kubernetes-sigs
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

pre-commit autocorrected files (#9750)

pull/9687/head
Bas 2023-02-06 10:35:16 +01:00 committed by GitHub
parent 10337f2fcb
commit 2c93c997cf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
89 changed files with 150 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.ansible-lint
View File

@ -24,7 +24,14 @@ skip_list:
# (Disabled in June 2021) # (Disabled in June 2021)
- 'role-name' - 'role-name'
- 'experimental'
# [var-naming] "defaults/main.yml" File defines variable 'apiVersion' that violates variable naming standards # [var-naming] "defaults/main.yml" File defines variable 'apiVersion' that violates variable naming standards
# In Kubespray we use variables that use camelCase to match their k8s counterparts # In Kubespray we use variables that use camelCase to match their k8s counterparts
# (Disabled in June 2021) # (Disabled in June 2021)
- 'var-naming' - 'var-naming'
- 'var-spacing'
# [fqcn-builtins]
# Roles in kubespray don't need fully qualified collection names
# (Disabled in Feb 2023)
- 'fqcn-builtins'

15
.pre-commit-config.yaml
View File

@ -1,5 +1,20 @@
--- ---
repos: repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v3.4.0
hooks:
- id: check-added-large-files
- id: check-case-conflict
- id: check-executables-have-shebangs
- id: check-xml
- id: check-merge-conflict
- id: detect-private-key
- id: end-of-file-fixer
- id: forbid-new-submodules
- id: requirements-txt-fixer
- id: trailing-whitespace
- repo: https://github.com/adrienverge/yamllint.git - repo: https://github.com/adrienverge/yamllint.git
rev: v1.27.1 rev: v1.27.1
hooks: hooks:

2
CNAME
View File

@ -1 +1 @@
kubespray.io kubespray.io

2
LICENSE
View File

@ -187,7 +187,7 @@
identification within third-party archives. identification within third-party archives.
Copyright 2016 Kubespray Copyright 2016 Kubespray
Licensed under the Apache License, Version 2.0 (the "License"); Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License. you may not use this file except in compliance with the License.
You may obtain a copy of the License at You may obtain a copy of the License at

2
OWNERS
View File

@ -5,4 +5,4 @@ approvers:
reviewers: reviewers:
- kubespray-reviewers - kubespray-reviewers
emeritus_approvers: emeritus_approvers:
- kubespray-emeritus_approvers - kubespray-emeritus_approvers

2
contrib/aws_inventory/requirements.txt
View File

@ -1 +1 @@
boto3 # Apache-2.0 boto3 # Apache-2.0

2
contrib/azurerm/.gitignore vendored
View File

@ -1,2 +1,2 @@
.generated .generated
/inventory /inventory

1
contrib/azurerm/roles/generate-inventory_2/templates/inventory.j2
View File

@ -31,4 +31,3 @@
[k8s_cluster:children] [k8s_cluster:children]
kube_node kube_node
kube_control_plane kube_control_plane

2
contrib/azurerm/roles/generate-templates/templates/availability-sets.json
View File

@ -27,4 +27,4 @@
} }
} }
] ]
} }

2
contrib/azurerm/roles/generate-templates/templates/bastion.json
View File

@ -103,4 +103,4 @@
} }
{% endif %} {% endif %}
] ]
} }

2
contrib/azurerm/roles/generate-templates/templates/clear-rg.json
View File

@ -5,4 +5,4 @@
"variables": {}, "variables": {},
"resources": [], "resources": [],
"outputs": {} "outputs": {}
} }

2
contrib/azurerm/roles/generate-templates/templates/storage.json
View File

@ -16,4 +16,4 @@
} }
} }
] ]
} }

2
contrib/inventory_builder/requirements.txt
View File

@ -1,3 +1,3 @@
configparser>=3.3.0 configparser>=3.3.0
ruamel.yaml>=0.15.88
ipaddress ipaddress
ruamel.yaml>=0.15.88

2
contrib/inventory_builder/test-requirements.txt
View File

@ -1,3 +1,3 @@
hacking>=0.10.2 hacking>=0.10.2
pytest>=2.8.0
mock>=1.3.0 mock>=1.3.0
pytest>=2.8.0

1
contrib/kvm-setup/group_vars/all
View File

@ -1,3 +1,2 @@
#k8s_deployment_user: kubespray #k8s_deployment_user: kubespray
#k8s_deployment_user_pkey_path: /tmp/ssh_rsa #k8s_deployment_user_pkey_path: /tmp/ssh_rsa

1
contrib/network-storage/glusterfs/inventory.example
View File

@ -41,4 +41,3 @@
# [network-storage:children] # [network-storage:children]
# gfs-cluster # gfs-cluster

1
contrib/network-storage/glusterfs/roles/kubernetes-pv/ansible/templates/glusterfs-kubernetes-endpoint.json.j2
View File

@ -21,4 +21,3 @@
{% endfor %} {% endfor %}
] ]
} }

1
contrib/terraform/equinix/output.tf
View File

@ -13,4 +13,3 @@ output "k8s_etcds" {
output "k8s_nodes" { output "k8s_nodes" {
value = equinix_metal_device.k8s_node.*.access_public_ipv4 value = equinix_metal_device.k8s_node.*.access_public_ipv4
} }

1
contrib/terraform/equinix/variables.tf
View File

@ -54,4 +54,3 @@ variable "number_of_etcd" {
variable "number_of_k8s_nodes" { variable "number_of_k8s_nodes" {
default = 1 default = 1
} }

2
contrib/terraform/hetzner/main.tf
View File

@ -53,4 +53,4 @@ resource "null_resource" "inventories" {
triggers = { triggers = {
template = data.template_file.inventory.rendered template = data.template_file.inventory.rendered
} }
} }

2
contrib/terraform/hetzner/modules/kubernetes-cluster-flatcar/outputs.tf
View File

@ -24,4 +24,4 @@ output "cluster_private_network_cidr" {
output "network_id" { output "network_id" {
value = hcloud_network.kubernetes.id value = hcloud_network.kubernetes.id
} }

2
contrib/terraform/hetzner/modules/kubernetes-cluster-flatcar/templates/machine.yaml.tmpl
View File

@ -13,4 +13,4 @@ storage:
#!/bin/bash #!/bin/bash
set -euo pipefail set -euo pipefail
hostname="$(hostname)" hostname="$(hostname)"
echo My name is ${name} and the hostname is $${hostname} echo My name is ${name} and the hostname is $${hostname}

2
contrib/terraform/hetzner/modules/kubernetes-cluster-flatcar/versions.tf
View File

@ -10,4 +10,4 @@ terraform {
source = "hashicorp/null" source = "hashicorp/null"
} }
} }
} }

2
contrib/terraform/hetzner/modules/kubernetes-cluster/output.tf
View File

@ -24,4 +24,4 @@ output "cluster_private_network_cidr" {
output "network_id" { output "network_id" {
value = hcloud_network.kubernetes.id value = hcloud_network.kubernetes.id
} }

1
contrib/terraform/hetzner/modules/kubernetes-cluster/templates/cloud-init.tmpl
View File

@ -14,4 +14,3 @@ ssh_authorized_keys:
%{ for ssh_public_key in ssh_public_keys ~} %{ for ssh_public_key in ssh_public_keys ~}
- ${ssh_public_key} - ${ssh_public_key}
%{ endfor ~} %{ endfor ~}

1
contrib/terraform/openstack/modules/ips/main.tf
View File

@ -44,4 +44,3 @@ resource "openstack_networking_floatingip_v2" "k8s_nodes" {
pool = var.floatingip_pool pool = var.floatingip_pool
depends_on = [null_resource.dummy_dependency] depends_on = [null_resource.dummy_dependency]
} }

2
contrib/terraform/openstack/sample-inventory/cluster.tfvars
View File

@ -86,4 +86,4 @@ floatingip_pool = "<pool>"
bastion_allowed_remote_ips = ["0.0.0.0/0"] bastion_allowed_remote_ips = ["0.0.0.0/0"]
# Force port security to be null. Some cloud providers do not allow to set port security. # Force port security to be null. Some cloud providers do not allow to set port security.
# force_null_port_security = false # force_null_port_security = false

6
contrib/terraform/upcloud/modules/kubernetes-cluster/main.tf
View File

@ -80,7 +80,7 @@ resource "upcloud_server" "master" {
lifecycle { lifecycle {
ignore_changes = [storage_devices] ignore_changes = [storage_devices]
} }
firewall = var.firewall_enabled firewall = var.firewall_enabled
dynamic "storage_devices" { dynamic "storage_devices" {
@ -525,7 +525,7 @@ resource "upcloud_loadbalancer_backend" "lb_backend" {
resource "upcloud_loadbalancer_frontend" "lb_frontend" { resource "upcloud_loadbalancer_frontend" "lb_frontend" {
for_each = var.loadbalancer_enabled ? var.loadbalancers : {} for_each = var.loadbalancer_enabled ? var.loadbalancers : {}
loadbalancer = upcloud_loadbalancer.lb[0].id loadbalancer = upcloud_loadbalancer.lb[0].id
name = "lb-frontend-${each.key}" name = "lb-frontend-${each.key}"
mode = "tcp" mode = "tcp"
@ -535,7 +535,7 @@ resource "upcloud_loadbalancer_frontend" "lb_frontend" {
resource "upcloud_loadbalancer_static_backend_member" "lb_backend_member" { resource "upcloud_loadbalancer_static_backend_member" "lb_backend_member" {
for_each = { for_each = {
for be_server in local.lb_backend_servers: for be_server in local.lb_backend_servers:
"${be_server.server_name}-lb-backend-${be_server.lb_name}" => be_server "${be_server.server_name}-lb-backend-${be_server.lb_name}" => be_server
if var.loadbalancer_enabled if var.loadbalancer_enabled
} }

6
docs/vars.md
View File

@ -189,7 +189,7 @@ Stack](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/dns-stack.m
* *http_proxy/https_proxy/no_proxy/no_proxy_exclude_workers/additional_no_proxy* - Proxy variables for deploying behind a * *http_proxy/https_proxy/no_proxy/no_proxy_exclude_workers/additional_no_proxy* - Proxy variables for deploying behind a
proxy. Note that no_proxy defaults to all internal cluster IPs and hostnames proxy. Note that no_proxy defaults to all internal cluster IPs and hostnames
that correspond to each node. that correspond to each node.
* *kubelet_cgroup_driver* - Allows manual override of the cgroup-driver option for Kubelet. * *kubelet_cgroup_driver* - Allows manual override of the cgroup-driver option for Kubelet.
By default autodetection is used to match container manager configuration. By default autodetection is used to match container manager configuration.
`systemd` is the preferred driver for `containerd` though it can have issues with `cgroups v1` and `kata-containers` in which case you may want to change to `cgroupfs`. `systemd` is the preferred driver for `containerd` though it can have issues with `cgroups v1` and `kata-containers` in which case you may want to change to `cgroupfs`.
@ -213,9 +213,9 @@ Stack](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/dns-stack.m
* *kubelet_secure_addresses* - By default *kubelet_systemd_hardening* set the **control plane** `ansible_host` IPs as the `kubelet_secure_addresses`. In case you have multiple interfaces in your control plane nodes and the `kube-apiserver` is not bound to the default interface, you can override them with this variable. * *kubelet_secure_addresses* - By default *kubelet_systemd_hardening* set the **control plane** `ansible_host` IPs as the `kubelet_secure_addresses`. In case you have multiple interfaces in your control plane nodes and the `kube-apiserver` is not bound to the default interface, you can override them with this variable.
Example: Example:
The **control plane** node may have 2 interfaces with the following IP addresses: `eth0:10.0.0.110`, `eth1:192.168.1.110`. The **control plane** node may have 2 interfaces with the following IP addresses: `eth0:10.0.0.110`, `eth1:192.168.1.110`.
By default the `kubelet_secure_addresses` is set with the `10.0.0.110` the ansible control host uses `eth0` to connect to the machine. In case you want to use `eth1` as the outgoing interface on which `kube-apiserver` connects to the `kubelet`s, you should override the variable in this way: `kubelet_secure_addresses: "192.168.1.110"`. By default the `kubelet_secure_addresses` is set with the `10.0.0.110` the ansible control host uses `eth0` to connect to the machine. In case you want to use `eth1` as the outgoing interface on which `kube-apiserver` connects to the `kubelet`s, you should override the variable in this way: `kubelet_secure_addresses: "192.168.1.110"`.
* *node_labels* - Labels applied to nodes via `kubectl label node`. * *node_labels* - Labels applied to nodes via `kubectl label node`.

2
inventory/sample/group_vars/all/etcd.yml
View File

@ -13,4 +13,4 @@ etcd_data_dir: /var/lib/etcd
## Settings for etcd deployment type ## Settings for etcd deployment type
# Set this to docker if you are using container_manager: docker # Set this to docker if you are using container_manager: docker
etcd_deployment_type: host etcd_deployment_type: host

2
inventory/sample/group_vars/all/upcloud.yml
View File

@ -21,4 +21,4 @@
# is_default: false # is_default: false
# expand_persistent_volumes: true # expand_persistent_volumes: true
# parameters: # parameters:
# tier: hdd # tier: hdd

2
inventory/sample/patches/kube-controller-manager+merge.yaml
View File

@ -5,4 +5,4 @@ metadata:
name: kube-controller-manager name: kube-controller-manager
annotations: annotations:
prometheus.io/scrape: 'true' prometheus.io/scrape: 'true'
prometheus.io/port: '10257' prometheus.io/port: '10257'

2
inventory/sample/patches/kube-scheduler+merge.yaml
View File

@ -5,4 +5,4 @@ metadata:
name: kube-scheduler name: kube-scheduler
annotations: annotations:
prometheus.io/scrape: 'true' prometheus.io/scrape: 'true'
prometheus.io/port: '10259' prometheus.io/port: '10259'

2
logo/logo-clear.svg
View File

@ -77,4 +77,4 @@
</g> </g>
</g> </g>
</g> </g>
</svg> </svg>

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 8.1 KiB

After

Width:  |  Height:  |  Size: 8.1 KiB

2
logo/logo-dark.svg
View File

@ -80,4 +80,4 @@
</g> </g>
</g> </g>
</g> </g>
</svg> </svg>

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 8.5 KiB

After

Width:  |  Height:  |  Size: 8.5 KiB

2
logo/logo-text-clear.svg
View File

@ -104,4 +104,4 @@
</g> </g>
</g> </g>
</g> </g>
</svg> </svg>

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 17 KiB

After

Width:  |  Height:  |  Size: 17 KiB

2
logo/logo-text-dark.svg
View File

@ -107,4 +107,4 @@
</g> </g>
</g> </g>
</g> </g>
</svg> </svg>

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 17 KiB

After

Width:  |  Height:  |  Size: 17 KiB

2
logo/logo-text-mixed.svg
View File

@ -107,4 +107,4 @@
</g> </g>
</g> </g>
</g> </g>
</svg> </svg>

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 18 KiB

After

Width:  |  Height:  |  Size: 18 KiB

2
pipeline.Dockerfile
View File

@ -48,4 +48,4 @@ RUN wget https://releases.hashicorp.com/vagrant/${VAGRANT_VERSION}/vagrant_${VAG
# Install Kubernetes collections # Install Kubernetes collections
RUN pip3 install kubernetes \ RUN pip3 install kubernetes \
&& ansible-galaxy collection install kubernetes.core && ansible-galaxy collection install kubernetes.core

4
requirements-2.11.txt
View File

@ -2,9 +2,9 @@ ansible==4.10.0
ansible-core==2.11.11 ansible-core==2.11.11
cryptography==3.4.8 cryptography==3.4.8
jinja2==2.11.3 jinja2==2.11.3
jmespath==0.9.5
MarkupSafe==1.1.1
netaddr==0.7.19 netaddr==0.7.19
pbr==5.4.4 pbr==5.4.4
jmespath==0.9.5
ruamel.yaml==0.16.10 ruamel.yaml==0.16.10
ruamel.yaml.clib==0.2.7 ruamel.yaml.clib==0.2.7
MarkupSafe==1.1.1

4
requirements-2.12.txt
View File

@ -2,9 +2,9 @@ ansible==5.7.1
ansible-core==2.12.5 ansible-core==2.12.5
cryptography==3.4.8 cryptography==3.4.8
jinja2==2.11.3 jinja2==2.11.3
jmespath==0.9.5
MarkupSafe==1.1.1
netaddr==0.7.19 netaddr==0.7.19
pbr==5.4.4 pbr==5.4.4
jmespath==0.9.5
ruamel.yaml==0.16.10 ruamel.yaml==0.16.10
ruamel.yaml.clib==0.2.7 ruamel.yaml.clib==0.2.7
MarkupSafe==1.1.1

2
roles/bastion-ssh-config/defaults/main.yml
View File

@ -1,2 +1,2 @@
--- ---
ssh_bastion_confing__name: ssh-bastion.conf ssh_bastion_confing__name: ssh-bastion.conf

2
roles/container-engine/containerd-common/meta/main.yml
View File

@ -1,2 +1,2 @@
--- ---
allow_duplicates: true allow_duplicates: true

2
roles/container-engine/cri-o/templates/config.json.j2
View File

@ -1,5 +1,5 @@
{% if crio_registry_auth is defined and crio_registry_auth|length %} {% if crio_registry_auth is defined and crio_registry_auth|length %}
{ {
{% for reg in crio_registry_auth %} {% for reg in crio_registry_auth %}
"auths": { "auths": {
"{{ reg.registry }}": { "{{ reg.registry }}": {

2
roles/container-engine/docker/templates/docker-dns.conf.j2
View File

@ -3,4 +3,4 @@ Environment="DOCKER_DNS_OPTIONS=\
{% for d in docker_dns_servers %}--dns {{ d }} {% endfor %} \ {% for d in docker_dns_servers %}--dns {{ d }} {% endfor %} \
{% for d in docker_dns_search_domains %}--dns-search {{ d }} {% endfor %} \ {% for d in docker_dns_search_domains %}--dns-search {{ d }} {% endfor %} \
{% for o in docker_dns_options %}--dns-opt {{ o }} {% endfor %} \ {% for o in docker_dns_options %}--dns-opt {{ o }} {% endfor %} \
" "

2
roles/container-engine/docker/templates/docker-orphan-cleanup.conf.j2
View File

@ -1,2 +1,2 @@
[Service] [Service]
ExecStartPost=-{{ bin_dir }}/cleanup-docker-orphans.sh ExecStartPost=-{{ bin_dir }}/cleanup-docker-orphans.sh

2
roles/container-engine/kata-containers/templates/configuration-qemu.toml.j2
View File

@ -375,7 +375,7 @@ valid_entropy_sources = ["/dev/urandom","/dev/random",""]
# When enable_guest_swap is enabled, insert a raw file to the guest as the swap device # When enable_guest_swap is enabled, insert a raw file to the guest as the swap device
# if the swappiness of a container (set by annotation "io.katacontainers.container.resource.swappiness") # if the swappiness of a container (set by annotation "io.katacontainers.container.resource.swappiness")
# is bigger than 0. # is bigger than 0.
# The size of the swap device should be # The size of the swap device should be
# swap_in_bytes (set by annotation "io.katacontainers.container.resource.swap_in_bytes") - memory_limit_in_bytes. # swap_in_bytes (set by annotation "io.katacontainers.container.resource.swap_in_bytes") - memory_limit_in_bytes.
# If swap_in_bytes is not set, the size should be memory_limit_in_bytes. # If swap_in_bytes is not set, the size should be memory_limit_in_bytes.
# If swap_in_bytes and memory_limit_in_bytes is not set, the size should # If swap_in_bytes and memory_limit_in_bytes is not set, the size should

2
roles/etcd/templates/etcd.env.j2
View File

@ -65,4 +65,4 @@ ETCDCTL_CERT={{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem
# ETCD 3.5.x issue # ETCD 3.5.x issue
# https://groups.google.com/a/kubernetes.io/g/dev/c/B7gJs88XtQc/m/rSgNOzV2BwAJ?utm_medium=email&utm_source=footer # https://groups.google.com/a/kubernetes.io/g/dev/c/B7gJs88XtQc/m/rSgNOzV2BwAJ?utm_medium=email&utm_source=footer
ETCD_EXPERIMENTAL_INITIAL_CORRUPT_CHECK={{ etcd_experimental_initial_corrupt_check }} ETCD_EXPERIMENTAL_INITIAL_CORRUPT_CHECK={{ etcd_experimental_initial_corrupt_check }}

1
roles/kubernetes-apps/cloud_controller/oci/templates/controller-manager-config.yml.j2
View File

@ -87,4 +87,3 @@ rateLimiter:
rateLimitBucketWrite: {{ oci_rate_limit.rate_limit_bucket_write }} rateLimitBucketWrite: {{ oci_rate_limit.rate_limit_bucket_write }}
{% endif %} {% endif %}
{% endif %} {% endif %}

1
roles/kubernetes-apps/cloud_controller/oci/templates/oci-cloud-provider.yml.j2
View File

@ -70,4 +70,3 @@ spec:
- name: kubernetes - name: kubernetes
mountPath: /etc/kubernetes mountPath: /etc/kubernetes
readOnly: true readOnly: true

1
roles/kubernetes-apps/csi_driver/aws_ebs/templates/aws-ebs-csi-controllerservice.yml.j2
View File

@ -129,4 +129,3 @@ spec:
volumes: volumes:
- name: socket-dir - name: socket-dir
emptyDir: {} emptyDir: {}

2
roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-cloud-config.j2
View File

@ -41,4 +41,4 @@ node-volume-attach-limit="{{ node_volume_attach_limit }}"
{% endif %} {% endif %}
{% if cinder_csi_rescan_on_resize is defined %} {% if cinder_csi_rescan_on_resize is defined %}
rescan-on-resize={{ cinder_csi_rescan_on_resize | bool }} rescan-on-resize={{ cinder_csi_rescan_on_resize | bool }}
{% endif %} {% endif %}

2
roles/kubernetes-apps/csi_driver/upcloud/defaults/main.yml
View File

@ -13,4 +13,4 @@ upcloud_csi_snapshot_controller_replicas: 2
upcloud_csi_snapshotter_image_tag: "v4.2.1" upcloud_csi_snapshotter_image_tag: "v4.2.1"
upcloud_csi_snapshot_controller_image_tag: "v4.2.1" upcloud_csi_snapshot_controller_image_tag: "v4.2.1"
upcloud_csi_snapshot_validation_webhook_image_tag: "v4.2.1" upcloud_csi_snapshot_validation_webhook_image_tag: "v4.2.1"
upcloud_cacert: "{{ lookup('env','OS_CACERT') }}" upcloud_cacert: "{{ lookup('env','OS_CACERT') }}"

2
roles/kubernetes-apps/csi_driver/upcloud/tasks/main.yml
View File

@ -37,4 +37,4 @@
- inventory_hostname == groups['kube_control_plane'][0] - inventory_hostname == groups['kube_control_plane'][0]
- not item is skipped - not item is skipped
loop_control: loop_control:
label: "{{ item.item.file }}" label: "{{ item.item.file }}"

2
roles/kubernetes-apps/csi_driver/upcloud/templates/upcloud-csi-controller.yml.j2
View File

@ -90,4 +90,4 @@ spec:
- name: regcred - name: regcred
volumes: volumes:
- name: socket-dir - name: socket-dir
emptyDir: {} emptyDir: {}

2
roles/kubernetes-apps/csi_driver/upcloud/templates/upcloud-csi-driver.yml.j2
View File

@ -5,4 +5,4 @@ metadata:
spec: spec:
attachRequired: true attachRequired: true
podInfoOnMount: true podInfoOnMount: true
fsGroupPolicy: File fsGroupPolicy: File

2
roles/kubernetes-apps/csi_driver/upcloud/templates/upcloud-csi-node.yml.j2
View File

@ -98,4 +98,4 @@ spec:
{% if upcloud_tolerations %} {% if upcloud_tolerations %}
tolerations: tolerations:
{{ upcloud_tolerations | to_nice_yaml(indent=2) | indent(width=8) }} {{ upcloud_tolerations | to_nice_yaml(indent=2) | indent(width=8) }}
{% endif %} {% endif %}

2
roles/kubernetes-apps/csi_driver/upcloud/templates/upcloud-csi-setup.yml.j2
View File

@ -182,4 +182,4 @@ subjects:
roleRef: roleRef:
kind: ClusterRole kind: ClusterRole
name: csi-upcloud-resizer-role name: csi-upcloud-resizer-role
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io

2
roles/kubernetes-apps/csi_driver/vsphere/templates/vsphere-csi-namespace.yml.j2
View File

@ -1,4 +1,4 @@
apiVersion: v1 apiVersion: v1
kind: Namespace kind: Namespace
metadata: metadata:
name: "{{ vsphere_csi_namespace }}" name: "{{ vsphere_csi_namespace }}"

2
roles/kubernetes-apps/ingress_controller/alb_ingress_controller/OWNERS
View File

@ -3,4 +3,4 @@
approvers: approvers:
- kubespray-approvers - kubespray-approvers
reviewers: reviewers:
- kubespray-reviewers - kubespray-reviewers

2
roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml
View File

@ -17,4 +17,4 @@ ingress_nginx_termination_grace_period_seconds: 300
ingress_nginx_webhook_enabled: false ingress_nginx_webhook_enabled: false
ingress_nginx_webhook_job_ttl: 1800 ingress_nginx_webhook_job_ttl: 1800
ingress_nginx_probe_initial_delay_seconds: 10 ingress_nginx_probe_initial_delay_seconds: 10

2
roles/kubernetes-apps/metrics_server/defaults/main.yml
View File

@ -8,4 +8,4 @@ metrics_server_limits_memory: 200Mi
metrics_server_requests_cpu: 100m metrics_server_requests_cpu: 100m
metrics_server_requests_memory: 200Mi metrics_server_requests_memory: 200Mi
metrics_server_host_network: false metrics_server_host_network: false
metrics_server_replicas: 1 metrics_server_replicas: 1

2
roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2
View File

@ -104,4 +104,4 @@ spec:
- metrics-server - metrics-server
topologyKey: kubernetes.io/hostname topologyKey: kubernetes.io/hostname
namespaces: namespaces:
- kube-system - kube-system

2
roles/kubernetes-apps/network_plugin/kube-router/OWNERS
View File

@ -3,4 +3,4 @@
approvers: approvers:
- bozzo - bozzo
reviewers: reviewers:
- bozzo - bozzo

2
roles/kubernetes-apps/persistent_volumes/meta/main.yml
View File

@ -40,4 +40,4 @@ dependencies:
- upcloud_csi_enabled - upcloud_csi_enabled
tags: tags:
- persistent_volumes_upcloud_csi - persistent_volumes_upcloud_csi
- upcloud-csi-driver - upcloud-csi-driver

2
roles/kubernetes/control-plane/tasks/psp-install.yml
View File

@ -35,4 +35,4 @@
environment: environment:
KUBECONFIG: "{{ kube_config_dir }}/admin.conf" KUBECONFIG: "{{ kube_config_dir }}/admin.conf"
loop_control: loop_control:
label: "{{ item.item.file }}" label: "{{ item.item.file }}"

2
roles/kubernetes/control-plane/templates/kubeadm-controlplane.v1beta3.yaml.j2
View File

@ -31,4 +31,4 @@ nodeRegistration:
{% if kubeadm_patches is defined and kubeadm_patches.enabled %} {% if kubeadm_patches is defined and kubeadm_patches.enabled %}
patches: patches:
directory: {{ kubeadm_patches.dest_dir }} directory: {{ kubeadm_patches.dest_dir }}
{% endif %} {% endif %}

3
roles/kubernetes/node/templates/cloud-configs/gce-cloud-config.j2
View File

@ -1,3 +1,2 @@
[global] [global]
node-tags = {{ gce_node_tags }} node-tags = {{ gce_node_tags }}

1
roles/kubernetes/node/templates/manifests/kube-vip.manifest.j2
View File

@ -94,4 +94,3 @@ spec:
path: /etc/kubernetes/admin.conf path: /etc/kubernetes/admin.conf
name: kubeconfig name: kubeconfig
status: {} status: {}

1
roles/network_plugin/canal/templates/canal-config.yaml.j2
View File

@ -77,4 +77,3 @@ data:
"Type": "vxlan" "Type": "vxlan"
} }
} }

2
roles/network_plugin/cilium/templates/cilium/secret.yml.j2
View File

@ -6,4 +6,4 @@ kind: Secret
metadata: metadata:
name: cilium-ipsec-keys name: cilium-ipsec-keys
namespace: kube-system namespace: kube-system
type: Opaque type: Opaque

2
roles/network_plugin/kube-router/OWNERS
View File

@ -3,4 +3,4 @@
approvers: approvers:
- bozzo - bozzo
reviewers: reviewers:
- bozzo - bozzo

1
roles/network_plugin/macvlan/files/ifdown-macvlan
View File

@ -38,4 +38,3 @@ fi
${OTHERSCRIPT} ${CONFIG} ${OTHERSCRIPT} ${CONFIG}
ip link del ${DEVICE} type ${TYPE:-macvlan} ip link del ${DEVICE} type ${TYPE:-macvlan}

1
roles/network_plugin/macvlan/files/ifup-macvlan
View File

@ -41,4 +41,3 @@ ip link add \
type ${TYPE:-macvlan} mode ${MACVLAN_MODE:-private} type ${TYPE:-macvlan} mode ${MACVLAN_MODE:-private}
${OTHERSCRIPT} ${CONFIG} ${OTHERSCRIPT} ${CONFIG}

1
roles/network_plugin/macvlan/templates/centos-network-macvlan.cfg.j2
View File

@ -11,4 +11,3 @@ MACVLAN_MODE=bridge
IPADDR={{ node_pod_cidr|ipaddr('net')|ipaddr(1)|ipaddr('address') }} IPADDR={{ node_pod_cidr|ipaddr('net')|ipaddr(1)|ipaddr('address') }}
NETMASK={{ node_pod_cidr|ipaddr('netmask') }} NETMASK={{ node_pod_cidr|ipaddr('netmask') }}
NETWORK={{ node_pod_cidr|ipaddr('network') }} NETWORK={{ node_pod_cidr|ipaddr('network') }}

1
roles/network_plugin/macvlan/templates/centos-postdown-macvlan.cfg.j2
View File

@ -1,4 +1,3 @@
{% if enable_nat_default_gateway %} {% if enable_nat_default_gateway %}
iptables -t nat -D POSTROUTING -s {{ node_pod_cidr|ipaddr('net') }} -o {{ node_default_gateway_interface }} -j MASQUERADE iptables -t nat -D POSTROUTING -s {{ node_pod_cidr|ipaddr('net') }} -o {{ node_default_gateway_interface }} -j MASQUERADE
{% endif %} {% endif %}

1
roles/network_plugin/macvlan/templates/centos-postup-macvlan.cfg.j2
View File

@ -1,4 +1,3 @@
{% if enable_nat_default_gateway %} {% if enable_nat_default_gateway %}
iptables -t nat -I POSTROUTING -s {{ node_pod_cidr|ipaddr('net') }} -o {{ node_default_gateway_interface }} -j MASQUERADE iptables -t nat -I POSTROUTING -s {{ node_pod_cidr|ipaddr('net') }} -o {{ node_default_gateway_interface }} -j MASQUERADE
{% endif %} {% endif %}

1
roles/network_plugin/macvlan/templates/coreos-network-macvlan.cfg.j2
View File

@ -15,4 +15,3 @@ GatewayOnlink=yes
{% endif %} {% endif %}
{% endif %} {% endif %}
{% endfor %} {% endfor %}

1
roles/network_plugin/macvlan/templates/debian-network-macvlan.cfg.j2
View File

@ -24,4 +24,3 @@ iface mac0 inet static
{% endfor %} {% endfor %}
post-down iptables -t nat -D POSTROUTING -s {{ node_pod_cidr|ipaddr('net') }} -o {{ node_default_gateway_interface }} -j MASQUERADE post-down iptables -t nat -D POSTROUTING -s {{ node_pod_cidr|ipaddr('net') }} -o {{ node_default_gateway_interface }} -j MASQUERADE
post-down ip link delete mac0 post-down ip link delete mac0

2
roles/network_plugin/weave/templates/weave-net.yml.j2
View File

@ -233,7 +233,7 @@ items:
{% if weave_npc_extra_args %} {% if weave_npc_extra_args %}
- name: EXTRA_ARGS - name: EXTRA_ARGS
value: "{{ weave_npc_extra_args }}" value: "{{ weave_npc_extra_args }}"
{% endif %} {% endif %}
image: {{ weave_npc_image_repo }}:{{ weave_npc_image_tag }} image: {{ weave_npc_image_repo }}:{{ weave_npc_image_tag }}
imagePullPolicy: {{ k8s_image_pull_policy }} imagePullPolicy: {{ k8s_image_pull_policy }}
resources: resources:

45
run.rc 100644
View File

@ -0,0 +1,45 @@
# use virtualenv to install all python requirements
VENVDIR=venv
python3 -m venv $VENVDIR
source $VENVDIR/bin/activate
pip install --upgrade pip
pip install wheel
pip install --upgrade setuptools
pip install -r requirements.txt
pip install -r tests/requirements.txt
pre-commit install
# prepare an inventory to test with
INV=inventory/lab
rm -rf ${INV}.bak &> /dev/null
mv ${INV} ${INV}.bak &> /dev/null
cp -a inventory/sample ${INV}
rm -f ${INV}/hosts.ini
# customize the vagrant environment
mkdir vagrant
cat << EOF > vagrant/config.rb
\$instance_name_prefix = kub"
\$vm_cpus = 2
\$num_instances = 3
\$os = "almalinux8"
\$subnet = "192.168.56"
\$network_plugin = "calico"
\$inventory = "$INV"
\$shared_folders = { 'temp/docker_rpms' => "/var/cache/yum/x86_64/7/docker-ce/packages" }
EOF
# make the rpm cache
mkdir -p temp/docker_rpms
vagrant up
# make a copy of the downloaded docker rpm, to speed up the next provisioning run
scp kub-1:/var/cache/yum/x86_64/7/docker-ce/packages/* temp/docker_rpms/
# copy kubectl access configuration in place
mkdir $HOME/.kube/ &> /dev/null
ln -s $PWD/$INV/artifacts/admin.conf $HOME/.kube/config
# make the kubectl binary available
sudo ln -s $PWD/$INV/artifacts/kubectl /usr/local/bin/kubectl
#or
export PATH=$PATH:$PWD/$INV/artifacts

2
tests/files/vagrant_ubuntu18-flannel.rb
View File

@ -4,4 +4,4 @@ $libvirt_volume_cache = "unsafe"
# Checking for box update can trigger API rate limiting # Checking for box update can trigger API rate limiting
# https://www.vagrantup.com/docs/vagrant-cloud/request-limits.html # https://www.vagrantup.com/docs/vagrant-cloud/request-limits.html
$box_check_update = false $box_check_update = false
$vm_cpus = 2 $vm_cpus = 2

2
tests/files/vagrant_ubuntu20-flannel.rb
View File

@ -6,4 +6,4 @@ $libvirt_volume_cache = "unsafe"
# Checking for box update can trigger API rate limiting # Checking for box update can trigger API rate limiting
# https://www.vagrantup.com/docs/vagrant-cloud/request-limits.html # https://www.vagrantup.com/docs/vagrant-cloud/request-limits.html
$box_check_update = false $box_check_update = false
$vm_cpus = 2 $vm_cpus = 2

12
tests/requirements-2.11.txt
View File

@ -1,11 +1,11 @@
-r ../requirements-2.11.txt -r ../requirements-2.11.txt
yamllint==1.19.0
apache-libcloud==2.2.1
tox==3.11.1
dopy==0.3.7
ansible-lint==5.4.0 ansible-lint==5.4.0
apache-libcloud==2.2.1
ara[server]==1.6.1
dopy==0.3.7
molecule==3.0.6 molecule==3.0.6
molecule-vagrant==0.3 molecule-vagrant==0.3
testinfra==5.2.2
python-vagrant==0.5.15 python-vagrant==0.5.15
ara[server]==1.6.1 testinfra==5.2.2
tox==3.11.1
yamllint==1.19.0

12
tests/requirements-2.12.txt
View File

@ -1,11 +1,11 @@
-r ../requirements-2.12.txt -r ../requirements-2.12.txt
yamllint==1.19.0
apache-libcloud==2.2.1
tox==3.11.1
dopy==0.3.7
ansible-lint==5.4.0 ansible-lint==5.4.0
apache-libcloud==2.2.1
ara[server]==1.6.1
dopy==0.3.7
molecule==3.0.6 molecule==3.0.6
molecule-vagrant==0.3 molecule-vagrant==0.3
testinfra==5.2.2
python-vagrant==0.5.15 python-vagrant==0.5.15
ara[server]==1.6.1 testinfra==5.2.2
tox==3.11.1
yamllint==1.19.0

2
tests/scripts/md-table/requirements.txt
View File

@ -1,4 +1,4 @@
pyaml
jinja2 jinja2
pathlib ; python_version < '3.10' pathlib ; python_version < '3.10'
pyaml
pydblite pydblite

4
tests/scripts/md-table/table.md.j2
View File

@ -1,6 +1,6 @@
# CI test coverage # CI test coverage
To generate this Matrix run `./tests/scripts/md-table/main.py` To generate this Matrix run `./tests/scripts/md-table/main.py`
{%- for container_engine in container_engines %} {%- for container_engine in container_engines %}
@ -12,4 +12,4 @@ To generate this Matrix run `./tests/scripts/md-table/main.py`
{{ os }} | {% for cni in network_plugins %} {{ ':white_check_mark:' if exists(container_engine, cni, os) else ':x:' }} |{% endfor %} {{ os }} | {% for cni in network_plugins %} {{ ':white_check_mark:' if exists(container_engine, cni, os) else ':x:' }} |{% endfor %}
{%- endfor %} {%- endfor %}
{%- endfor %} {%- endfor %}

2
tests/scripts/md-table/test.sh
View File

@ -8,4 +8,4 @@ echo "Generate current file..."
./tests/scripts/md-table/main.py > tmp.md ./tests/scripts/md-table/main.py > tmp.md
echo "Compare docs/ci.md with actual tests in tests/files/*.yml ..." echo "Compare docs/ci.md with actual tests in tests/files/*.yml ..."
cmp docs/ci.md tmp.md cmp docs/ci.md tmp.md

2
tests/scripts/vagrant_clean.sh
View File

@ -16,4 +16,4 @@ done
for i in $(virsh vol-list default|grep \.img |grep -v VAGRANTSLASH | cut -f 2 -d ' ') for i in $(virsh vol-list default|grep \.img |grep -v VAGRANTSLASH | cut -f 2 -d ' ')
do do
virsh vol-delete "$i" --pool default virsh vol-delete "$i" --pool default
done done