pre-commit autocorrected files (#9750)
|
@ -24,7 +24,14 @@ skip_list:
|
||||||
# (Disabled in June 2021)
|
# (Disabled in June 2021)
|
||||||
- 'role-name'
|
- 'role-name'
|
||||||
|
|
||||||
|
- 'experimental'
|
||||||
# [var-naming] "defaults/main.yml" File defines variable 'apiVersion' that violates variable naming standards
|
# [var-naming] "defaults/main.yml" File defines variable 'apiVersion' that violates variable naming standards
|
||||||
# In Kubespray we use variables that use camelCase to match their k8s counterparts
|
# In Kubespray we use variables that use camelCase to match their k8s counterparts
|
||||||
# (Disabled in June 2021)
|
# (Disabled in June 2021)
|
||||||
- 'var-naming'
|
- 'var-naming'
|
||||||
|
- 'var-spacing'
|
||||||
|
|
||||||
|
# [fqcn-builtins]
|
||||||
|
# Roles in kubespray don't need fully qualified collection names
|
||||||
|
# (Disabled in Feb 2023)
|
||||||
|
- 'fqcn-builtins'
|
||||||
|
|
|
@ -1,5 +1,20 @@
|
||||||
---
|
---
|
||||||
repos:
|
repos:
|
||||||
|
|
||||||
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
||||||
|
rev: v3.4.0
|
||||||
|
hooks:
|
||||||
|
- id: check-added-large-files
|
||||||
|
- id: check-case-conflict
|
||||||
|
- id: check-executables-have-shebangs
|
||||||
|
- id: check-xml
|
||||||
|
- id: check-merge-conflict
|
||||||
|
- id: detect-private-key
|
||||||
|
- id: end-of-file-fixer
|
||||||
|
- id: forbid-new-submodules
|
||||||
|
- id: requirements-txt-fixer
|
||||||
|
- id: trailing-whitespace
|
||||||
|
|
||||||
- repo: https://github.com/adrienverge/yamllint.git
|
- repo: https://github.com/adrienverge/yamllint.git
|
||||||
rev: v1.27.1
|
rev: v1.27.1
|
||||||
hooks:
|
hooks:
|
||||||
|
|
2
LICENSE
|
@ -187,7 +187,7 @@
|
||||||
identification within third-party archives.
|
identification within third-party archives.
|
||||||
|
|
||||||
Copyright 2016 Kubespray
|
Copyright 2016 Kubespray
|
||||||
|
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
you may not use this file except in compliance with the License.
|
you may not use this file except in compliance with the License.
|
||||||
You may obtain a copy of the License at
|
You may obtain a copy of the License at
|
||||||
|
|
2
OWNERS
|
@ -5,4 +5,4 @@ approvers:
|
||||||
reviewers:
|
reviewers:
|
||||||
- kubespray-reviewers
|
- kubespray-reviewers
|
||||||
emeritus_approvers:
|
emeritus_approvers:
|
||||||
- kubespray-emeritus_approvers
|
- kubespray-emeritus_approvers
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
boto3 # Apache-2.0
|
boto3 # Apache-2.0
|
||||||
|
|
|
@ -1,2 +1,2 @@
|
||||||
.generated
|
.generated
|
||||||
/inventory
|
/inventory
|
||||||
|
|
|
@ -31,4 +31,3 @@
|
||||||
[k8s_cluster:children]
|
[k8s_cluster:children]
|
||||||
kube_node
|
kube_node
|
||||||
kube_control_plane
|
kube_control_plane
|
||||||
|
|
||||||
|
|
|
@ -27,4 +27,4 @@
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
|
@ -103,4 +103,4 @@
|
||||||
}
|
}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,4 +5,4 @@
|
||||||
"variables": {},
|
"variables": {},
|
||||||
"resources": [],
|
"resources": [],
|
||||||
"outputs": {}
|
"outputs": {}
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,4 +16,4 @@
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
configparser>=3.3.0
|
configparser>=3.3.0
|
||||||
ruamel.yaml>=0.15.88
|
|
||||||
ipaddress
|
ipaddress
|
||||||
|
ruamel.yaml>=0.15.88
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
hacking>=0.10.2
|
hacking>=0.10.2
|
||||||
pytest>=2.8.0
|
|
||||||
mock>=1.3.0
|
mock>=1.3.0
|
||||||
|
pytest>=2.8.0
|
||||||
|
|
|
@ -1,3 +1,2 @@
|
||||||
#k8s_deployment_user: kubespray
|
#k8s_deployment_user: kubespray
|
||||||
#k8s_deployment_user_pkey_path: /tmp/ssh_rsa
|
#k8s_deployment_user_pkey_path: /tmp/ssh_rsa
|
||||||
|
|
||||||
|
|
|
@ -41,4 +41,3 @@
|
||||||
|
|
||||||
# [network-storage:children]
|
# [network-storage:children]
|
||||||
# gfs-cluster
|
# gfs-cluster
|
||||||
|
|
||||||
|
|
|
@ -21,4 +21,3 @@
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -13,4 +13,3 @@ output "k8s_etcds" {
|
||||||
output "k8s_nodes" {
|
output "k8s_nodes" {
|
||||||
value = equinix_metal_device.k8s_node.*.access_public_ipv4
|
value = equinix_metal_device.k8s_node.*.access_public_ipv4
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -54,4 +54,3 @@ variable "number_of_etcd" {
|
||||||
variable "number_of_k8s_nodes" {
|
variable "number_of_k8s_nodes" {
|
||||||
default = 1
|
default = 1
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -53,4 +53,4 @@ resource "null_resource" "inventories" {
|
||||||
triggers = {
|
triggers = {
|
||||||
template = data.template_file.inventory.rendered
|
template = data.template_file.inventory.rendered
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -24,4 +24,4 @@ output "cluster_private_network_cidr" {
|
||||||
|
|
||||||
output "network_id" {
|
output "network_id" {
|
||||||
value = hcloud_network.kubernetes.id
|
value = hcloud_network.kubernetes.id
|
||||||
}
|
}
|
||||||
|
|
|
@ -13,4 +13,4 @@ storage:
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
hostname="$(hostname)"
|
hostname="$(hostname)"
|
||||||
echo My name is ${name} and the hostname is $${hostname}
|
echo My name is ${name} and the hostname is $${hostname}
|
||||||
|
|
|
@ -10,4 +10,4 @@ terraform {
|
||||||
source = "hashicorp/null"
|
source = "hashicorp/null"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -24,4 +24,4 @@ output "cluster_private_network_cidr" {
|
||||||
|
|
||||||
output "network_id" {
|
output "network_id" {
|
||||||
value = hcloud_network.kubernetes.id
|
value = hcloud_network.kubernetes.id
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,4 +14,3 @@ ssh_authorized_keys:
|
||||||
%{ for ssh_public_key in ssh_public_keys ~}
|
%{ for ssh_public_key in ssh_public_keys ~}
|
||||||
- ${ssh_public_key}
|
- ${ssh_public_key}
|
||||||
%{ endfor ~}
|
%{ endfor ~}
|
||||||
|
|
||||||
|
|
|
@ -44,4 +44,3 @@ resource "openstack_networking_floatingip_v2" "k8s_nodes" {
|
||||||
pool = var.floatingip_pool
|
pool = var.floatingip_pool
|
||||||
depends_on = [null_resource.dummy_dependency]
|
depends_on = [null_resource.dummy_dependency]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -86,4 +86,4 @@ floatingip_pool = "<pool>"
|
||||||
bastion_allowed_remote_ips = ["0.0.0.0/0"]
|
bastion_allowed_remote_ips = ["0.0.0.0/0"]
|
||||||
|
|
||||||
# Force port security to be null. Some cloud providers do not allow to set port security.
|
# Force port security to be null. Some cloud providers do not allow to set port security.
|
||||||
# force_null_port_security = false
|
# force_null_port_security = false
|
||||||
|
|
|
@ -80,7 +80,7 @@ resource "upcloud_server" "master" {
|
||||||
lifecycle {
|
lifecycle {
|
||||||
ignore_changes = [storage_devices]
|
ignore_changes = [storage_devices]
|
||||||
}
|
}
|
||||||
|
|
||||||
firewall = var.firewall_enabled
|
firewall = var.firewall_enabled
|
||||||
|
|
||||||
dynamic "storage_devices" {
|
dynamic "storage_devices" {
|
||||||
|
@ -525,7 +525,7 @@ resource "upcloud_loadbalancer_backend" "lb_backend" {
|
||||||
|
|
||||||
resource "upcloud_loadbalancer_frontend" "lb_frontend" {
|
resource "upcloud_loadbalancer_frontend" "lb_frontend" {
|
||||||
for_each = var.loadbalancer_enabled ? var.loadbalancers : {}
|
for_each = var.loadbalancer_enabled ? var.loadbalancers : {}
|
||||||
|
|
||||||
loadbalancer = upcloud_loadbalancer.lb[0].id
|
loadbalancer = upcloud_loadbalancer.lb[0].id
|
||||||
name = "lb-frontend-${each.key}"
|
name = "lb-frontend-${each.key}"
|
||||||
mode = "tcp"
|
mode = "tcp"
|
||||||
|
@ -535,7 +535,7 @@ resource "upcloud_loadbalancer_frontend" "lb_frontend" {
|
||||||
|
|
||||||
resource "upcloud_loadbalancer_static_backend_member" "lb_backend_member" {
|
resource "upcloud_loadbalancer_static_backend_member" "lb_backend_member" {
|
||||||
for_each = {
|
for_each = {
|
||||||
for be_server in local.lb_backend_servers:
|
for be_server in local.lb_backend_servers:
|
||||||
"${be_server.server_name}-lb-backend-${be_server.lb_name}" => be_server
|
"${be_server.server_name}-lb-backend-${be_server.lb_name}" => be_server
|
||||||
if var.loadbalancer_enabled
|
if var.loadbalancer_enabled
|
||||||
}
|
}
|
||||||
|
|
|
@ -189,7 +189,7 @@ Stack](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/dns-stack.m
|
||||||
* *http_proxy/https_proxy/no_proxy/no_proxy_exclude_workers/additional_no_proxy* - Proxy variables for deploying behind a
|
* *http_proxy/https_proxy/no_proxy/no_proxy_exclude_workers/additional_no_proxy* - Proxy variables for deploying behind a
|
||||||
proxy. Note that no_proxy defaults to all internal cluster IPs and hostnames
|
proxy. Note that no_proxy defaults to all internal cluster IPs and hostnames
|
||||||
that correspond to each node.
|
that correspond to each node.
|
||||||
|
|
||||||
* *kubelet_cgroup_driver* - Allows manual override of the cgroup-driver option for Kubelet.
|
* *kubelet_cgroup_driver* - Allows manual override of the cgroup-driver option for Kubelet.
|
||||||
By default autodetection is used to match container manager configuration.
|
By default autodetection is used to match container manager configuration.
|
||||||
`systemd` is the preferred driver for `containerd` though it can have issues with `cgroups v1` and `kata-containers` in which case you may want to change to `cgroupfs`.
|
`systemd` is the preferred driver for `containerd` though it can have issues with `cgroups v1` and `kata-containers` in which case you may want to change to `cgroupfs`.
|
||||||
|
@ -213,9 +213,9 @@ Stack](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/dns-stack.m
|
||||||
|
|
||||||
* *kubelet_secure_addresses* - By default *kubelet_systemd_hardening* set the **control plane** `ansible_host` IPs as the `kubelet_secure_addresses`. In case you have multiple interfaces in your control plane nodes and the `kube-apiserver` is not bound to the default interface, you can override them with this variable.
|
* *kubelet_secure_addresses* - By default *kubelet_systemd_hardening* set the **control plane** `ansible_host` IPs as the `kubelet_secure_addresses`. In case you have multiple interfaces in your control plane nodes and the `kube-apiserver` is not bound to the default interface, you can override them with this variable.
|
||||||
Example:
|
Example:
|
||||||
|
|
||||||
The **control plane** node may have 2 interfaces with the following IP addresses: `eth0:10.0.0.110`, `eth1:192.168.1.110`.
|
The **control plane** node may have 2 interfaces with the following IP addresses: `eth0:10.0.0.110`, `eth1:192.168.1.110`.
|
||||||
|
|
||||||
By default the `kubelet_secure_addresses` is set with the `10.0.0.110` the ansible control host uses `eth0` to connect to the machine. In case you want to use `eth1` as the outgoing interface on which `kube-apiserver` connects to the `kubelet`s, you should override the variable in this way: `kubelet_secure_addresses: "192.168.1.110"`.
|
By default the `kubelet_secure_addresses` is set with the `10.0.0.110` the ansible control host uses `eth0` to connect to the machine. In case you want to use `eth1` as the outgoing interface on which `kube-apiserver` connects to the `kubelet`s, you should override the variable in this way: `kubelet_secure_addresses: "192.168.1.110"`.
|
||||||
|
|
||||||
* *node_labels* - Labels applied to nodes via `kubectl label node`.
|
* *node_labels* - Labels applied to nodes via `kubectl label node`.
|
||||||
|
|
|
@ -13,4 +13,4 @@ etcd_data_dir: /var/lib/etcd
|
||||||
|
|
||||||
## Settings for etcd deployment type
|
## Settings for etcd deployment type
|
||||||
# Set this to docker if you are using container_manager: docker
|
# Set this to docker if you are using container_manager: docker
|
||||||
etcd_deployment_type: host
|
etcd_deployment_type: host
|
||||||
|
|
|
@ -21,4 +21,4 @@
|
||||||
# is_default: false
|
# is_default: false
|
||||||
# expand_persistent_volumes: true
|
# expand_persistent_volumes: true
|
||||||
# parameters:
|
# parameters:
|
||||||
# tier: hdd
|
# tier: hdd
|
||||||
|
|
|
@ -5,4 +5,4 @@ metadata:
|
||||||
name: kube-controller-manager
|
name: kube-controller-manager
|
||||||
annotations:
|
annotations:
|
||||||
prometheus.io/scrape: 'true'
|
prometheus.io/scrape: 'true'
|
||||||
prometheus.io/port: '10257'
|
prometheus.io/port: '10257'
|
||||||
|
|
|
@ -5,4 +5,4 @@ metadata:
|
||||||
name: kube-scheduler
|
name: kube-scheduler
|
||||||
annotations:
|
annotations:
|
||||||
prometheus.io/scrape: 'true'
|
prometheus.io/scrape: 'true'
|
||||||
prometheus.io/port: '10259'
|
prometheus.io/port: '10259'
|
||||||
|
|
|
@ -77,4 +77,4 @@
|
||||||
</g>
|
</g>
|
||||||
</g>
|
</g>
|
||||||
</g>
|
</g>
|
||||||
</svg>
|
</svg>
|
||||||
|
|
Before Width: | Height: | Size: 8.1 KiB After Width: | Height: | Size: 8.1 KiB |
|
@ -80,4 +80,4 @@
|
||||||
</g>
|
</g>
|
||||||
</g>
|
</g>
|
||||||
</g>
|
</g>
|
||||||
</svg>
|
</svg>
|
||||||
|
|
Before Width: | Height: | Size: 8.5 KiB After Width: | Height: | Size: 8.5 KiB |
|
@ -104,4 +104,4 @@
|
||||||
</g>
|
</g>
|
||||||
</g>
|
</g>
|
||||||
</g>
|
</g>
|
||||||
</svg>
|
</svg>
|
||||||
|
|
Before Width: | Height: | Size: 17 KiB After Width: | Height: | Size: 17 KiB |
|
@ -107,4 +107,4 @@
|
||||||
</g>
|
</g>
|
||||||
</g>
|
</g>
|
||||||
</g>
|
</g>
|
||||||
</svg>
|
</svg>
|
||||||
|
|
Before Width: | Height: | Size: 17 KiB After Width: | Height: | Size: 17 KiB |
|
@ -107,4 +107,4 @@
|
||||||
</g>
|
</g>
|
||||||
</g>
|
</g>
|
||||||
</g>
|
</g>
|
||||||
</svg>
|
</svg>
|
||||||
|
|
Before Width: | Height: | Size: 18 KiB After Width: | Height: | Size: 18 KiB |
|
@ -48,4 +48,4 @@ RUN wget https://releases.hashicorp.com/vagrant/${VAGRANT_VERSION}/vagrant_${VAG
|
||||||
|
|
||||||
# Install Kubernetes collections
|
# Install Kubernetes collections
|
||||||
RUN pip3 install kubernetes \
|
RUN pip3 install kubernetes \
|
||||||
&& ansible-galaxy collection install kubernetes.core
|
&& ansible-galaxy collection install kubernetes.core
|
||||||
|
|
|
@ -2,9 +2,9 @@ ansible==4.10.0
|
||||||
ansible-core==2.11.11
|
ansible-core==2.11.11
|
||||||
cryptography==3.4.8
|
cryptography==3.4.8
|
||||||
jinja2==2.11.3
|
jinja2==2.11.3
|
||||||
|
jmespath==0.9.5
|
||||||
|
MarkupSafe==1.1.1
|
||||||
netaddr==0.7.19
|
netaddr==0.7.19
|
||||||
pbr==5.4.4
|
pbr==5.4.4
|
||||||
jmespath==0.9.5
|
|
||||||
ruamel.yaml==0.16.10
|
ruamel.yaml==0.16.10
|
||||||
ruamel.yaml.clib==0.2.7
|
ruamel.yaml.clib==0.2.7
|
||||||
MarkupSafe==1.1.1
|
|
||||||
|
|
|
@ -2,9 +2,9 @@ ansible==5.7.1
|
||||||
ansible-core==2.12.5
|
ansible-core==2.12.5
|
||||||
cryptography==3.4.8
|
cryptography==3.4.8
|
||||||
jinja2==2.11.3
|
jinja2==2.11.3
|
||||||
|
jmespath==0.9.5
|
||||||
|
MarkupSafe==1.1.1
|
||||||
netaddr==0.7.19
|
netaddr==0.7.19
|
||||||
pbr==5.4.4
|
pbr==5.4.4
|
||||||
jmespath==0.9.5
|
|
||||||
ruamel.yaml==0.16.10
|
ruamel.yaml==0.16.10
|
||||||
ruamel.yaml.clib==0.2.7
|
ruamel.yaml.clib==0.2.7
|
||||||
MarkupSafe==1.1.1
|
|
||||||
|
|
|
@ -1,2 +1,2 @@
|
||||||
---
|
---
|
||||||
ssh_bastion_confing__name: ssh-bastion.conf
|
ssh_bastion_confing__name: ssh-bastion.conf
|
||||||
|
|
|
@ -1,2 +1,2 @@
|
||||||
---
|
---
|
||||||
allow_duplicates: true
|
allow_duplicates: true
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
{% if crio_registry_auth is defined and crio_registry_auth|length %}
|
{% if crio_registry_auth is defined and crio_registry_auth|length %}
|
||||||
{
|
{
|
||||||
{% for reg in crio_registry_auth %}
|
{% for reg in crio_registry_auth %}
|
||||||
"auths": {
|
"auths": {
|
||||||
"{{ reg.registry }}": {
|
"{{ reg.registry }}": {
|
||||||
|
|
|
@ -3,4 +3,4 @@ Environment="DOCKER_DNS_OPTIONS=\
|
||||||
{% for d in docker_dns_servers %}--dns {{ d }} {% endfor %} \
|
{% for d in docker_dns_servers %}--dns {{ d }} {% endfor %} \
|
||||||
{% for d in docker_dns_search_domains %}--dns-search {{ d }} {% endfor %} \
|
{% for d in docker_dns_search_domains %}--dns-search {{ d }} {% endfor %} \
|
||||||
{% for o in docker_dns_options %}--dns-opt {{ o }} {% endfor %} \
|
{% for o in docker_dns_options %}--dns-opt {{ o }} {% endfor %} \
|
||||||
"
|
"
|
||||||
|
|
|
@ -1,2 +1,2 @@
|
||||||
[Service]
|
[Service]
|
||||||
ExecStartPost=-{{ bin_dir }}/cleanup-docker-orphans.sh
|
ExecStartPost=-{{ bin_dir }}/cleanup-docker-orphans.sh
|
||||||
|
|
|
@ -375,7 +375,7 @@ valid_entropy_sources = ["/dev/urandom","/dev/random",""]
|
||||||
# When enable_guest_swap is enabled, insert a raw file to the guest as the swap device
|
# When enable_guest_swap is enabled, insert a raw file to the guest as the swap device
|
||||||
# if the swappiness of a container (set by annotation "io.katacontainers.container.resource.swappiness")
|
# if the swappiness of a container (set by annotation "io.katacontainers.container.resource.swappiness")
|
||||||
# is bigger than 0.
|
# is bigger than 0.
|
||||||
# The size of the swap device should be
|
# The size of the swap device should be
|
||||||
# swap_in_bytes (set by annotation "io.katacontainers.container.resource.swap_in_bytes") - memory_limit_in_bytes.
|
# swap_in_bytes (set by annotation "io.katacontainers.container.resource.swap_in_bytes") - memory_limit_in_bytes.
|
||||||
# If swap_in_bytes is not set, the size should be memory_limit_in_bytes.
|
# If swap_in_bytes is not set, the size should be memory_limit_in_bytes.
|
||||||
# If swap_in_bytes and memory_limit_in_bytes is not set, the size should
|
# If swap_in_bytes and memory_limit_in_bytes is not set, the size should
|
||||||
|
|
|
@ -65,4 +65,4 @@ ETCDCTL_CERT={{ etcd_cert_dir }}/admin-{{ inventory_hostname }}.pem
|
||||||
|
|
||||||
# ETCD 3.5.x issue
|
# ETCD 3.5.x issue
|
||||||
# https://groups.google.com/a/kubernetes.io/g/dev/c/B7gJs88XtQc/m/rSgNOzV2BwAJ?utm_medium=email&utm_source=footer
|
# https://groups.google.com/a/kubernetes.io/g/dev/c/B7gJs88XtQc/m/rSgNOzV2BwAJ?utm_medium=email&utm_source=footer
|
||||||
ETCD_EXPERIMENTAL_INITIAL_CORRUPT_CHECK={{ etcd_experimental_initial_corrupt_check }}
|
ETCD_EXPERIMENTAL_INITIAL_CORRUPT_CHECK={{ etcd_experimental_initial_corrupt_check }}
|
||||||
|
|
|
@ -87,4 +87,3 @@ rateLimiter:
|
||||||
rateLimitBucketWrite: {{ oci_rate_limit.rate_limit_bucket_write }}
|
rateLimitBucketWrite: {{ oci_rate_limit.rate_limit_bucket_write }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
|
|
@ -70,4 +70,3 @@ spec:
|
||||||
- name: kubernetes
|
- name: kubernetes
|
||||||
mountPath: /etc/kubernetes
|
mountPath: /etc/kubernetes
|
||||||
readOnly: true
|
readOnly: true
|
||||||
|
|
||||||
|
|
|
@ -129,4 +129,3 @@ spec:
|
||||||
volumes:
|
volumes:
|
||||||
- name: socket-dir
|
- name: socket-dir
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
|
|
||||||
|
|
|
@ -41,4 +41,4 @@ node-volume-attach-limit="{{ node_volume_attach_limit }}"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if cinder_csi_rescan_on_resize is defined %}
|
{% if cinder_csi_rescan_on_resize is defined %}
|
||||||
rescan-on-resize={{ cinder_csi_rescan_on_resize | bool }}
|
rescan-on-resize={{ cinder_csi_rescan_on_resize | bool }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
|
@ -13,4 +13,4 @@ upcloud_csi_snapshot_controller_replicas: 2
|
||||||
upcloud_csi_snapshotter_image_tag: "v4.2.1"
|
upcloud_csi_snapshotter_image_tag: "v4.2.1"
|
||||||
upcloud_csi_snapshot_controller_image_tag: "v4.2.1"
|
upcloud_csi_snapshot_controller_image_tag: "v4.2.1"
|
||||||
upcloud_csi_snapshot_validation_webhook_image_tag: "v4.2.1"
|
upcloud_csi_snapshot_validation_webhook_image_tag: "v4.2.1"
|
||||||
upcloud_cacert: "{{ lookup('env','OS_CACERT') }}"
|
upcloud_cacert: "{{ lookup('env','OS_CACERT') }}"
|
||||||
|
|
|
@ -37,4 +37,4 @@
|
||||||
- inventory_hostname == groups['kube_control_plane'][0]
|
- inventory_hostname == groups['kube_control_plane'][0]
|
||||||
- not item is skipped
|
- not item is skipped
|
||||||
loop_control:
|
loop_control:
|
||||||
label: "{{ item.item.file }}"
|
label: "{{ item.item.file }}"
|
||||||
|
|
|
@ -90,4 +90,4 @@ spec:
|
||||||
- name: regcred
|
- name: regcred
|
||||||
volumes:
|
volumes:
|
||||||
- name: socket-dir
|
- name: socket-dir
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
|
|
|
@ -5,4 +5,4 @@ metadata:
|
||||||
spec:
|
spec:
|
||||||
attachRequired: true
|
attachRequired: true
|
||||||
podInfoOnMount: true
|
podInfoOnMount: true
|
||||||
fsGroupPolicy: File
|
fsGroupPolicy: File
|
||||||
|
|
|
@ -98,4 +98,4 @@ spec:
|
||||||
{% if upcloud_tolerations %}
|
{% if upcloud_tolerations %}
|
||||||
tolerations:
|
tolerations:
|
||||||
{{ upcloud_tolerations | to_nice_yaml(indent=2) | indent(width=8) }}
|
{{ upcloud_tolerations | to_nice_yaml(indent=2) | indent(width=8) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
|
@ -182,4 +182,4 @@ subjects:
|
||||||
roleRef:
|
roleRef:
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
name: csi-upcloud-resizer-role
|
name: csi-upcloud-resizer-role
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Namespace
|
kind: Namespace
|
||||||
metadata:
|
metadata:
|
||||||
name: "{{ vsphere_csi_namespace }}"
|
name: "{{ vsphere_csi_namespace }}"
|
||||||
|
|
|
@ -3,4 +3,4 @@
|
||||||
approvers:
|
approvers:
|
||||||
- kubespray-approvers
|
- kubespray-approvers
|
||||||
reviewers:
|
reviewers:
|
||||||
- kubespray-reviewers
|
- kubespray-reviewers
|
||||||
|
|
|
@ -17,4 +17,4 @@ ingress_nginx_termination_grace_period_seconds: 300
|
||||||
ingress_nginx_webhook_enabled: false
|
ingress_nginx_webhook_enabled: false
|
||||||
ingress_nginx_webhook_job_ttl: 1800
|
ingress_nginx_webhook_job_ttl: 1800
|
||||||
|
|
||||||
ingress_nginx_probe_initial_delay_seconds: 10
|
ingress_nginx_probe_initial_delay_seconds: 10
|
||||||
|
|
|
@ -8,4 +8,4 @@ metrics_server_limits_memory: 200Mi
|
||||||
metrics_server_requests_cpu: 100m
|
metrics_server_requests_cpu: 100m
|
||||||
metrics_server_requests_memory: 200Mi
|
metrics_server_requests_memory: 200Mi
|
||||||
metrics_server_host_network: false
|
metrics_server_host_network: false
|
||||||
metrics_server_replicas: 1
|
metrics_server_replicas: 1
|
||||||
|
|
|
@ -104,4 +104,4 @@ spec:
|
||||||
- metrics-server
|
- metrics-server
|
||||||
topologyKey: kubernetes.io/hostname
|
topologyKey: kubernetes.io/hostname
|
||||||
namespaces:
|
namespaces:
|
||||||
- kube-system
|
- kube-system
|
||||||
|
|
|
@ -3,4 +3,4 @@
|
||||||
approvers:
|
approvers:
|
||||||
- bozzo
|
- bozzo
|
||||||
reviewers:
|
reviewers:
|
||||||
- bozzo
|
- bozzo
|
||||||
|
|
|
@ -40,4 +40,4 @@ dependencies:
|
||||||
- upcloud_csi_enabled
|
- upcloud_csi_enabled
|
||||||
tags:
|
tags:
|
||||||
- persistent_volumes_upcloud_csi
|
- persistent_volumes_upcloud_csi
|
||||||
- upcloud-csi-driver
|
- upcloud-csi-driver
|
||||||
|
|
|
@ -35,4 +35,4 @@
|
||||||
environment:
|
environment:
|
||||||
KUBECONFIG: "{{ kube_config_dir }}/admin.conf"
|
KUBECONFIG: "{{ kube_config_dir }}/admin.conf"
|
||||||
loop_control:
|
loop_control:
|
||||||
label: "{{ item.item.file }}"
|
label: "{{ item.item.file }}"
|
||||||
|
|
|
@ -31,4 +31,4 @@ nodeRegistration:
|
||||||
{% if kubeadm_patches is defined and kubeadm_patches.enabled %}
|
{% if kubeadm_patches is defined and kubeadm_patches.enabled %}
|
||||||
patches:
|
patches:
|
||||||
directory: {{ kubeadm_patches.dest_dir }}
|
directory: {{ kubeadm_patches.dest_dir }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
|
@ -1,3 +1,2 @@
|
||||||
[global]
|
[global]
|
||||||
node-tags = {{ gce_node_tags }}
|
node-tags = {{ gce_node_tags }}
|
||||||
|
|
||||||
|
|
|
@ -94,4 +94,3 @@ spec:
|
||||||
path: /etc/kubernetes/admin.conf
|
path: /etc/kubernetes/admin.conf
|
||||||
name: kubeconfig
|
name: kubeconfig
|
||||||
status: {}
|
status: {}
|
||||||
|
|
||||||
|
|
|
@ -77,4 +77,3 @@ data:
|
||||||
"Type": "vxlan"
|
"Type": "vxlan"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -6,4 +6,4 @@ kind: Secret
|
||||||
metadata:
|
metadata:
|
||||||
name: cilium-ipsec-keys
|
name: cilium-ipsec-keys
|
||||||
namespace: kube-system
|
namespace: kube-system
|
||||||
type: Opaque
|
type: Opaque
|
||||||
|
|
|
@ -3,4 +3,4 @@
|
||||||
approvers:
|
approvers:
|
||||||
- bozzo
|
- bozzo
|
||||||
reviewers:
|
reviewers:
|
||||||
- bozzo
|
- bozzo
|
||||||
|
|
|
@ -38,4 +38,3 @@ fi
|
||||||
${OTHERSCRIPT} ${CONFIG}
|
${OTHERSCRIPT} ${CONFIG}
|
||||||
|
|
||||||
ip link del ${DEVICE} type ${TYPE:-macvlan}
|
ip link del ${DEVICE} type ${TYPE:-macvlan}
|
||||||
|
|
||||||
|
|
|
@ -41,4 +41,3 @@ ip link add \
|
||||||
type ${TYPE:-macvlan} mode ${MACVLAN_MODE:-private}
|
type ${TYPE:-macvlan} mode ${MACVLAN_MODE:-private}
|
||||||
|
|
||||||
${OTHERSCRIPT} ${CONFIG}
|
${OTHERSCRIPT} ${CONFIG}
|
||||||
|
|
||||||
|
|
|
@ -11,4 +11,3 @@ MACVLAN_MODE=bridge
|
||||||
IPADDR={{ node_pod_cidr|ipaddr('net')|ipaddr(1)|ipaddr('address') }}
|
IPADDR={{ node_pod_cidr|ipaddr('net')|ipaddr(1)|ipaddr('address') }}
|
||||||
NETMASK={{ node_pod_cidr|ipaddr('netmask') }}
|
NETMASK={{ node_pod_cidr|ipaddr('netmask') }}
|
||||||
NETWORK={{ node_pod_cidr|ipaddr('network') }}
|
NETWORK={{ node_pod_cidr|ipaddr('network') }}
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,3 @@
|
||||||
{% if enable_nat_default_gateway %}
|
{% if enable_nat_default_gateway %}
|
||||||
iptables -t nat -D POSTROUTING -s {{ node_pod_cidr|ipaddr('net') }} -o {{ node_default_gateway_interface }} -j MASQUERADE
|
iptables -t nat -D POSTROUTING -s {{ node_pod_cidr|ipaddr('net') }} -o {{ node_default_gateway_interface }} -j MASQUERADE
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,3 @@
|
||||||
{% if enable_nat_default_gateway %}
|
{% if enable_nat_default_gateway %}
|
||||||
iptables -t nat -I POSTROUTING -s {{ node_pod_cidr|ipaddr('net') }} -o {{ node_default_gateway_interface }} -j MASQUERADE
|
iptables -t nat -I POSTROUTING -s {{ node_pod_cidr|ipaddr('net') }} -o {{ node_default_gateway_interface }} -j MASQUERADE
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
|
|
@ -15,4 +15,3 @@ GatewayOnlink=yes
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
|
|
|
@ -24,4 +24,3 @@ iface mac0 inet static
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
post-down iptables -t nat -D POSTROUTING -s {{ node_pod_cidr|ipaddr('net') }} -o {{ node_default_gateway_interface }} -j MASQUERADE
|
post-down iptables -t nat -D POSTROUTING -s {{ node_pod_cidr|ipaddr('net') }} -o {{ node_default_gateway_interface }} -j MASQUERADE
|
||||||
post-down ip link delete mac0
|
post-down ip link delete mac0
|
||||||
|
|
||||||
|
|
|
@ -233,7 +233,7 @@ items:
|
||||||
{% if weave_npc_extra_args %}
|
{% if weave_npc_extra_args %}
|
||||||
- name: EXTRA_ARGS
|
- name: EXTRA_ARGS
|
||||||
value: "{{ weave_npc_extra_args }}"
|
value: "{{ weave_npc_extra_args }}"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
image: {{ weave_npc_image_repo }}:{{ weave_npc_image_tag }}
|
image: {{ weave_npc_image_repo }}:{{ weave_npc_image_tag }}
|
||||||
imagePullPolicy: {{ k8s_image_pull_policy }}
|
imagePullPolicy: {{ k8s_image_pull_policy }}
|
||||||
resources:
|
resources:
|
||||||
|
|
|
@ -0,0 +1,45 @@
|
||||||
|
# use virtualenv to install all python requirements
|
||||||
|
VENVDIR=venv
|
||||||
|
python3 -m venv $VENVDIR
|
||||||
|
source $VENVDIR/bin/activate
|
||||||
|
pip install --upgrade pip
|
||||||
|
pip install wheel
|
||||||
|
pip install --upgrade setuptools
|
||||||
|
pip install -r requirements.txt
|
||||||
|
pip install -r tests/requirements.txt
|
||||||
|
pre-commit install
|
||||||
|
# prepare an inventory to test with
|
||||||
|
INV=inventory/lab
|
||||||
|
rm -rf ${INV}.bak &> /dev/null
|
||||||
|
mv ${INV} ${INV}.bak &> /dev/null
|
||||||
|
cp -a inventory/sample ${INV}
|
||||||
|
rm -f ${INV}/hosts.ini
|
||||||
|
|
||||||
|
# customize the vagrant environment
|
||||||
|
mkdir vagrant
|
||||||
|
cat << EOF > vagrant/config.rb
|
||||||
|
\$instance_name_prefix = kub"
|
||||||
|
\$vm_cpus = 2
|
||||||
|
\$num_instances = 3
|
||||||
|
\$os = "almalinux8"
|
||||||
|
\$subnet = "192.168.56"
|
||||||
|
\$network_plugin = "calico"
|
||||||
|
\$inventory = "$INV"
|
||||||
|
\$shared_folders = { 'temp/docker_rpms' => "/var/cache/yum/x86_64/7/docker-ce/packages" }
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# make the rpm cache
|
||||||
|
mkdir -p temp/docker_rpms
|
||||||
|
|
||||||
|
vagrant up
|
||||||
|
|
||||||
|
# make a copy of the downloaded docker rpm, to speed up the next provisioning run
|
||||||
|
scp kub-1:/var/cache/yum/x86_64/7/docker-ce/packages/* temp/docker_rpms/
|
||||||
|
|
||||||
|
# copy kubectl access configuration in place
|
||||||
|
mkdir $HOME/.kube/ &> /dev/null
|
||||||
|
ln -s $PWD/$INV/artifacts/admin.conf $HOME/.kube/config
|
||||||
|
# make the kubectl binary available
|
||||||
|
sudo ln -s $PWD/$INV/artifacts/kubectl /usr/local/bin/kubectl
|
||||||
|
#or
|
||||||
|
export PATH=$PATH:$PWD/$INV/artifacts
|
|
@ -4,4 +4,4 @@ $libvirt_volume_cache = "unsafe"
|
||||||
# Checking for box update can trigger API rate limiting
|
# Checking for box update can trigger API rate limiting
|
||||||
# https://www.vagrantup.com/docs/vagrant-cloud/request-limits.html
|
# https://www.vagrantup.com/docs/vagrant-cloud/request-limits.html
|
||||||
$box_check_update = false
|
$box_check_update = false
|
||||||
$vm_cpus = 2
|
$vm_cpus = 2
|
||||||
|
|
|
@ -6,4 +6,4 @@ $libvirt_volume_cache = "unsafe"
|
||||||
# Checking for box update can trigger API rate limiting
|
# Checking for box update can trigger API rate limiting
|
||||||
# https://www.vagrantup.com/docs/vagrant-cloud/request-limits.html
|
# https://www.vagrantup.com/docs/vagrant-cloud/request-limits.html
|
||||||
$box_check_update = false
|
$box_check_update = false
|
||||||
$vm_cpus = 2
|
$vm_cpus = 2
|
||||||
|
|
|
@ -1,11 +1,11 @@
|
||||||
-r ../requirements-2.11.txt
|
-r ../requirements-2.11.txt
|
||||||
yamllint==1.19.0
|
|
||||||
apache-libcloud==2.2.1
|
|
||||||
tox==3.11.1
|
|
||||||
dopy==0.3.7
|
|
||||||
ansible-lint==5.4.0
|
ansible-lint==5.4.0
|
||||||
|
apache-libcloud==2.2.1
|
||||||
|
ara[server]==1.6.1
|
||||||
|
dopy==0.3.7
|
||||||
molecule==3.0.6
|
molecule==3.0.6
|
||||||
molecule-vagrant==0.3
|
molecule-vagrant==0.3
|
||||||
testinfra==5.2.2
|
|
||||||
python-vagrant==0.5.15
|
python-vagrant==0.5.15
|
||||||
ara[server]==1.6.1
|
testinfra==5.2.2
|
||||||
|
tox==3.11.1
|
||||||
|
yamllint==1.19.0
|
||||||
|
|
|
@ -1,11 +1,11 @@
|
||||||
-r ../requirements-2.12.txt
|
-r ../requirements-2.12.txt
|
||||||
yamllint==1.19.0
|
|
||||||
apache-libcloud==2.2.1
|
|
||||||
tox==3.11.1
|
|
||||||
dopy==0.3.7
|
|
||||||
ansible-lint==5.4.0
|
ansible-lint==5.4.0
|
||||||
|
apache-libcloud==2.2.1
|
||||||
|
ara[server]==1.6.1
|
||||||
|
dopy==0.3.7
|
||||||
molecule==3.0.6
|
molecule==3.0.6
|
||||||
molecule-vagrant==0.3
|
molecule-vagrant==0.3
|
||||||
testinfra==5.2.2
|
|
||||||
python-vagrant==0.5.15
|
python-vagrant==0.5.15
|
||||||
ara[server]==1.6.1
|
testinfra==5.2.2
|
||||||
|
tox==3.11.1
|
||||||
|
yamllint==1.19.0
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
pyaml
|
|
||||||
jinja2
|
jinja2
|
||||||
pathlib ; python_version < '3.10'
|
pathlib ; python_version < '3.10'
|
||||||
|
pyaml
|
||||||
pydblite
|
pydblite
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
# CI test coverage
|
# CI test coverage
|
||||||
|
|
||||||
To generate this Matrix run `./tests/scripts/md-table/main.py`
|
To generate this Matrix run `./tests/scripts/md-table/main.py`
|
||||||
|
|
||||||
{%- for container_engine in container_engines %}
|
{%- for container_engine in container_engines %}
|
||||||
|
|
||||||
|
@ -12,4 +12,4 @@ To generate this Matrix run `./tests/scripts/md-table/main.py`
|
||||||
{{ os }} | {% for cni in network_plugins %} {{ ':white_check_mark:' if exists(container_engine, cni, os) else ':x:' }} |{% endfor %}
|
{{ os }} | {% for cni in network_plugins %} {{ ':white_check_mark:' if exists(container_engine, cni, os) else ':x:' }} |{% endfor %}
|
||||||
{%- endfor %}
|
{%- endfor %}
|
||||||
|
|
||||||
{%- endfor %}
|
{%- endfor %}
|
||||||
|
|
|
@ -8,4 +8,4 @@ echo "Generate current file..."
|
||||||
./tests/scripts/md-table/main.py > tmp.md
|
./tests/scripts/md-table/main.py > tmp.md
|
||||||
|
|
||||||
echo "Compare docs/ci.md with actual tests in tests/files/*.yml ..."
|
echo "Compare docs/ci.md with actual tests in tests/files/*.yml ..."
|
||||||
cmp docs/ci.md tmp.md
|
cmp docs/ci.md tmp.md
|
||||||
|
|
|
@ -16,4 +16,4 @@ done
|
||||||
for i in $(virsh vol-list default|grep \.img |grep -v VAGRANTSLASH | cut -f 2 -d ' ')
|
for i in $(virsh vol-list default|grep \.img |grep -v VAGRANTSLASH | cut -f 2 -d ' ')
|
||||||
do
|
do
|
||||||
virsh vol-delete "$i" --pool default
|
virsh vol-delete "$i" --pool default
|
||||||
done
|
done
|
||||||
|
|