@users.noreply.github.com>
3 years ago
Florian Ruynat
6001edeecd
Cleanup hashes and 1.18 hooks ( #7534 )
3 years ago
Frank Ritchie
ce0b7834ff
Refactor cilium_ipsec_enabled check ( #7520 )
This is a followup to
https://github.com/kubernetes-sigs/kubespray/pull/7413
Although the code worked there was a desire for a better solution.
Hopefully people will be happy with this alternative.
3 years ago
Cristian Klein
3ac92689f0
exoscale: Rework EIP access from workers ( #7337 )
Context: Load-balancing in Exoscale is performed by associating many
workers with the same EIP. This works, however, the workers cannot access
themselves via the EIP, which is needed at least for cert-managers
"self-test".
Problem: The old iptables based workaround felt fragile and disappointed
me at least once.
New solution: Add the EIP to a loopback interface on each worker.
3 years ago
Florian Ruynat
1c0836946f
Update default Kubernetes version to 1.20.6
3 years ago
Florian Ruynat
bccbe323b7
Add new kubernetes hashes (1.19.10, 1.20.6)
3 years ago
Samuel Liu
d73249a793
Add bash-completion package ( #7510 )
3 years ago
Florian Ruynat
cd9a03f86c
Update some docker defaults ( #7499 )
3 years ago
muzi502
b47c21c683
Remove some bash completion file when reset cluster ( #7502 )
3 years ago
Florian Ruynat
6de5303e3f
Fix sample inventory (offline template) ( #7498 )
3 years ago
Krystian Młynek
2a2fb68b2f
Add missing proxy environment in crio_repo.yml ( #7492 )
3 years ago
Samuel Liu
844ebb7838
fix offline mode ( #7493 )
* fix offline mode
* add offline messages
3 years ago
Etienne Champetier
332cc1cd58
Check if python netaddr and recent enough jinja are installed ( #7486 )
CentOS 7 provides up to date Ansible with really old jinja version
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
3 years ago
Peter Zhang
e7ce83016e
correct a wrong word ( #7484 )
* correct a wrong word
* correct a wrong word
3 years ago
Etienne Champetier
bf6a39eb84
Add auto_renew_certificates_systemd_calendar ( #7490 )
This allow to configure when K8S certificates renewal runs
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
3 years ago
Florian Ruynat
42382e2cde
Update Terraform/Vagrant + increase tf_ovh retries ( #7477 )
3 years ago
Zachary Chang
f8e4650791
Fix typo ( #7489 )
3 years ago
Etienne Champetier
e444b3c140
Regenerate apiserver.crt on all control-plane nodes ( #7463 )
We were regenerating only the cert of the first node
While at it speed up the check step
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
3 years ago
emiran-orange
d56ac216f4
Use kubeadm_feature_gates instead of kube_feature_gates to leverage kubeadm feature gates and not to interfere with k8s components feature gates ( #7447 )
3 years ago
Zhong Jianxin
420a412234
Add containerd_extra_args ( #7461 )
* Add containerd_extra_args
This is useful for custom containerd config, e.g. auth
Signed-off-by: Zhong Jianxin <azuwis@gmail.com>
* Make containerd config.toml mode 0640
It may contain sensitive information like password
Signed-off-by: Zhong Jianxin <azuwis@gmail.com>
3 years ago
Samuel Liu
90c643f3ab
format ansible output ( #7482 )
3 years ago
Mathieu Parent
1d4e380231
Remove containerd_runtimes var in k8s-cluster.yml ( #7476 )
Also set in all/containerd.yml
3 years ago
Florian Ruynat
6d293ba899
Update hashes with 1.21.0 ( #7478 )
3 years ago
Florian Ruynat
aa086e5407
Remove dead code from kubeadm-etcd ( #7470 )
3 years ago
Sergey
cce0940e1f
add CI test for auto_renew_certificates ( #7472 )
* add CI test for auto_renew_certificates
* change timer value
fix typo error in rotate cert script
3 years ago
Florian Ruynat
daed3e5b6a
Use v2.15.1 as base image for CI ( #7466 )
3 years ago
Samuel Liu
e2a7f3e2ab
remove-node roles: fix kubectl absolute path ( #7469 )
* kubelet absolute path
* kubelet absolute path
3 years ago
Kenichi Omichi
5a351b4b00
Add condition for audit_webhook_mode batch ( #7444 )
According to the document[1], audit-webhook-batch-max-size and
audit-webhook-batch-max-wait are used only in the batch mode.
This adds a condition to avoid unnecessary writting on the config.
[1]: https://kubernetes.io/docs/tasks/debug-application-cluster/audit/#batching
3 years ago