diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 000000000..8e95b1819
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1 @@
+docs/_sidebar.md linguist-generated=true
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 56c03a193..3707b690a 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -3,5 +3,5 @@ updates:
- package-ecosystem: "pip"
directory: "/"
schedule:
- interval: "daily"
+ interval: "weekly"
labels: [ "dependencies" ]
diff --git a/.gitlab-ci/packet.yml b/.gitlab-ci/packet.yml
index de61a1f60..0fb303d72 100644
--- a/.gitlab-ci/packet.yml
+++ b/.gitlab-ci/packet.yml
@@ -61,7 +61,17 @@ packet_ubuntu22-calico-all-in-one:
extends: .packet_pr
when: on_success
-packet_ubuntu22-calico-etcd-datastore:
+packet_ubuntu24-all-in-one-docker:
+ stage: deploy-part2
+ extends: .packet_pr
+ when: on_success
+
+packet_ubuntu24-calico-all-in-one:
+ stage: deploy-part2
+ extends: .packet_pr
+ when: on_success
+
+packet_ubuntu24-calico-etcd-datastore:
stage: deploy-part2
extends: .packet_pr
when: on_success
@@ -174,6 +184,11 @@ packet_almalinux8-docker:
extends: .packet_pr
when: on_success
+packet_amazon-linux-2-all-in-one:
+ stage: deploy-part2
+ extends: .packet_pr
+ when: on_success
+
packet_fedora38-docker-weave:
stage: deploy-part2
extends: .packet_pr
@@ -183,7 +198,7 @@ packet_fedora38-docker-weave:
packet_opensuse-docker-cilium:
stage: deploy-part2
extends: .packet_pr
- when: manual
+ when: on_success
# ### MANUAL JOBS
@@ -240,11 +255,6 @@ packet_fedora37-calico-swap-selinux:
extends: .packet_pr
when: manual
-packet_amazon-linux-2-all-in-one:
- stage: deploy-part2
- extends: .packet_pr
- when: manual
-
packet_almalinux8-calico-nodelocaldns-secondary:
stage: deploy-part2
extends: .packet_pr
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index c2380522a..337b484f1 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,6 +1,5 @@
---
repos:
-
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v3.4.0
hooks:
@@ -25,14 +24,14 @@ repos:
rev: v0.11.0
hooks:
- id: markdownlint
- args: [ -r, "~MD013,~MD029" ]
+ args: [-r, "~MD013,~MD029"]
exclude: "^.git"
- repo: https://github.com/jumanjihouse/pre-commit-hooks
rev: 3.0.0
hooks:
- id: shellcheck
- args: [ --severity, "error" ]
+ args: [--severity, "error"]
exclude: "^.git"
files: "\\.sh$"
@@ -64,6 +63,12 @@ repos:
language: script
pass_filenames: false
+ - id: generate-docs-sidebar
+ name: generate-docs-sidebar
+ entry: scripts/gen_docs_sidebar.sh
+ language: script
+ pass_filenames: false
+
- id: ci-matrix
name: ci-matrix
entry: tests/scripts/md-table/test.sh
diff --git a/README.md b/README.md
index ab31a8fb5..17e86724c 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,7 @@
If you have questions, check the documentation at [kubespray.io](https://kubespray.io) and join us on the [kubernetes slack](https://kubernetes.slack.com), channel **\#kubespray**.
You can get your invite [here](http://slack.k8s.io/)
-- Can be deployed on **[AWS](docs/aws.md), GCE, [Azure](docs/azure.md), [OpenStack](docs/openstack.md), [vSphere](docs/vsphere.md), [Equinix Metal](docs/equinix-metal.md) (bare metal), Oracle Cloud Infrastructure (Experimental), or Baremetal**
+- Can be deployed on **[AWS](docs/cloud_providers/aws.md), GCE, [Azure](docs/cloud_providers/azure.md), [OpenStack](docs/cloud_providers/openstack.md), [vSphere](docs/cloud_providers/vsphere.md), [Equinix Metal](docs/cloud_providers/equinix-metal.md) (bare metal), Oracle Cloud Infrastructure (Experimental), or Baremetal**
- **Highly available** cluster
- **Composable** (Choice of the network plugin for instance)
- Supports most popular **Linux distributions**
@@ -19,7 +19,7 @@ Below are several ways to use Kubespray to deploy a Kubernetes cluster.
#### Usage
-Install Ansible according to [Ansible installation guide](/docs/ansible.md#installing-ansible)
+Install Ansible according to [Ansible installation guide](/docs/ansible/ansible.md#installing-ansible)
then run the following steps:
```ShellSession
@@ -86,7 +86,7 @@ ansible-playbook -i /inventory/inventory.ini --private-key /root/.ssh/id_rsa clu
#### Collection
-See [here](docs/ansible_collection.md) if you wish to use this repository as an Ansible collection
+See [here](docs/ansible/ansible_collection.md) if you wish to use this repository as an Ansible collection
### Vagrant
@@ -99,7 +99,7 @@ python -V && pip -V
If this returns the version of the software, you're good to go. If not, download and install Python from here
-Install Ansible according to [Ansible installation guide](/docs/ansible.md#installing-ansible)
+Install Ansible according to [Ansible installation guide](/docs/ansible/ansible.md#installing-ansible)
then run the following step:
```ShellSession
@@ -109,62 +109,62 @@ vagrant up
## Documents
- [Requirements](#requirements)
-- [Kubespray vs ...](docs/comparisons.md)
-- [Getting started](docs/getting-started.md)
-- [Setting up your first cluster](docs/setting-up-your-first-cluster.md)
-- [Ansible inventory and tags](docs/ansible.md)
-- [Integration with existing ansible repo](docs/integration.md)
-- [Deployment data variables](docs/vars.md)
-- [DNS stack](docs/dns-stack.md)
-- [HA mode](docs/ha-mode.md)
+- [Kubespray vs ...](docs/getting_started/comparisons.md)
+- [Getting started](docs/getting_started/getting-started.md)
+- [Setting up your first cluster](docs/getting_started/setting-up-your-first-cluster.md)
+- [Ansible inventory and tags](docs/ansible/ansible.md)
+- [Integration with existing ansible repo](docs/operations/integration.md)
+- [Deployment data variables](docs/ansible/vars.md)
+- [DNS stack](docs/advanced/dns-stack.md)
+- [HA mode](docs/operations/ha-mode.md)
- [Network plugins](#network-plugins)
-- [Vagrant install](docs/vagrant.md)
-- [Flatcar Container Linux bootstrap](docs/flatcar.md)
-- [Fedora CoreOS bootstrap](docs/fcos.md)
-- [openSUSE setup](docs/opensuse.md)
-- [Downloaded artifacts](docs/downloads.md)
-- [Cloud providers](docs/cloud.md)
-- [OpenStack](docs/openstack.md)
-- [AWS](docs/aws.md)
-- [Azure](docs/azure.md)
-- [vSphere](docs/vsphere.md)
-- [Equinix Metal](docs/equinix-metal.md)
-- [Large deployments](docs/large-deployments.md)
-- [Adding/replacing a node](docs/nodes.md)
-- [Upgrades basics](docs/upgrades.md)
-- [Air-Gap installation](docs/offline-environment.md)
-- [NTP](docs/ntp.md)
-- [Hardening](docs/hardening.md)
-- [Mirror](docs/mirror.md)
-- [Roadmap](docs/roadmap.md)
+- [Vagrant install](docs/developers/vagrant.md)
+- [Flatcar Container Linux bootstrap](docs/operating_systems/flatcar.md)
+- [Fedora CoreOS bootstrap](docs/operating_systems/fcos.md)
+- [openSUSE setup](docs/operating_systems/opensuse.md)
+- [Downloaded artifacts](docs/advanced/downloads.md)
+- [Cloud providers](docs/cloud_providers/cloud.md)
+- [OpenStack](docs/cloud_providers/openstack.md)
+- [AWS](docs/cloud_providers/aws.md)
+- [Azure](docs/cloud_providers/azure.md)
+- [vSphere](docs/cloud_providers/vsphere.md)
+- [Equinix Metal](docs/cloud_providers/equinix-metal.md)
+- [Large deployments](docs/operations/large-deployments.md)
+- [Adding/replacing a node](docs/operations/nodes.md)
+- [Upgrades basics](docs/operations/upgrades.md)
+- [Air-Gap installation](docs/operations/offline-environment.md)
+- [NTP](docs/advanced/ntp.md)
+- [Hardening](docs/operations/hardening.md)
+- [Mirror](docs/operations/mirror.md)
+- [Roadmap](docs/roadmap/roadmap.md)
## Supported Linux Distributions
- **Flatcar Container Linux by Kinvolk**
- **Debian** Bookworm, Bullseye, Buster
- **Ubuntu** 20.04, 22.04
-- **CentOS/RHEL** 7, [8, 9](docs/centos.md#centos-8)
+- **CentOS/RHEL** 7, [8, 9](docs/operating_systems/centos.md#centos-8)
- **Fedora** 37, 38
-- **Fedora CoreOS** (see [fcos Note](docs/fcos.md))
+- **Fedora CoreOS** (see [fcos Note](docs/operating_systems/fcos.md))
- **openSUSE** Leap 15.x/Tumbleweed
-- **Oracle Linux** 7, [8, 9](docs/centos.md#centos-8)
-- **Alma Linux** [8, 9](docs/centos.md#centos-8)
-- **Rocky Linux** [8, 9](docs/centos.md#centos-8)
-- **Kylin Linux Advanced Server V10** (experimental: see [kylin linux notes](docs/kylinlinux.md))
-- **Amazon Linux 2** (experimental: see [amazon linux notes](docs/amazonlinux.md))
-- **UOS Linux** (experimental: see [uos linux notes](docs/uoslinux.md))
-- **openEuler** (experimental: see [openEuler notes](docs/openeuler.md))
+- **Oracle Linux** 7, [8, 9](docs/operating_systems/centos.md#centos-8)
+- **Alma Linux** [8, 9](docs/operating_systems/centos.md#centos-8)
+- **Rocky Linux** [8, 9](docs/operating_systems/centos.md#centos-8)
+- **Kylin Linux Advanced Server V10** (experimental: see [kylin linux notes](docs/operating_systems/kylinlinux.md))
+- **Amazon Linux 2** (experimental: see [amazon linux notes](docs/operating_systems/amazonlinux.md))
+- **UOS Linux** (experimental: see [uos linux notes](docs/operating_systems/uoslinux.md))
+- **openEuler** (experimental: see [openEuler notes](docs/operating_systems/openeuler.md))
Note: Upstart/SysV init based OS types are not supported.
## Supported Components
- Core
- - [kubernetes](https://github.com/kubernetes/kubernetes) v1.29.3
+ - [kubernetes](https://github.com/kubernetes/kubernetes) v1.29.5
- [etcd](https://github.com/etcd-io/etcd) v3.5.12
- [docker](https://www.docker.com/) v24.0 (see [Note](#container-runtime-notes))
- [containerd](https://containerd.io/) v1.7.16
- - [cri-o](http://cri-o.io/) v1.29.1 (experimental: see [CRI-O Note](docs/cri-o.md). Only on fedora, ubuntu and centos based OS)
+ - [cri-o](http://cri-o.io/) v1.29.1 (experimental: see [CRI-O Note](docs/CRI/cri-o.md). Only on fedora, ubuntu and centos based OS)
- Network Plugin
- [cni-plugins](https://github.com/containernetworking/plugins) v1.2.0
- [calico](https://github.com/projectcalico/calico) v3.27.3
@@ -178,9 +178,9 @@ Note: Upstart/SysV init based OS types are not supported.
- Application
- [cert-manager](https://github.com/jetstack/cert-manager) v1.13.2
- [coredns](https://github.com/coredns/coredns) v1.11.1
- - [ingress-nginx](https://github.com/kubernetes/ingress-nginx) v1.9.6
+ - [ingress-nginx](https://github.com/kubernetes/ingress-nginx) v1.10.1
- [krew](https://github.com/kubernetes-sigs/krew) v0.4.4
- - [argocd](https://argoproj.github.io/) v2.8.4
+ - [argocd](https://argoproj.github.io/) v2.11.0
- [helm](https://helm.sh/) v3.14.2
- [metallb](https://metallb.universe.tf/) v0.13.9
- [registry](https://github.com/distribution/distribution) v2.8.1
@@ -204,7 +204,7 @@ Note: Upstart/SysV init based OS types are not supported.
- **Minimum required version of Kubernetes is v1.27**
- **Ansible v2.14+, Jinja 2.11+ and python-netaddr is installed on the machine that will run Ansible commands**
-- The target servers must have **access to the Internet** in order to pull docker images. Otherwise, additional configuration is required (See [Offline Environment](docs/offline-environment.md))
+- The target servers must have **access to the Internet** in order to pull docker images. Otherwise, additional configuration is required (See [Offline Environment](docs/operations/offline-environment.md))
- The target servers are configured to allow **IPv4 forwarding**.
- If using IPv6 for pods and services, the target servers are configured to allow **IPv6 forwarding**.
- The **firewalls are not managed**, you'll need to implement your own rules the way you used to.
@@ -225,7 +225,7 @@ These limits are safeguarded by Kubespray. Actual requirements for your workload
You can choose among ten network plugins. (default: `calico`, except Vagrant uses `flannel`)
-- [flannel](docs/flannel.md): gre/vxlan (layer 2) networking.
+- [flannel](docs/CNI/flannel.md): gre/vxlan (layer 2) networking.
- [Calico](https://docs.tigera.io/calico/latest/about/) is a networking and network policy provider. Calico supports a flexible set of networking options
designed to give you the most efficient networking across a range of situations, including non-overlay
@@ -234,32 +234,32 @@ You can choose among ten network plugins. (default: `calico`, except Vagrant use
- [cilium](http://docs.cilium.io/en/latest/): layer 3/4 networking (as well as layer 7 to protect and secure application protocols), supports dynamic insertion of BPF bytecode into the Linux kernel to implement security services, networking and visibility logic.
-- [weave](docs/weave.md): Weave is a lightweight container overlay network that doesn't require an external K/V database cluster.
+- [weave](docs/CNI/weave.md): Weave is a lightweight container overlay network that doesn't require an external K/V database cluster.
(Please refer to `weave` [troubleshooting documentation](https://www.weave.works/docs/net/latest/troubleshooting/)).
-- [kube-ovn](docs/kube-ovn.md): Kube-OVN integrates the OVN-based Network Virtualization with Kubernetes. It offers an advanced Container Network Fabric for Enterprises.
+- [kube-ovn](docs/CNI/kube-ovn.md): Kube-OVN integrates the OVN-based Network Virtualization with Kubernetes. It offers an advanced Container Network Fabric for Enterprises.
-- [kube-router](docs/kube-router.md): Kube-router is a L3 CNI for Kubernetes networking aiming to provide operational
+- [kube-router](docs/CNI/kube-router.md): Kube-router is a L3 CNI for Kubernetes networking aiming to provide operational
simplicity and high performance: it uses IPVS to provide Kube Services Proxy (if setup to replace kube-proxy),
iptables for network policies, and BGP for ods L3 networking (with optionally BGP peering with out-of-cluster BGP peers).
It can also optionally advertise routes to Kubernetes cluster Pods CIDRs, ClusterIPs, ExternalIPs and LoadBalancerIPs.
-- [macvlan](docs/macvlan.md): Macvlan is a Linux network driver. Pods have their own unique Mac and Ip address, connected directly the physical (layer 2) network.
+- [macvlan](docs/CNI/macvlan.md): Macvlan is a Linux network driver. Pods have their own unique Mac and Ip address, connected directly the physical (layer 2) network.
-- [multus](docs/multus.md): Multus is a meta CNI plugin that provides multiple network interface support to pods. For each interface Multus delegates CNI calls to secondary CNI plugins such as Calico, macvlan, etc.
+- [multus](docs/CNI/multus.md): Multus is a meta CNI plugin that provides multiple network interface support to pods. For each interface Multus delegates CNI calls to secondary CNI plugins such as Calico, macvlan, etc.
- [custom_cni](roles/network-plugin/custom_cni/) : You can specify some manifests that will be applied to the clusters to bring you own CNI and use non-supported ones by Kubespray.
See `tests/files/custom_cni/README.md` and `tests/files/custom_cni/values.yaml`for an example with a CNI provided by a Helm Chart.
The network plugin to use is defined by the variable `kube_network_plugin`. There is also an
option to leverage built-in cloud provider networking instead.
-See also [Network checker](docs/netcheck.md).
+See also [Network checker](docs/advanced/netcheck.md).
## Ingress Plugins
- [nginx](https://kubernetes.github.io/ingress-nginx): the NGINX Ingress Controller.
-- [metallb](docs/metallb.md): the MetalLB bare-metal service LoadBalancer provider.
+- [metallb](docs/ingress/metallb.md): the MetalLB bare-metal service LoadBalancer provider.
## Community docs and resources
@@ -280,4 +280,4 @@ See also [Network checker](docs/netcheck.md).
CI/end-to-end tests sponsored by: [CNCF](https://cncf.io), [Equinix Metal](https://metal.equinix.com/), [OVHcloud](https://www.ovhcloud.com/), [ELASTX](https://elastx.se/).
-See the [test matrix](docs/test_cases.md) for details.
+See the [test matrix](docs/developers/test_cases.md) for details.
diff --git a/Vagrantfile b/Vagrantfile
index 9ad139975..277c25722 100644
--- a/Vagrantfile
+++ b/Vagrantfile
@@ -21,13 +21,15 @@ SUPPORTED_OS = {
"flatcar-edge" => {box: "flatcar-edge", user: "core", box_url: FLATCAR_URL_TEMPLATE % ["edge"]},
"ubuntu2004" => {box: "generic/ubuntu2004", user: "vagrant"},
"ubuntu2204" => {box: "generic/ubuntu2204", user: "vagrant"},
+ "ubuntu2404" => {box: "bento/ubuntu-24.04", user: "vagrant"},
"centos" => {box: "centos/7", user: "vagrant"},
"centos-bento" => {box: "bento/centos-7.6", user: "vagrant"},
"centos8" => {box: "centos/8", user: "vagrant"},
"centos8-bento" => {box: "bento/centos-8", user: "vagrant"},
"almalinux8" => {box: "almalinux/8", user: "vagrant"},
"almalinux8-bento" => {box: "bento/almalinux-8", user: "vagrant"},
- "rockylinux8" => {box: "generic/rocky8", user: "vagrant"},
+ "rockylinux8" => {box: "rockylinux/8", user: "vagrant"},
+ "rockylinux9" => {box: "rockylinux/9", user: "vagrant"},
"fedora37" => {box: "fedora/37-cloud-base", user: "vagrant"},
"fedora38" => {box: "fedora/38-cloud-base", user: "vagrant"},
"opensuse" => {box: "opensuse/Leap-15.4.x86_64", user: "vagrant"},
@@ -36,6 +38,8 @@ SUPPORTED_OS = {
"oraclelinux8" => {box: "generic/oracle8", user: "vagrant"},
"rhel7" => {box: "generic/rhel7", user: "vagrant"},
"rhel8" => {box: "generic/rhel8", user: "vagrant"},
+ "debian11" => {box: "debian/bullseye64", user: "vagrant"},
+ "debian12" => {box: "debian/bookworm64", user: "vagrant"},
}
if File.exist?(CONFIG)
@@ -185,6 +189,14 @@ Vagrant.configure("2") do |config|
lv.storage :file, :device => "hd#{driverletters[d]}", :path => "disk-#{i}-#{d}-#{DISK_UUID}.disk", :size => $kube_node_instances_with_disks_size, :bus => "scsi"
end
end
+ node.vm.provider :virtualbox do |vb|
+ # always make /dev/sd{a/b/c} so that CI can ensure that
+ # virtualbox and libvirt will have the same devices to use for OSDs
+ (1..$kube_node_instances_with_disks_number).each do |d|
+ vb.customize ['createhd', '--filename', "disk-#{i}-#{driverletters[d]}-#{DISK_UUID}.disk", '--size', $kube_node_instances_with_disks_size] # 10GB disk
+ vb.customize ['storageattach', :id, '--storagectl', 'SATA Controller', '--port', d, '--device', 0, '--type', 'hdd', '--medium', "disk-#{i}-#{driverletters[d]}-#{DISK_UUID}.disk", '--nonrotational', 'on', '--mtype', 'normal']
+ end
+ end
end
if $expose_docker_tcp
@@ -235,6 +247,13 @@ Vagrant.configure("2") do |config|
SHELL
end
+ # Rockylinux boxes needs UEFI
+ if ["rockylinux8", "rockylinux9"].include? $os
+ config.vm.provider "libvirt" do |domain|
+ domain.loader = "/usr/share/OVMF/x64/OVMF_CODE.fd"
+ end
+ end
+
# Disable firewalld on oraclelinux/redhat vms
if ["oraclelinux","oraclelinux8","rhel7","rhel8","rockylinux8"].include? $os
node.vm.provision "shell", inline: "systemctl stop firewalld; systemctl disable firewalld"
diff --git a/contrib/azurerm/README.md b/contrib/azurerm/README.md
index f24a5ec23..8869ec091 100644
--- a/contrib/azurerm/README.md
+++ b/contrib/azurerm/README.md
@@ -49,7 +49,7 @@ If you need to delete all resources from a resource group, simply call:
## Installing Ansible and the dependencies
-Install Ansible according to [Ansible installation guide](/docs/ansible.md#installing-ansible)
+Install Ansible according to [Ansible installation guide](/docs/ansible/ansible.md#installing-ansible)
## Generating an inventory for kubespray
diff --git a/contrib/terraform/equinix/README.md b/contrib/terraform/equinix/README.md
index d1eb71f3f..f81e066a0 100644
--- a/contrib/terraform/equinix/README.md
+++ b/contrib/terraform/equinix/README.md
@@ -35,7 +35,7 @@ now six total etcd replicas.
## Requirements
- [Install Terraform](https://www.terraform.io/intro/getting-started/install.html)
-- [Install Ansible dependencies](/docs/ansible.md#installing-ansible)
+- [Install Ansible dependencies](/docs/ansible/ansible.md#installing-ansible)
- Account with Equinix Metal
- An SSH key pair
diff --git a/contrib/terraform/openstack/README.md b/contrib/terraform/openstack/README.md
index 923aa3140..5e88849f5 100644
--- a/contrib/terraform/openstack/README.md
+++ b/contrib/terraform/openstack/README.md
@@ -619,7 +619,7 @@ Edit `inventory/$CLUSTER/group_vars/k8s_cluster/k8s_cluster.yml`:
- Set variable **kube_network_plugin** to your desired networking plugin.
- **flannel** works out-of-the-box
- - **calico** requires [configuring OpenStack Neutron ports](/docs/openstack.md) to allow service and pod subnets
+ - **calico** requires [configuring OpenStack Neutron ports](/docs/cloud_providers/openstack.md) to allow service and pod subnets
```yml
# Choose network plugin (calico, weave or flannel)
diff --git a/docs/calico.md b/docs/CNI/calico.md
similarity index 99%
rename from docs/calico.md
rename to docs/CNI/calico.md
index fb9ab06f8..8708f0bcc 100644
--- a/docs/calico.md
+++ b/docs/CNI/calico.md
@@ -382,7 +382,7 @@ To clean up any ipvs leftovers:
Calico node, typha and kube-controllers need to be able to talk to the kubernetes API. Please reference the [Enabling eBPF Calico Docs](https://docs.projectcalico.org/maintenance/ebpf/enabling-bpf) for guidelines on how to do this.
-Kubespray sets up the `kubernetes-services-endpoint` configmap based on the contents of the `loadbalancer_apiserver` inventory variable documented in [HA Mode](/docs/ha-mode.md).
+Kubespray sets up the `kubernetes-services-endpoint` configmap based on the contents of the `loadbalancer_apiserver` inventory variable documented in [HA Mode](/docs/operations/ha-mode.md).
If no external loadbalancer is used, Calico eBPF can also use the localhost loadbalancer option. We are able to do so only if you use the same port for the localhost apiserver loadbalancer and the kube-apiserver. In this case Calico Automatic Host Endpoints need to be enabled to allow services like `coredns` and `metrics-server` to communicate with the kubernetes host endpoint. See [this blog post](https://www.projectcalico.org/securing-kubernetes-nodes-with-calico-automatic-host-endpoints/) on enabling automatic host endpoints.
diff --git a/docs/cilium.md b/docs/CNI/cilium.md
similarity index 99%
rename from docs/cilium.md
rename to docs/CNI/cilium.md
index afc808c64..a773dbc90 100644
--- a/docs/cilium.md
+++ b/docs/CNI/cilium.md
@@ -99,7 +99,7 @@ cilium_operator_extra_volume_mounts:
## Choose Cilium version
```yml
-cilium_version: v1.15.4
+cilium_version: v1.12.1
```
## Add variable to config
diff --git a/docs/cni.md b/docs/CNI/cni.md
similarity index 100%
rename from docs/cni.md
rename to docs/CNI/cni.md
diff --git a/docs/flannel.md b/docs/CNI/flannel.md
similarity index 100%
rename from docs/flannel.md
rename to docs/CNI/flannel.md
diff --git a/docs/kube-ovn.md b/docs/CNI/kube-ovn.md
similarity index 100%
rename from docs/kube-ovn.md
rename to docs/CNI/kube-ovn.md
diff --git a/docs/kube-router.md b/docs/CNI/kube-router.md
similarity index 100%
rename from docs/kube-router.md
rename to docs/CNI/kube-router.md
diff --git a/docs/macvlan.md b/docs/CNI/macvlan.md
similarity index 100%
rename from docs/macvlan.md
rename to docs/CNI/macvlan.md
diff --git a/docs/multus.md b/docs/CNI/multus.md
similarity index 100%
rename from docs/multus.md
rename to docs/CNI/multus.md
diff --git a/docs/weave.md b/docs/CNI/weave.md
similarity index 100%
rename from docs/weave.md
rename to docs/CNI/weave.md
diff --git a/docs/containerd.md b/docs/CRI/containerd.md
similarity index 100%
rename from docs/containerd.md
rename to docs/CRI/containerd.md
diff --git a/docs/cri-o.md b/docs/CRI/cri-o.md
similarity index 100%
rename from docs/cri-o.md
rename to docs/CRI/cri-o.md
diff --git a/docs/docker.md b/docs/CRI/docker.md
similarity index 100%
rename from docs/docker.md
rename to docs/CRI/docker.md
diff --git a/docs/gvisor.md b/docs/CRI/gvisor.md
similarity index 100%
rename from docs/gvisor.md
rename to docs/CRI/gvisor.md
diff --git a/docs/kata-containers.md b/docs/CRI/kata-containers.md
similarity index 100%
rename from docs/kata-containers.md
rename to docs/CRI/kata-containers.md
diff --git a/docs/aws-ebs-csi.md b/docs/CSI/aws-ebs-csi.md
similarity index 100%
rename from docs/aws-ebs-csi.md
rename to docs/CSI/aws-ebs-csi.md
diff --git a/docs/azure-csi.md b/docs/CSI/azure-csi.md
similarity index 100%
rename from docs/azure-csi.md
rename to docs/CSI/azure-csi.md
diff --git a/docs/cinder-csi.md b/docs/CSI/cinder-csi.md
similarity index 100%
rename from docs/cinder-csi.md
rename to docs/CSI/cinder-csi.md
diff --git a/docs/gcp-pd-csi.md b/docs/CSI/gcp-pd-csi.md
similarity index 100%
rename from docs/gcp-pd-csi.md
rename to docs/CSI/gcp-pd-csi.md
diff --git a/docs/vsphere-csi.md b/docs/CSI/vsphere-csi.md
similarity index 100%
rename from docs/vsphere-csi.md
rename to docs/CSI/vsphere-csi.md
diff --git a/docs/_sidebar.md b/docs/_sidebar.md
index 8901e6984..e0a5bab87 100644
--- a/docs/_sidebar.md
+++ b/docs/_sidebar.md
@@ -1,66 +1,94 @@
* [Readme](/)
-* [Comparisons](/docs/comparisons.md)
-* [Getting started](/docs/getting-started.md)
-* [Ansible](docs/ansible.md)
-* [Variables](/docs/vars.md)
-* Operations
- * [Integration](docs/integration.md)
- * [Upgrades](/docs/upgrades.md)
- * [HA Mode](docs/ha-mode.md)
- * [Adding/replacing a node](docs/nodes.md)
- * [Large deployments](docs/large-deployments.md)
- * [Air-Gap Installation](docs/offline-environment.md)
-* CNI
- * [Calico](docs/calico.md)
- * [Flannel](docs/flannel.md)
- * [Cilium](docs/cilium.md)
- * [Kube Router](docs/kube-router.md)
- * [Kube OVN](docs/kube-ovn.md)
- * [Weave](docs/weave.md)
- * [Multus](docs/multus.md)
-* Ingress
- * [kube-vip](docs/kube-vip.md)
- * [ALB Ingress](docs/ingress_controller/alb_ingress_controller.md)
- * [MetalLB](docs/metallb.md)
- * [Nginx Ingress](docs/ingress_controller/ingress_nginx.md)
-* [Cloud providers](docs/cloud.md)
- * [AWS](docs/aws.md)
- * [Azure](docs/azure.md)
- * [OpenStack](/docs/openstack.md)
- * [Equinix Metal](/docs/equinix-metal.md)
- * [vSphere](/docs/vsphere.md)
-* [Operating Systems](docs/bootstrap-os.md)
- * [Flatcar Container Linux](docs/flatcar.md)
- * [Fedora CoreOS](docs/fcos.md)
- * [OpenSUSE](docs/opensuse.md)
- * [RedHat Enterprise Linux](docs/rhel.md)
- * [CentOS/OracleLinux/AlmaLinux/Rocky Linux](docs/centos.md)
- * [Kylin Linux Advanced Server V10](docs/kylinlinux.md)
- * [Amazon Linux 2](docs/amazonlinux.md)
- * [UOS Linux](docs/uoslinux.md)
- * [openEuler notes](docs/openeuler.md)
-* CRI
- * [Containerd](docs/containerd.md)
- * [Docker](docs/docker.md)
- * [CRI-O](docs/cri-o.md)
- * [Kata Containers](docs/kata-containers.md)
- * [gVisor](docs/gvisor.md)
* Advanced
- * [Proxy](/docs/proxy.md)
- * [Downloads](docs/downloads.md)
- * [Netcheck](docs/netcheck.md)
- * [Cert Manager](docs/cert_manager.md)
- * [DNS Stack](docs/dns-stack.md)
- * [Kubernetes reliability](docs/kubernetes-reliability.md)
- * [Local Registry](docs/kubernetes-apps/registry.md)
- * [NTP](docs/ntp.md)
-* External Storage Provisioners
- * [RBD Provisioner](docs/kubernetes-apps/rbd_provisioner.md)
- * [CEPHFS Provisioner](docs/kubernetes-apps/cephfs_provisioner.md)
- * [Local Volume Provisioner](docs/kubernetes-apps/local_volume_provisioner.md)
+ * [Arch](/docs/advanced/arch.md)
+ * [Cert Manager](/docs/advanced/cert_manager.md)
+ * [Dns-stack](/docs/advanced/dns-stack.md)
+ * [Downloads](/docs/advanced/downloads.md)
+ * [Gcp-lb](/docs/advanced/gcp-lb.md)
+ * [Kubernetes-reliability](/docs/advanced/kubernetes-reliability.md)
+ * [Mitogen](/docs/advanced/mitogen.md)
+ * [Netcheck](/docs/advanced/netcheck.md)
+ * [Ntp](/docs/advanced/ntp.md)
+ * [Proxy](/docs/advanced/proxy.md)
+ * [Registry](/docs/advanced/registry.md)
+* Ansible
+ * [Ansible](/docs/ansible/ansible.md)
+ * [Ansible Collection](/docs/ansible/ansible_collection.md)
+ * [Vars](/docs/ansible/vars.md)
+* Cloud Providers
+ * [Aws](/docs/cloud_providers/aws.md)
+ * [Azure](/docs/cloud_providers/azure.md)
+ * [Cloud](/docs/cloud_providers/cloud.md)
+ * [Equinix-metal](/docs/cloud_providers/equinix-metal.md)
+ * [Openstack](/docs/cloud_providers/openstack.md)
+ * [Vsphere](/docs/cloud_providers/vsphere.md)
+* CNI
+ * [Calico](/docs/CNI/calico.md)
+ * [Cilium](/docs/CNI/cilium.md)
+ * [Cni](/docs/CNI/cni.md)
+ * [Flannel](/docs/CNI/flannel.md)
+ * [Kube-ovn](/docs/CNI/kube-ovn.md)
+ * [Kube-router](/docs/CNI/kube-router.md)
+ * [Macvlan](/docs/CNI/macvlan.md)
+ * [Multus](/docs/CNI/multus.md)
+ * [Weave](/docs/CNI/weave.md)
+* CRI
+ * [Containerd](/docs/CRI/containerd.md)
+ * [Cri-o](/docs/CRI/cri-o.md)
+ * [Docker](/docs/CRI/docker.md)
+ * [Gvisor](/docs/CRI/gvisor.md)
+ * [Kata-containers](/docs/CRI/kata-containers.md)
+* CSI
+ * [Aws-ebs-csi](/docs/CSI/aws-ebs-csi.md)
+ * [Azure-csi](/docs/CSI/azure-csi.md)
+ * [Cinder-csi](/docs/CSI/cinder-csi.md)
+ * [Gcp-pd-csi](/docs/CSI/gcp-pd-csi.md)
+ * [Vsphere-csi](/docs/CSI/vsphere-csi.md)
* Developers
- * [Test cases](docs/test_cases.md)
- * [Vagrant](docs/vagrant.md)
- * [CI Matrix](docs/ci.md)
- * [CI Setup](docs/ci-setup.md)
-* [Roadmap](docs/roadmap.md)
+ * [Ci-setup](/docs/developers/ci-setup.md)
+ * [Ci](/docs/developers/ci.md)
+ * [Test Cases](/docs/developers/test_cases.md)
+ * [Vagrant](/docs/developers/vagrant.md)
+* External Storage Provisioners
+ * [Cephfs Provisioner](/docs/external_storage_provisioners/cephfs_provisioner.md)
+ * [Local Volume Provisioner](/docs/external_storage_provisioners/local_volume_provisioner.md)
+ * [Rbd Provisioner](/docs/external_storage_provisioners/rbd_provisioner.md)
+ * [Scheduler Plugins](/docs/external_storage_provisioners/scheduler_plugins.md)
+* Getting Started
+ * [Comparisons](/docs/getting_started/comparisons.md)
+ * [Getting-started](/docs/getting_started/getting-started.md)
+ * [Setting-up-your-first-cluster](/docs/getting_started/setting-up-your-first-cluster.md)
+* Ingress
+ * [Alb Ingress Controller](/docs/ingress/alb_ingress_controller.md)
+ * [Ingress Nginx](/docs/ingress/ingress_nginx.md)
+ * [Kube-vip](/docs/ingress/kube-vip.md)
+ * [Metallb](/docs/ingress/metallb.md)
+* Operating Systems
+ * [Amazonlinux](/docs/operating_systems/amazonlinux.md)
+ * [Bootstrap-os](/docs/operating_systems/bootstrap-os.md)
+ * [Centos](/docs/operating_systems/centos.md)
+ * [Fcos](/docs/operating_systems/fcos.md)
+ * [Flatcar](/docs/operating_systems/flatcar.md)
+ * [Kylinlinux](/docs/operating_systems/kylinlinux.md)
+ * [Openeuler](/docs/operating_systems/openeuler.md)
+ * [Opensuse](/docs/operating_systems/opensuse.md)
+ * [Rhel](/docs/operating_systems/rhel.md)
+ * [Uoslinux](/docs/operating_systems/uoslinux.md)
+* Operations
+ * [Cgroups](/docs/operations/cgroups.md)
+ * [Encrypting-secret-data-at-rest](/docs/operations/encrypting-secret-data-at-rest.md)
+ * [Etcd](/docs/operations/etcd.md)
+ * [Ha-mode](/docs/operations/ha-mode.md)
+ * [Hardening](/docs/operations/hardening.md)
+ * [Integration](/docs/operations/integration.md)
+ * [Large-deployments](/docs/operations/large-deployments.md)
+ * [Mirror](/docs/operations/mirror.md)
+ * [Nodes](/docs/operations/nodes.md)
+ * [Offline-environment](/docs/operations/offline-environment.md)
+ * [Port-requirements](/docs/operations/port-requirements.md)
+ * [Recover-control-plane](/docs/operations/recover-control-plane.md)
+ * [Upgrades](/docs/operations/upgrades.md)
+* Roadmap
+ * [Roadmap](/docs/roadmap/roadmap.md)
+* Upgrades
+ * [Migrate Docker2containerd](/docs/upgrades/migrate_docker2containerd.md)
diff --git a/docs/arch.md b/docs/advanced/arch.md
similarity index 100%
rename from docs/arch.md
rename to docs/advanced/arch.md
diff --git a/docs/cert_manager.md b/docs/advanced/cert_manager.md
similarity index 100%
rename from docs/cert_manager.md
rename to docs/advanced/cert_manager.md
diff --git a/docs/dns-stack.md b/docs/advanced/dns-stack.md
similarity index 100%
rename from docs/dns-stack.md
rename to docs/advanced/dns-stack.md
diff --git a/docs/downloads.md b/docs/advanced/downloads.md
similarity index 100%
rename from docs/downloads.md
rename to docs/advanced/downloads.md
diff --git a/docs/gcp-lb.md b/docs/advanced/gcp-lb.md
similarity index 100%
rename from docs/gcp-lb.md
rename to docs/advanced/gcp-lb.md
diff --git a/docs/kubernetes-reliability.md b/docs/advanced/kubernetes-reliability.md
similarity index 100%
rename from docs/kubernetes-reliability.md
rename to docs/advanced/kubernetes-reliability.md
diff --git a/docs/mitogen.md b/docs/advanced/mitogen.md
similarity index 100%
rename from docs/mitogen.md
rename to docs/advanced/mitogen.md
diff --git a/docs/netcheck.md b/docs/advanced/netcheck.md
similarity index 100%
rename from docs/netcheck.md
rename to docs/advanced/netcheck.md
diff --git a/docs/ntp.md b/docs/advanced/ntp.md
similarity index 100%
rename from docs/ntp.md
rename to docs/advanced/ntp.md
diff --git a/docs/proxy.md b/docs/advanced/proxy.md
similarity index 100%
rename from docs/proxy.md
rename to docs/advanced/proxy.md
diff --git a/docs/kubernetes-apps/registry.md b/docs/advanced/registry.md
similarity index 100%
rename from docs/kubernetes-apps/registry.md
rename to docs/advanced/registry.md
diff --git a/docs/ansible.md b/docs/ansible/ansible.md
similarity index 99%
rename from docs/ansible.md
rename to docs/ansible/ansible.md
index 3fbf57ea5..43769e0d9 100644
--- a/docs/ansible.md
+++ b/docs/ansible/ansible.md
@@ -59,7 +59,7 @@ not _kube_node_.
There are also two special groups:
-* **calico_rr** : explained for [advanced Calico networking cases](/docs/calico.md)
+* **calico_rr** : explained for [advanced Calico networking cases](/docs/CNI/calico.md)
* **bastion** : configure a bastion host if your nodes are not directly reachable
Below is a complete inventory example:
@@ -285,7 +285,7 @@ For more information about Ansible and bastion hosts, read
## Mitogen
-Mitogen support is deprecated, please see [mitogen related docs](/docs/mitogen.md) for usage and reasons for deprecation.
+Mitogen support is deprecated, please see [mitogen related docs](/docs/advanced/mitogen.md) for usage and reasons for deprecation.
## Beyond ansible 2.9
diff --git a/docs/ansible_collection.md b/docs/ansible/ansible_collection.md
similarity index 100%
rename from docs/ansible_collection.md
rename to docs/ansible/ansible_collection.md
diff --git a/docs/vars.md b/docs/ansible/vars.md
similarity index 99%
rename from docs/vars.md
rename to docs/ansible/vars.md
index 0e83b1831..c2cdaa099 100644
--- a/docs/vars.md
+++ b/docs/ansible/vars.md
@@ -46,11 +46,11 @@ Some variables of note include:
* *loadbalancer_apiserver* - If defined, all hosts will connect to this
address instead of localhost for kube_control_planes and kube_control_plane[0] for
kube_nodes. See more details in the
- [HA guide](/docs/ha-mode.md).
+ [HA guide](/docs/operations/ha-mode.md).
* *loadbalancer_apiserver_localhost* - makes all hosts to connect to
the apiserver internally load balanced endpoint. Mutual exclusive to the
`loadbalancer_apiserver`. See more details in the
- [HA guide](/docs/ha-mode.md).
+ [HA guide](/docs/operations/ha-mode.md).
## Cluster variables
diff --git a/docs/aws.md b/docs/cloud_providers/aws.md
similarity index 100%
rename from docs/aws.md
rename to docs/cloud_providers/aws.md
diff --git a/docs/azure.md b/docs/cloud_providers/azure.md
similarity index 100%
rename from docs/azure.md
rename to docs/cloud_providers/azure.md
diff --git a/docs/cloud.md b/docs/cloud_providers/cloud.md
similarity index 100%
rename from docs/cloud.md
rename to docs/cloud_providers/cloud.md
diff --git a/docs/equinix-metal.md b/docs/cloud_providers/equinix-metal.md
similarity index 98%
rename from docs/equinix-metal.md
rename to docs/cloud_providers/equinix-metal.md
index ccdabaed2..3616dc9ef 100644
--- a/docs/equinix-metal.md
+++ b/docs/cloud_providers/equinix-metal.md
@@ -54,7 +54,7 @@ cd kubespray
## Install Ansible
-Install Ansible according to [Ansible installation guide](/docs/ansible.md#installing-ansible)
+Install Ansible according to [Ansible installation guide](/docs/ansible/ansible.md#installing-ansible)
## Cluster Definition
diff --git a/docs/openstack.md b/docs/cloud_providers/openstack.md
similarity index 100%
rename from docs/openstack.md
rename to docs/cloud_providers/openstack.md
diff --git a/docs/vsphere.md b/docs/cloud_providers/vsphere.md
similarity index 99%
rename from docs/vsphere.md
rename to docs/cloud_providers/vsphere.md
index a75a25d9a..72a2c1dba 100644
--- a/docs/vsphere.md
+++ b/docs/cloud_providers/vsphere.md
@@ -54,7 +54,7 @@ external_vsphere_kubernetes_cluster_id: "kubernetes-cluster-id"
vsphere_csi_enabled: true
```
-For a more fine-grained CSI setup, refer to the [vsphere-csi](/docs/vsphere-csi.md) documentation.
+For a more fine-grained CSI setup, refer to the [vsphere-csi](/docs/CSI/vsphere-csi.md) documentation.
### Deployment
diff --git a/docs/ci-setup.md b/docs/developers/ci-setup.md
similarity index 100%
rename from docs/ci-setup.md
rename to docs/developers/ci-setup.md
diff --git a/docs/ci.md b/docs/developers/ci.md
similarity index 94%
rename from docs/ci.md
rename to docs/developers/ci.md
index 0fed5e106..d801f3596 100644
--- a/docs/ci.md
+++ b/docs/developers/ci.md
@@ -19,6 +19,7 @@ rockylinux8 | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
rockylinux9 | :white_check_mark: | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: |
ubuntu20 | :white_check_mark: | :white_check_mark: | :x: | :white_check_mark: | :x: | :white_check_mark: | :x: | :white_check_mark: |
ubuntu22 | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
+ubuntu24 | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
## crio
@@ -37,6 +38,7 @@ rockylinux8 | :x: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
rockylinux9 | :x: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
ubuntu20 | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
ubuntu22 | :x: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
+ubuntu24 | :x: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
## docker
@@ -55,3 +57,4 @@ rockylinux8 | :x: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
rockylinux9 | :x: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
ubuntu20 | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: | :white_check_mark: |
ubuntu22 | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
+ubuntu24 | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
diff --git a/docs/test_cases.md b/docs/developers/test_cases.md
similarity index 94%
rename from docs/test_cases.md
rename to docs/developers/test_cases.md
index b26d3aa50..1937e7ebe 100644
--- a/docs/test_cases.md
+++ b/docs/developers/test_cases.md
@@ -25,7 +25,7 @@ Note, the canal network plugin deploys flannel as well plus calico policy contro
## Test cases
-The [CI Matrix](/docs/ci.md) displays OS, Network Plugin and Container Manager tested.
+The [CI Matrix](/docs/developers/ci.md) displays OS, Network Plugin and Container Manager tested.
All tests are breakdown into 3 "stages" ("Stage" means a build step of the build pipeline) as follows:
diff --git a/docs/vagrant.md b/docs/developers/vagrant.md
similarity index 99%
rename from docs/vagrant.md
rename to docs/developers/vagrant.md
index 9e12351af..824b3953b 100644
--- a/docs/vagrant.md
+++ b/docs/developers/vagrant.md
@@ -52,7 +52,7 @@ speed, the variable 'download_run_once' is set. This will make kubespray
download all files and containers just once and then redistributes them to
the other nodes and as a bonus, also cache all downloads locally and re-use
them on the next provisioning run. For more information on download settings
-see [download documentation](/docs/downloads.md).
+see [download documentation](/docs/advanced/downloads.md).
## Example use of Vagrant
diff --git a/docs/kubernetes-apps/cephfs_provisioner.md b/docs/external_storage_provisioners/cephfs_provisioner.md
similarity index 100%
rename from docs/kubernetes-apps/cephfs_provisioner.md
rename to docs/external_storage_provisioners/cephfs_provisioner.md
diff --git a/docs/kubernetes-apps/local_volume_provisioner.md b/docs/external_storage_provisioners/local_volume_provisioner.md
similarity index 100%
rename from docs/kubernetes-apps/local_volume_provisioner.md
rename to docs/external_storage_provisioners/local_volume_provisioner.md
diff --git a/docs/kubernetes-apps/rbd_provisioner.md b/docs/external_storage_provisioners/rbd_provisioner.md
similarity index 100%
rename from docs/kubernetes-apps/rbd_provisioner.md
rename to docs/external_storage_provisioners/rbd_provisioner.md
diff --git a/docs/kubernetes-apps/scheduler_plugins.md b/docs/external_storage_provisioners/scheduler_plugins.md
similarity index 98%
rename from docs/kubernetes-apps/scheduler_plugins.md
rename to docs/external_storage_provisioners/scheduler_plugins.md
index 85e37910a..c0b2f3b60 100644
--- a/docs/kubernetes-apps/scheduler_plugins.md
+++ b/docs/external_storage_provisioners/scheduler_plugins.md
@@ -24,8 +24,8 @@ There are requirements for the version of Kubernetes, please see [Compatibility
| Scheduler Plugins | Compiled With K8s Version |
| ----------------- | ------------------------- |
+| v0.28.9 | v1.28.9 |
| v0.27.8 | v1.27.8 |
-| v0.26.8 | v1.26.7 |
## Turning it on
diff --git a/docs/comparisons.md b/docs/getting_started/comparisons.md
similarity index 100%
rename from docs/comparisons.md
rename to docs/getting_started/comparisons.md
diff --git a/docs/getting-started.md b/docs/getting_started/getting-started.md
similarity index 96%
rename from docs/getting-started.md
rename to docs/getting_started/getting-started.md
index 32660d1d3..1cfb26f1c 100644
--- a/docs/getting-started.md
+++ b/docs/getting_started/getting-started.md
@@ -36,7 +36,7 @@ ansible-playbook -i inventory/mycluster/hosts.yml cluster.yml -b -v \
--private-key=~/.ssh/private_key
```
-See more details in the [ansible guide](/docs/ansible.md).
+See more details in the [ansible guide](/docs/ansible/ansible.md).
### Adding nodes
@@ -81,7 +81,7 @@ kube-apiserver via port 8080. A kubeconfig file is not necessary in this case,
because kubectl will use to connect. The kubeconfig files
generated will point to localhost (on kube_control_planes) and kube_node hosts will
connect either to a localhost nginx proxy or to a loadbalancer if configured.
-More details on this process are in the [HA guide](/docs/ha-mode.md).
+More details on this process are in the [HA guide](/docs/operations/ha-mode.md).
Kubespray permits connecting to the cluster remotely on any IP of any
kube_control_plane host on port 6443 by default. However, this requires
@@ -140,5 +140,5 @@ If desired, copy admin.conf to ~/.kube/config.
## Setting up your first cluster
-[Setting up your first cluster](/docs/setting-up-your-first-cluster.md) is an
+[Setting up your first cluster](/docs/getting_started/setting-up-your-first-cluster.md) is an
applied step-by-step guide for setting up your first cluster with Kubespray.
diff --git a/docs/setting-up-your-first-cluster.md b/docs/getting_started/setting-up-your-first-cluster.md
similarity index 100%
rename from docs/setting-up-your-first-cluster.md
rename to docs/getting_started/setting-up-your-first-cluster.md
diff --git a/docs/ingress_controller/alb_ingress_controller.md b/docs/ingress/alb_ingress_controller.md
similarity index 100%
rename from docs/ingress_controller/alb_ingress_controller.md
rename to docs/ingress/alb_ingress_controller.md
diff --git a/docs/ingress_controller/ingress_nginx.md b/docs/ingress/ingress_nginx.md
similarity index 99%
rename from docs/ingress_controller/ingress_nginx.md
rename to docs/ingress/ingress_nginx.md
index a77ae480d..f465dc60f 100644
--- a/docs/ingress_controller/ingress_nginx.md
+++ b/docs/ingress/ingress_nginx.md
@@ -35,7 +35,7 @@ kubectl create clusterrolebinding cluster-admin-binding \
The following **Mandatory Command** is required for all deployments except for AWS. See below for the AWS version.
```console
-kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.9.6/deploy/static/provider/cloud/deploy.yaml
+kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.10.1/deploy/static/provider/cloud/deploy.yaml
```
### Provider Specific Steps
diff --git a/docs/kube-vip.md b/docs/ingress/kube-vip.md
similarity index 100%
rename from docs/kube-vip.md
rename to docs/ingress/kube-vip.md
diff --git a/docs/metallb.md b/docs/ingress/metallb.md
similarity index 100%
rename from docs/metallb.md
rename to docs/ingress/metallb.md
diff --git a/docs/amazonlinux.md b/docs/operating_systems/amazonlinux.md
similarity index 100%
rename from docs/amazonlinux.md
rename to docs/operating_systems/amazonlinux.md
diff --git a/docs/bootstrap-os.md b/docs/operating_systems/bootstrap-os.md
similarity index 100%
rename from docs/bootstrap-os.md
rename to docs/operating_systems/bootstrap-os.md
diff --git a/docs/centos.md b/docs/operating_systems/centos.md
similarity index 100%
rename from docs/centos.md
rename to docs/operating_systems/centos.md
diff --git a/docs/fcos.md b/docs/operating_systems/fcos.md
similarity index 100%
rename from docs/fcos.md
rename to docs/operating_systems/fcos.md
diff --git a/docs/flatcar.md b/docs/operating_systems/flatcar.md
similarity index 100%
rename from docs/flatcar.md
rename to docs/operating_systems/flatcar.md
diff --git a/docs/kylinlinux.md b/docs/operating_systems/kylinlinux.md
similarity index 100%
rename from docs/kylinlinux.md
rename to docs/operating_systems/kylinlinux.md
diff --git a/docs/openeuler.md b/docs/operating_systems/openeuler.md
similarity index 100%
rename from docs/openeuler.md
rename to docs/operating_systems/openeuler.md
diff --git a/docs/opensuse.md b/docs/operating_systems/opensuse.md
similarity index 100%
rename from docs/opensuse.md
rename to docs/operating_systems/opensuse.md
diff --git a/docs/rhel.md b/docs/operating_systems/rhel.md
similarity index 100%
rename from docs/rhel.md
rename to docs/operating_systems/rhel.md
diff --git a/docs/uoslinux.md b/docs/operating_systems/uoslinux.md
similarity index 100%
rename from docs/uoslinux.md
rename to docs/operating_systems/uoslinux.md
diff --git a/docs/cgroups.md b/docs/operations/cgroups.md
similarity index 100%
rename from docs/cgroups.md
rename to docs/operations/cgroups.md
diff --git a/docs/encrypting-secret-data-at-rest.md b/docs/operations/encrypting-secret-data-at-rest.md
similarity index 100%
rename from docs/encrypting-secret-data-at-rest.md
rename to docs/operations/encrypting-secret-data-at-rest.md
diff --git a/docs/etcd.md b/docs/operations/etcd.md
similarity index 100%
rename from docs/etcd.md
rename to docs/operations/etcd.md
diff --git a/docs/ha-mode.md b/docs/operations/ha-mode.md
similarity index 100%
rename from docs/ha-mode.md
rename to docs/operations/ha-mode.md
diff --git a/docs/hardening.md b/docs/operations/hardening.md
similarity index 100%
rename from docs/hardening.md
rename to docs/operations/hardening.md
diff --git a/docs/integration.md b/docs/operations/integration.md
similarity index 100%
rename from docs/integration.md
rename to docs/operations/integration.md
diff --git a/docs/large-deployments.md b/docs/operations/large-deployments.md
similarity index 90%
rename from docs/large-deployments.md
rename to docs/operations/large-deployments.md
index 4666d073e..3182c27b8 100644
--- a/docs/large-deployments.md
+++ b/docs/operations/large-deployments.md
@@ -9,7 +9,7 @@ For a large scaled deployments, consider the following configuration changes:
* Override containers' `foo_image_repo` vars to point to intranet registry.
* Override the ``download_run_once: true`` and/or ``download_localhost: true``.
- See [Downloading binaries and containers](/docs/downloads.md) for details.
+ See [Downloading binaries and containers](/docs/advanced/downloads.md) for details.
* Adjust the `retry_stagger` global var as appropriate. It should provide sane
load on a delegate (the first K8s control plane node) then retrying failed
@@ -32,7 +32,7 @@ For a large scaled deployments, consider the following configuration changes:
``kube_controller_node_monitor_period``,
``kube_apiserver_pod_eviction_not_ready_timeout_seconds`` &
``kube_apiserver_pod_eviction_unreachable_timeout_seconds`` for better Kubernetes reliability.
- Check out [Kubernetes Reliability](/docs/kubernetes-reliability.md)
+ Check out [Kubernetes Reliability](/docs/advanced/kubernetes-reliability.md)
* Tune network prefix sizes. Those are ``kube_network_node_prefix``,
``kube_service_addresses`` and ``kube_pods_subnet``.
@@ -41,7 +41,7 @@ For a large scaled deployments, consider the following configuration changes:
from host/network interruption much quicker with calico_rr.
* Check out the
- [Inventory](/docs/getting-started.md#building-your-own-inventory)
+ [Inventory](/docs/getting_started/getting-started.md#building-your-own-inventory)
section of the Getting started guide for tips on creating a large scale
Ansible inventory.
diff --git a/docs/mirror.md b/docs/operations/mirror.md
similarity index 100%
rename from docs/mirror.md
rename to docs/operations/mirror.md
diff --git a/docs/nodes.md b/docs/operations/nodes.md
similarity index 100%
rename from docs/nodes.md
rename to docs/operations/nodes.md
diff --git a/docs/offline-environment.md b/docs/operations/offline-environment.md
similarity index 100%
rename from docs/offline-environment.md
rename to docs/operations/offline-environment.md
diff --git a/docs/port-requirements.md b/docs/operations/port-requirements.md
similarity index 100%
rename from docs/port-requirements.md
rename to docs/operations/port-requirements.md
diff --git a/docs/recover-control-plane.md b/docs/operations/recover-control-plane.md
similarity index 93%
rename from docs/recover-control-plane.md
rename to docs/operations/recover-control-plane.md
index 9174789cf..7cda08afb 100644
--- a/docs/recover-control-plane.md
+++ b/docs/operations/recover-control-plane.md
@@ -8,6 +8,7 @@ Examples of what broken means in this context:
* One or more bare metal node(s) suffer from unrecoverable hardware failure
* One or more node(s) fail during patching or upgrading
* Etcd database corruption
+
* Other node related failures leaving your control plane degraded or nonfunctional
__Note that you need at least one functional node to be able to recover using this method.__
@@ -16,8 +17,8 @@ __Note that you need at least one functional node to be able to recover using th
* Backup what you can
* Provision new nodes to replace the broken ones
-* Move any broken etcd nodes into the "broken\_etcd" group, make sure the "etcd\_member\_name" variable is set.
-* Move any broken control plane nodes into the "broken\_kube\_control\_plane" group.
+* Copy any broken etcd nodes into the "broken\_etcd" group, make sure the "etcd\_member\_name" variable is set.
+* Copy any broken control plane nodes into the "broken\_kube\_control\_plane" group.
* Place the surviving nodes of the control plane first in the "etcd" and "kube\_control\_plane" groups
* Add the new nodes below the surviving control plane nodes in the "etcd" and "kube\_control\_plane" groups
diff --git a/docs/upgrades.md b/docs/operations/upgrades.md
similarity index 100%
rename from docs/upgrades.md
rename to docs/operations/upgrades.md
diff --git a/docs/roadmap.md b/docs/roadmap/roadmap.md
similarity index 100%
rename from docs/roadmap.md
rename to docs/roadmap/roadmap.md
diff --git a/inventory/sample/group_vars/all/huaweicloud.yml b/inventory/sample/group_vars/all/huaweicloud.yml
index b85e7c2ac..c5879d7f9 100644
--- a/inventory/sample/group_vars/all/huaweicloud.yml
+++ b/inventory/sample/group_vars/all/huaweicloud.yml
@@ -14,4 +14,4 @@
## The repo and tag of the external Huawei Cloud Controller image
# external_huawei_cloud_controller_image_repo: "swr.ap-southeast-1.myhuaweicloud.com"
-# external_huawei_cloud_controller_image_tag: "v0.26.6"
+# external_huawei_cloud_controller_image_tag: "v0.26.8"
diff --git a/inventory/sample/group_vars/all/offline.yml b/inventory/sample/group_vars/all/offline.yml
index 706ea0dd5..56d43375a 100644
--- a/inventory/sample/group_vars/all/offline.yml
+++ b/inventory/sample/group_vars/all/offline.yml
@@ -26,10 +26,10 @@
## Two options - Override entire repository or override only a single binary.
## [Optional] 1 - Override entire binary repository
-# github_url = "https://my_github_proxy"
-# dl_k8s_io_url = "https://my_dl_k8s_io_proxy"
-# storage_googleapis_url = "https://my_storage_googleapi_proxy"
-# get_helm_url = "https://my_helm_sh_proxy"
+# github_url: "https://my_github_proxy"
+# dl_k8s_io_url: "https://my_dl_k8s_io_proxy"
+# storage_googleapis_url: "https://my_storage_googleapi_proxy"
+# get_helm_url: "https://my_helm_sh_proxy"
## [Optional] 2 - Override a specific binary
## CNI Plugins
diff --git a/inventory/sample/group_vars/all/openstack.yml b/inventory/sample/group_vars/all/openstack.yml
index 6cc13998c..20c8e9940 100644
--- a/inventory/sample/group_vars/all/openstack.yml
+++ b/inventory/sample/group_vars/all/openstack.yml
@@ -25,9 +25,9 @@
# external_openstack_lbaas_network_id: "Neutron network ID to create LBaaS VIP"
# external_openstack_lbaas_manage_security_groups: false
# external_openstack_lbaas_create_monitor: false
-# external_openstack_lbaas_monitor_delay: 5
+# external_openstack_lbaas_monitor_delay: 5s
# external_openstack_lbaas_monitor_max_retries: 1
-# external_openstack_lbaas_monitor_timeout: 3
+# external_openstack_lbaas_monitor_timeout: 3s
# external_openstack_lbaas_internal_lb: false
# external_openstack_network_ipv6_disabled: false
# external_openstack_network_internal_networks: []
@@ -42,7 +42,7 @@
# external_openstack_application_credential_secret:
## The tag of the external OpenStack Cloud Controller image
-# external_openstack_cloud_controller_image_tag: "latest"
+# external_openstack_cloud_controller_image_tag: "v1.28.2"
## Tags for the Cinder CSI images
## registry.k8s.io/sig-storage/csi-attacher
diff --git a/inventory/sample/group_vars/k8s_cluster/addons.yml b/inventory/sample/group_vars/k8s_cluster/addons.yml
index 37afdae94..6f0342f28 100644
--- a/inventory/sample/group_vars/k8s_cluster/addons.yml
+++ b/inventory/sample/group_vars/k8s_cluster/addons.yml
@@ -28,7 +28,7 @@ local_path_provisioner_enabled: false
# local_path_provisioner_reclaim_policy: Delete
# local_path_provisioner_claim_root: /opt/local-path-provisioner/
# local_path_provisioner_debug: false
-# local_path_provisioner_image_repo: "rancher/local-path-provisioner"
+# local_path_provisioner_image_repo: "{{ docker_image_repo }}/rancher/local-path-provisioner"
# local_path_provisioner_image_tag: "v0.0.24"
# local_path_provisioner_helper_image_repo: "busybox"
# local_path_provisioner_helper_image_tag: "latest"
@@ -171,6 +171,7 @@ cert_manager_enabled: false
# MetalLB deployment
metallb_enabled: false
metallb_speaker_enabled: "{{ metallb_enabled }}"
+metallb_namespace: "metallb-system"
# metallb_version: v0.13.9
# metallb_protocol: "layer2"
# metallb_port: "7472"
@@ -233,7 +234,7 @@ metallb_speaker_enabled: "{{ metallb_enabled }}"
# - pool2
argocd_enabled: false
-# argocd_version: v2.8.4
+# argocd_version: v2.11.0
# argocd_namespace: argocd
# Default password:
# - https://argo-cd.readthedocs.io/en/stable/getting_started/#4-login-using-the-cli
diff --git a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
index c25d495be..e64a6ee83 100644
--- a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
+++ b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
@@ -17,7 +17,7 @@ kube_token_dir: "{{ kube_config_dir }}/tokens"
kube_api_anonymous_auth: true
## Change this to use another Kubernetes version, e.g. a current beta release
-kube_version: v1.29.3
+kube_version: v1.29.5
# Where the binaries will be downloaded.
# Note: ensure that you've enough disk space (about 1G)
diff --git a/inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml b/inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml
index 3ba1acb65..e21a08a57 100644
--- a/inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml
+++ b/inventory/sample/group_vars/k8s_cluster/k8s-net-calico.yml
@@ -19,7 +19,7 @@ calico_cni_name: k8s-pod-network
# add default ippool name
# calico_pool_name: "default-pool"
-# add default ippool blockSize (defaults kube_network_node_prefix)
+# add default ippool blockSize
calico_pool_blocksize: 26
# add default ippool CIDR (must be inside kube_pods_subnet, defaults to kube_pods_subnet otherwise)
diff --git a/requirements.txt b/requirements.txt
index 2878328b1..028f272f3 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,9 +1,10 @@
-ansible==9.3.0
-cryptography==41.0.4
-jinja2==3.1.3
+ansible==9.5.1
+cryptography==42.0.7
+jinja2==3.1.4
jmespath==1.0.1
-MarkupSafe==2.1.3
+MarkupSafe==2.1.5
netaddr==1.2.1
-pbr==5.11.1
-ruamel.yaml==0.18.5
+pbr==6.0.0
+ruamel.yaml==0.18.6
ruamel.yaml.clib==0.2.8
+jsonschema==4.22.0
diff --git a/roles/bootstrap-os/tasks/amazon.yml b/roles/bootstrap-os/tasks/amzn.yml
similarity index 77%
rename from roles/bootstrap-os/tasks/amazon.yml
rename to roles/bootstrap-os/tasks/amzn.yml
index 2b4d665d3..0da5591ca 100644
--- a/roles/bootstrap-os/tasks/amazon.yml
+++ b/roles/bootstrap-os/tasks/amzn.yml
@@ -1,4 +1,7 @@
---
+- name: Enable selinux-ng repo for Amazon Linux for container-selinux
+ command: amazon-linux-extras enable selinux-ng
+
- name: Enable EPEL repo for Amazon Linux
yum_repository:
name: epel
diff --git a/roles/bootstrap-os/tasks/main.yml b/roles/bootstrap-os/tasks/main.yml
index d1e5f7371..b8f676fae 100644
--- a/roles/bootstrap-os/tasks/main.yml
+++ b/roles/bootstrap-os/tasks/main.yml
@@ -24,10 +24,12 @@
- vars/
skip: True
- name: Include tasks
- include_tasks: "{{ item }}"
+ include_tasks: "{{ included_tasks_file }}"
with_first_found:
- <<: *search
paths: []
+ loop_control:
+ loop_var: included_tasks_file
- name: Create remote_tmp for it is used by another module
diff --git a/roles/bootstrap-os/tasks/openEuler.yml b/roles/bootstrap-os/tasks/openEuler.yml
new file mode 120000
index 000000000..fa2c37f2a
--- /dev/null
+++ b/roles/bootstrap-os/tasks/openEuler.yml
@@ -0,0 +1 @@
+centos.yml
\ No newline at end of file
diff --git a/roles/container-engine/containerd/templates/config.toml.j2 b/roles/container-engine/containerd/templates/config.toml.j2
index 088a680ab..8a1ee8aa5 100644
--- a/roles/container-engine/containerd/templates/config.toml.j2
+++ b/roles/container-engine/containerd/templates/config.toml.j2
@@ -3,6 +3,10 @@ root = "{{ containerd_storage_dir }}"
state = "{{ containerd_state_dir }}"
oom_score = {{ containerd_oom_score }}
+{% if containerd_extra_args is defined %}
+{{ containerd_extra_args }}
+{% endif %}
+
[grpc]
max_recv_message_size = {{ containerd_grpc_max_recv_message_size }}
max_send_message_size = {{ containerd_grpc_max_send_message_size }}
@@ -104,6 +108,3 @@ oom_score = {{ containerd_oom_score }}
service_name = "{{ containerd_tracing_service_name }}"
{% endif %}
-{% if containerd_extra_args is defined %}
-{{ containerd_extra_args }}
-{% endif %}
diff --git a/roles/container-engine/cri-o/tasks/main.yaml b/roles/container-engine/cri-o/tasks/main.yaml
index 61105f401..2d73e74e2 100644
--- a/roles/container-engine/cri-o/tasks/main.yaml
+++ b/roles/container-engine/cri-o/tasks/main.yaml
@@ -169,7 +169,7 @@
- name: Cri-o | write registries configs
template:
src: registry.conf.j2
- dest: "/etc/containers/registries.conf.d/10-{{ item.prefix | default(item.location) | regex_replace(':', '_') }}.conf"
+ dest: "/etc/containers/registries.conf.d/10-{{ item.prefix | default(item.location) | regex_replace(':|/', '_') }}.conf"
mode: 0644
loop: "{{ crio_registries }}"
notify: Restart crio
diff --git a/roles/container-engine/cri-o/tasks/setup-amazon.yaml b/roles/container-engine/cri-o/tasks/setup-amazon.yaml
index 843bc2029..e6e099d65 100644
--- a/roles/container-engine/cri-o/tasks/setup-amazon.yaml
+++ b/roles/container-engine/cri-o/tasks/setup-amazon.yaml
@@ -24,15 +24,3 @@
when:
- amzn2_extras_file_stat.stat.exists
- not amzn2_extras_docker_repo.changed
-
-- name: Add container-selinux yum repo
- yum_repository:
- name: copr:copr.fedorainfracloud.org:lsm5:container-selinux
- file: _copr_lsm5-container-selinux.repo
- description: Copr repo for container-selinux owned by lsm5
- baseurl: https://download.copr.fedorainfracloud.org/results/lsm5/container-selinux/epel-7-$basearch/
- gpgcheck: yes
- gpgkey: https://download.copr.fedorainfracloud.org/results/lsm5/container-selinux/pubkey.gpg
- skip_if_unavailable: yes
- enabled: yes
- repo_gpgcheck: no
diff --git a/roles/container-engine/docker/defaults/main.yml b/roles/container-engine/docker/defaults/main.yml
index f7562086a..461517613 100644
--- a/roles/container-engine/docker/defaults/main.yml
+++ b/roles/container-engine/docker/defaults/main.yml
@@ -1,5 +1,5 @@
---
-docker_version: '24.0'
+docker_version: '26.1'
docker_cli_version: "{{ docker_version }}"
docker_package_info:
diff --git a/roles/container-engine/docker/tasks/main.yml b/roles/container-engine/docker/tasks/main.yml
index 376ee0504..1ccee8c4c 100644
--- a/roles/container-engine/docker/tasks/main.yml
+++ b/roles/container-engine/docker/tasks/main.yml
@@ -11,13 +11,6 @@
set_fact:
is_ostree: "{{ ostree.stat.exists }}"
-- name: Set docker_version for openEuler
- set_fact:
- docker_version: '19.03'
- when: ansible_distribution == "openEuler"
- tags:
- - facts
-
- name: Gather os specific variables
include_vars: "{{ item }}"
with_first_found:
diff --git a/roles/container-engine/docker/vars/amazon.yml b/roles/container-engine/docker/vars/amazon.yml
index 4871f4afa..ee4789f01 100644
--- a/roles/container-engine/docker/vars/amazon.yml
+++ b/roles/container-engine/docker/vars/amazon.yml
@@ -6,6 +6,8 @@ docker_versioned_pkg:
'18.09': docker-18.09.9ce-2.amzn2
'19.03': docker-19.03.13ce-1.amzn2
'20.10': docker-20.10.7-5.amzn2
+ '24.0': docker-24.0.5-1.amzn2
+ '25.0': docker-25.0.3-1.amzn2
docker_version: "latest"
diff --git a/roles/container-engine/docker/vars/debian.yml b/roles/container-engine/docker/vars/debian.yml
index 02289fa45..39d82f47d 100644
--- a/roles/container-engine/docker/vars/debian.yml
+++ b/roles/container-engine/docker/vars/debian.yml
@@ -22,9 +22,10 @@ containerd_versioned_pkg:
'1.6.15': "{{ containerd_package }}=1.6.15-1"
'1.6.16': "{{ containerd_package }}=1.6.16-1"
'1.6.18': "{{ containerd_package }}=1.6.18-1"
- '1.6.28': "{{ containerd_package }}=1.6.28-1"
- 'stable': "{{ containerd_package }}=1.6.28-1"
- 'edge': "{{ containerd_package }}=1.6.28-1"
+ '1.6.28': "{{ containerd_package }}=1.6.28-2"
+ '1.6.31': "{{ containerd_package }}=1.6.31-1"
+ 'stable': "{{ containerd_package }}=1.6.31-1"
+ 'edge': "{{ containerd_package }}=1.6.31-1"
# https://download.docker.com/linux/debian/
docker_versioned_pkg:
@@ -34,6 +35,9 @@ docker_versioned_pkg:
'20.10': docker-ce=5:20.10.20~3-0~debian-{{ ansible_distribution_release | lower }}
'23.0': docker-ce=5:23.0.6-1~debian.{{ ansible_distribution_major_version }}~{{ ansible_distribution_release | lower }}
'24.0': docker-ce=5:24.0.9-1~debian.{{ ansible_distribution_major_version }}~{{ ansible_distribution_release | lower }}
+ '25.0': docker-ce=5:25.0.5-1~debian.{{ ansible_distribution_major_version }}~{{ ansible_distribution_release | lower }}
+ '26.0': docker-ce=5:26.0.2-1~debian.{{ ansible_distribution_major_version }}~{{ ansible_distribution_release | lower }}
+ '26.1': docker-ce=5:26.1.2-1~debian.{{ ansible_distribution_major_version }}~{{ ansible_distribution_release | lower }}
'stable': docker-ce=5:24.0.9-1~debian.{{ ansible_distribution_major_version }}~{{ ansible_distribution_release | lower }}
'edge': docker-ce=5:24.0.9-1~debian.{{ ansible_distribution_major_version }}~{{ ansible_distribution_release | lower }}
@@ -44,8 +48,11 @@ docker_cli_versioned_pkg:
'20.10': docker-ce-cli=5:20.10.20~3-0~debian-{{ ansible_distribution_release | lower }}
'23.0': docker-ce-cli=5:23.0.6-1~debian.{{ ansible_distribution_major_version }}~{{ ansible_distribution_release | lower }}
'24.0': docker-ce-cli=5:24.0.9-1~debian.{{ ansible_distribution_major_version }}~{{ ansible_distribution_release | lower }}
- 'stable': docker-ce-cli=5:24.0.9-1~debian.{{ ansible_distribution_major_version }}~{{ ansible_distribution_release | lower }}
- 'edge': docker-ce-cli=5:24.0.9-1~debian.{{ ansible_distribution_major_version }}~{{ ansible_distribution_release | lower }}
+ '25.0': docker-ce-cli=5:25.0.5-1~debian.{{ ansible_distribution_major_version }}~{{ ansible_distribution_release | lower }}
+ '26.0': docker-ce-cli=5:26.0.2-1~debian.{{ ansible_distribution_major_version }}~{{ ansible_distribution_release | lower }}
+ '26.1': docker-ce-cli=5:26.1.2-1~debian.{{ ansible_distribution_major_version }}~{{ ansible_distribution_release | lower }}
+ 'stable': docker-ce-cli=5:26.1.2-1~debian.{{ ansible_distribution_major_version }}~{{ ansible_distribution_release | lower }}
+ 'edge': docker-ce-cli=5:26.1.2-1~debian.{{ ansible_distribution_major_version }}~{{ ansible_distribution_release | lower }}
docker_package_info:
pkgs:
diff --git a/roles/container-engine/docker/vars/fedora.yml b/roles/container-engine/docker/vars/fedora.yml
index 39dfbafe5..9fe6c5c24 100644
--- a/roles/container-engine/docker/vars/fedora.yml
+++ b/roles/container-engine/docker/vars/fedora.yml
@@ -22,9 +22,10 @@ containerd_versioned_pkg:
'1.6.15': "{{ containerd_package }}-1.6.15-3.1.fc{{ ansible_distribution_major_version }}"
'1.6.16': "{{ containerd_package }}-1.6.16-3.1.fc{{ ansible_distribution_major_version }}"
'1.6.18': "{{ containerd_package }}-1.6.18-3.1.fc{{ ansible_distribution_major_version }}"
- '1.6.28': "{{ containerd_package }}-1.6.28-3.1.fc{{ ansible_distribution_major_version }}"
- 'stable': "{{ containerd_package }}-1.6.28-3.1.fc{{ ansible_distribution_major_version }}"
- 'edge': "{{ containerd_package }}-1.6.28-3.1.fc{{ ansible_distribution_major_version }}"
+ '1.6.28': "{{ containerd_package }}-1.6.28-3.2.fc{{ ansible_distribution_major_version }}"
+ '1.6.31': "{{ containerd_package }}-1.6.31-3.1.fc{{ ansible_distribution_major_version }}"
+ 'stable': "{{ containerd_package }}-1.6.31-3.1.fc{{ ansible_distribution_major_version }}"
+ 'edge': "{{ containerd_package }}-1.6.31-3.1.fc{{ ansible_distribution_major_version }}"
# https://docs.docker.com/install/linux/docker-ce/fedora/
# https://download.docker.com/linux/fedora//x86_64/stable/Packages/
@@ -34,8 +35,10 @@ docker_versioned_pkg:
'20.10': docker-ce-20.10.20-3.fc{{ ansible_distribution_major_version }}
'23.0': docker-ce-3:23.0.6-1.fc{{ ansible_distribution_major_version }}
'24.0': docker-ce-3:24.0.9-1.fc{{ ansible_distribution_major_version }}
- 'stable': docker-ce-3:24.0.9-1.fc{{ ansible_distribution_major_version }}
- 'edge': docker-ce-3:24.0.9-1.fc{{ ansible_distribution_major_version }}
+ '26.0': docker-ce-3:26.0.2-1.fc{{ ansible_distribution_major_version }}
+ '26.1': docker-ce-3:26.1.2-1.fc{{ ansible_distribution_major_version }}
+ 'stable': docker-ce-3:26.1.2-1.fc{{ ansible_distribution_major_version }}
+ 'edge': docker-ce-3:26.1.2-1.fc{{ ansible_distribution_major_version }}
docker_cli_versioned_pkg:
'latest': docker-ce-cli
@@ -43,8 +46,10 @@ docker_cli_versioned_pkg:
'20.10': docker-ce-cli-20.10.20-3.fc{{ ansible_distribution_major_version }}
'23.0': docker-ce-cli-1:23.0.6-1.fc{{ ansible_distribution_major_version }}
'24.0': docker-ce-cli-1:24.0.9-1.fc{{ ansible_distribution_major_version }}
- 'stable': docker-ce-cli-1:24.0.9-1.fc{{ ansible_distribution_major_version }}
- 'edge': docker-ce-cli-1:24.0.9-1.fc{{ ansible_distribution_major_version }}
+ '26.0': docker-ce-cli-1:26.0.2-1.fc{{ ansible_distribution_major_version }}
+ '26.1': docker-ce-cli-1:26.0.2-1.fc{{ ansible_distribution_major_version }}
+ 'stable': docker-ce-cli-1:26.0.2-1.fc{{ ansible_distribution_major_version }}
+ 'edge': docker-ce-cli-1:26.0.2-1.fc{{ ansible_distribution_major_version }}
docker_package_info:
enablerepo: "docker-ce"
diff --git a/roles/container-engine/docker/vars/kylin.yml b/roles/container-engine/docker/vars/kylin.yml
index 2b8cdf7e6..7531a9d71 100644
--- a/roles/container-engine/docker/vars/kylin.yml
+++ b/roles/container-engine/docker/vars/kylin.yml
@@ -1,54 +1,61 @@
---
+
+docker_version: 26.1
+docker_cli_version: "{{ docker_version }}"
+docker_rh_repo_base_url: 'https://download.docker.com/linux/centos/8/$basearch/stable'
+
# containerd versions are only relevant for docker
containerd_versioned_pkg:
'latest': "{{ containerd_package }}"
- '1.3.7': "{{ containerd_package }}-1.3.7-3.1.el{{ ansible_distribution_major_version }}"
- '1.3.9': "{{ containerd_package }}-1.3.9-3.1.el{{ ansible_distribution_major_version }}"
- '1.4.3': "{{ containerd_package }}-1.4.3-3.2.el{{ ansible_distribution_major_version }}"
- '1.4.4': "{{ containerd_package }}-1.4.4-3.1.el{{ ansible_distribution_major_version }}"
- '1.4.6': "{{ containerd_package }}-1.4.6-3.1.el{{ ansible_distribution_major_version }}"
- '1.4.9': "{{ containerd_package }}-1.4.9-3.1.el{{ ansible_distribution_major_version }}"
- '1.4.12': "{{ containerd_package }}-1.4.12-3.1.el{{ ansible_distribution_major_version }}"
- '1.6.4': "{{ containerd_package }}-1.6.4-3.1.el{{ ansible_distribution_major_version }}"
- '1.6.6': "{{ containerd_package }}-1.6.6-3.1.el{{ ansible_distribution_major_version }}"
- '1.6.7': "{{ containerd_package }}-1.6.7-3.1.el{{ ansible_distribution_major_version }}"
- '1.6.8': "{{ containerd_package }}-1.6.8-3.1.el{{ ansible_distribution_major_version }}"
- '1.6.9': "{{ containerd_package }}-1.6.9-3.1.el{{ ansible_distribution_major_version }}"
- '1.6.10': "{{ containerd_package }}-1.6.10-3.1.el{{ ansible_distribution_major_version }}"
- '1.6.11': "{{ containerd_package }}-1.6.11-3.1.el{{ ansible_distribution_major_version }}"
- '1.6.12': "{{ containerd_package }}-1.6.12-3.1.el{{ ansible_distribution_major_version }}"
- '1.6.13': "{{ containerd_package }}-1.6.13-3.1.el{{ ansible_distribution_major_version }}"
- '1.6.14': "{{ containerd_package }}-1.6.14-3.1.el{{ ansible_distribution_major_version }}"
- '1.6.15': "{{ containerd_package }}-1.6.15-3.1.el{{ ansible_distribution_major_version }}"
- '1.6.16': "{{ containerd_package }}-1.6.16-3.1.el{{ ansible_distribution_major_version }}"
- '1.6.18': "{{ containerd_package }}-1.6.18-3.1.el{{ ansible_distribution_major_version }}"
- '1.6.28': "{{ containerd_package }}-1.6.28-3.1.el{{ ansible_distribution_major_version }}"
- 'stable': "{{ containerd_package }}-1.6.28-3.1.el{{ ansible_distribution_major_version }}"
- 'edge': "{{ containerd_package }}-1.6.28-3.1.el{{ ansible_distribution_major_version }}"
-
-docker_version: 19.03
-docker_cli_version: 19.03
+ '1.3.7': "{{ containerd_package }}-1.3.7-3.1.el8"
+ '1.3.9': "{{ containerd_package }}-1.3.9-3.1.el8"
+ '1.4.3': "{{ containerd_package }}-1.4.3-3.2.el8"
+ '1.4.4': "{{ containerd_package }}-1.4.4-3.1.el8"
+ '1.4.6': "{{ containerd_package }}-1.4.6-3.1.el8"
+ '1.4.9': "{{ containerd_package }}-1.4.9-3.1.el8"
+ '1.4.12': "{{ containerd_package }}-1.4.12-3.1.el8"
+ '1.6.4': "{{ containerd_package }}-1.6.4-3.1.el8"
+ '1.6.6': "{{ containerd_package }}-1.6.6-3.1.el8"
+ '1.6.7': "{{ containerd_package }}-1.6.7-3.1.el8"
+ '1.6.8': "{{ containerd_package }}-1.6.8-3.1.el8"
+ '1.6.9': "{{ containerd_package }}-1.6.9-3.1.el8"
+ '1.6.10': "{{ containerd_package }}-1.6.10-3.1.el8"
+ '1.6.11': "{{ containerd_package }}-1.6.11-3.1.el8"
+ '1.6.12': "{{ containerd_package }}-1.6.12-3.1.el8"
+ '1.6.13': "{{ containerd_package }}-1.6.13-3.1.el8"
+ '1.6.14': "{{ containerd_package }}-1.6.14-3.1.el8"
+ '1.6.15': "{{ containerd_package }}-1.6.15-3.1.el8"
+ '1.6.16': "{{ containerd_package }}-1.6.16-3.1.el8"
+ '1.6.18': "{{ containerd_package }}-1.6.18-3.1.el8"
+ '1.6.28': "{{ containerd_package }}-1.6.28-3.1.el8"
+ '1.6.31': "{{ containerd_package }}-1.6.31-3.1.el8"
+ 'stable': "{{ containerd_package }}-1.6.31-3.1.el8"
+ 'edge': "{{ containerd_package }}-1.6.31-3.1.el8"
# https://docs.docker.com/engine/installation/linux/centos/#install-from-a-package
-# https://download.docker.com/linux/centos/>/x86_64/stable/Packages/
+# https://download.docker.com/linux/centos/8/x86_64/stable/Packages/
# or do 'yum --showduplicates list docker-engine'
docker_versioned_pkg:
'latest': docker-ce
- '18.09': docker-ce-3:18.09.9-3.el{{ ansible_distribution_major_version }}
- '19.03': docker-ce-3:19.03.15-3.el{{ ansible_distribution_major_version }}
- '23.0': docker-ce-3:23.0.6-1.el{{ ansible_distribution_major_version }}
- '24.0': docker-ce-3:24.0.9-1.el{{ ansible_distribution_major_version }}
- 'stable': docker-ce-3:24.0.9-1.el{{ ansible_distribution_major_version }}
- 'edge': docker-ce-3:24.0.9-1.el{{ ansible_distribution_major_version }}
+ '18.09': docker-ce-3:18.09.9-3.el8
+ '19.03': docker-ce-3:19.03.15-3.el8
+ '23.0': docker-ce-3:23.0.6-1.el8
+ '24.0': docker-ce-3:24.0.9-1.el8
+ '26.0': docker-ce-26.0.2-1.el8
+ '26.1': docker-ce-26.1.2-1.el8
+ 'stable': docker-ce-26.1.2-1.el8
+ 'edge': docker-ce-26.1.2-1.el8
docker_cli_versioned_pkg:
'latest': docker-ce-cli
- '18.09': docker-ce-cli-1:18.09.9-3.el{{ ansible_distribution_major_version }}
- '19.03': docker-ce-cli-1:19.03.15-3.el{{ ansible_distribution_major_version }}
- '23.0': docker-ce-cli-1:23.0.6-1.el{{ ansible_distribution_major_version }}
- '24.0': docker-ce-cli-1:24.0.9-1.el{{ ansible_distribution_major_version }}
- 'stable': docker-ce-cli-1:24.0.9-1.el{{ ansible_distribution_major_version }}
- 'edge': docker-ce-cli-1:24.0.9-1.el{{ ansible_distribution_major_version }}
+ '18.09': docker-ce-cli-1:18.09.9-3.el8
+ '19.03': docker-ce-cli-1:19.03.15-3.el8
+ '23.0': docker-ce-cli-1:23.0.6-1.el8
+ '24.0': docker-ce-cli-1:24.0.9-1.el8
+ '26.0': docker-ce-cli-26.0.2-1.el8
+ '26.1': docker-ce-cli-26.1.2-1.el8
+ 'stable': docker-ce-cli-26.1.2-1.el8
+ 'edge': docker-ce-cli-26.1.2-1.el8
docker_package_info:
enablerepo: "docker-ce"
diff --git a/roles/container-engine/docker/vars/openeuler.yml b/roles/container-engine/docker/vars/openeuler.yml
new file mode 120000
index 000000000..1010ef7ef
--- /dev/null
+++ b/roles/container-engine/docker/vars/openeuler.yml
@@ -0,0 +1 @@
+kylin.yml
\ No newline at end of file
diff --git a/roles/container-engine/docker/vars/redhat-7.yml b/roles/container-engine/docker/vars/redhat-7.yml
index c10e881d9..0af670351 100644
--- a/roles/container-engine/docker/vars/redhat-7.yml
+++ b/roles/container-engine/docker/vars/redhat-7.yml
@@ -23,8 +23,9 @@ containerd_versioned_pkg:
'1.6.16': "{{ containerd_package }}-1.6.16-3.1.el7"
'1.6.18': "{{ containerd_package }}-1.6.18-3.1.el7"
'1.6.28': "{{ containerd_package }}-1.6.28-3.1.el7"
- 'stable': "{{ containerd_package }}-1.6.28-3.1.el7"
- 'edge': "{{ containerd_package }}-1.6.18-3.1.el7"
+ '1.6.31': "{{ containerd_package }}-1.6.31-3.1.el7"
+ 'stable': "{{ containerd_package }}-1.6.31-3.1.el7"
+ 'edge': "{{ containerd_package }}-1.6.31-3.1.el7"
# https://docs.docker.com/engine/installation/linux/centos/#install-from-a-package
# https://download.docker.com/linux/centos/>/x86_64/stable/Packages/
@@ -36,8 +37,10 @@ docker_versioned_pkg:
'20.10': docker-ce-20.10.20-3.el7
'23.0': docker-ce-23.0.6-1.el7
'24.0': docker-ce-24.0.9-1.el7
- 'stable': docker-ce-24.0.9-1.el7
- 'edge': docker-ce-24.0.9-1.el7
+ '26.0': docker-ce-26.0.2-1.el7
+ '26.1': docker-ce-26.1.2-1.el7
+ 'stable': docker-ce-26.1.2-1.el7
+ 'edge': docker-ce-26.1.2-1.el7
docker_cli_versioned_pkg:
'latest': docker-ce-cli
@@ -46,8 +49,10 @@ docker_cli_versioned_pkg:
'20.10': docker-ce-cli-20.10.20-3.el7
'23.0': docker-ce-cli-23.0.6-1.el7
'24.0': docker-ce-cli-24.0.9-1.el7
- 'stable': docker-ce-cli-24.0.9-1.el7
- 'edge': docker-ce-cli-24.0.9-1.el7
+ '26.0': docker-ce-cli-26.0.2-1.el7
+ '26.1': docker-ce-cli-26.1.2-1.el7
+ 'stable': docker-ce-cli-26.1.2-1.el7
+ 'edge': docker-ce-cli-26.1.2-1.el7
docker_package_info:
enablerepo: "docker-ce"
diff --git a/roles/container-engine/docker/vars/redhat.yml b/roles/container-engine/docker/vars/redhat.yml
index 453f7f9fa..ad1105a66 100644
--- a/roles/container-engine/docker/vars/redhat.yml
+++ b/roles/container-engine/docker/vars/redhat.yml
@@ -23,8 +23,9 @@ containerd_versioned_pkg:
'1.6.16': "{{ containerd_package }}-1.6.16-3.1.el{{ ansible_distribution_major_version }}"
'1.6.18': "{{ containerd_package }}-1.6.18-3.1.el{{ ansible_distribution_major_version }}"
'1.6.28': "{{ containerd_package }}-1.6.28-3.1.el{{ ansible_distribution_major_version }}"
- 'stable': "{{ containerd_package }}-1.6.28-3.1.el{{ ansible_distribution_major_version }}"
- 'edge': "{{ containerd_package }}-1.6.28-3.1.el{{ ansible_distribution_major_version }}"
+ '1.6.31': "{{ containerd_package }}-1.6.31-3.1.el{{ ansible_distribution_major_version }}"
+ 'stable': "{{ containerd_package }}-1.6.31-3.1.el{{ ansible_distribution_major_version }}"
+ 'edge': "{{ containerd_package }}-1.6.31-3.1.el{{ ansible_distribution_major_version }}"
# https://docs.docker.com/engine/installation/linux/centos/#install-from-a-package
# https://download.docker.com/linux/centos/>/x86_64/stable/Packages/
@@ -36,8 +37,10 @@ docker_versioned_pkg:
'20.10': docker-ce-3:20.10.20-3.el{{ ansible_distribution_major_version }}
'23.0': docker-ce-3:23.0.6-1.el{{ ansible_distribution_major_version }}
'24.0': docker-ce-3:24.0.9-1.el{{ ansible_distribution_major_version }}
- 'stable': docker-ce-3:24.0.9-1.el{{ ansible_distribution_major_version }}
- 'edge': docker-ce-3:24.0.9-1.el{{ ansible_distribution_major_version }}
+ '26.0': docker-ce-3:26.0.2-1.el{{ ansible_distribution_major_version }}
+ '26.1': docker-ce-3:26.1.2-1.el{{ ansible_distribution_major_version }}
+ 'stable': docker-ce-3:26.1.2-1.el{{ ansible_distribution_major_version }}
+ 'edge': docker-ce-3:26.1.2-1.el{{ ansible_distribution_major_version }}
docker_cli_versioned_pkg:
'latest': docker-ce-cli
@@ -46,8 +49,10 @@ docker_cli_versioned_pkg:
'20.10': docker-ce-cli-1:20.10.20-3.el{{ ansible_distribution_major_version }}
'23.0': docker-ce-cli-1:23.0.6-1.el{{ ansible_distribution_major_version }}
'24.0': docker-ce-cli-1:24.0.9-1.el{{ ansible_distribution_major_version }}
- 'stable': docker-ce-cli-1:24.0.9-1.el{{ ansible_distribution_major_version }}
- 'edge': docker-ce-cli-1:24.0.9-1.el{{ ansible_distribution_major_version }}
+ '26.0': docker-ce-cli-1:26.0.2-1.el{{ ansible_distribution_major_version }}
+ '26.1': docker-ce-cli-1:26.1.2-1.el{{ ansible_distribution_major_version }}
+ 'stable': docker-ce-cli-1:26.1.2-1.el{{ ansible_distribution_major_version }}
+ 'edge': docker-ce-cli-1:26.1.2-1.el{{ ansible_distribution_major_version }}
docker_package_info:
enablerepo: "docker-ce"
diff --git a/roles/container-engine/docker/vars/ubuntu.yml b/roles/container-engine/docker/vars/ubuntu.yml
index b4c1d289c..097039033 100644
--- a/roles/container-engine/docker/vars/ubuntu.yml
+++ b/roles/container-engine/docker/vars/ubuntu.yml
@@ -22,9 +22,10 @@ containerd_versioned_pkg:
'1.6.15': "{{ containerd_package }}=1.6.15-1"
'1.6.16': "{{ containerd_package }}=1.6.16-1"
'1.6.18': "{{ containerd_package }}=1.6.18-1"
- '1.6.28': "{{ containerd_package }}=1.6.28-1"
- 'stable': "{{ containerd_package }}=1.6.28-1"
- 'edge': "{{ containerd_package }}=1.6.28-1"
+ '1.6.28': "{{ containerd_package }}=1.6.28-2"
+ '1.6.31': "{{ containerd_package }}=1.6.31-1"
+ 'stable': "{{ containerd_package }}=1.6.31-1"
+ 'edge': "{{ containerd_package }}=1.6.31-1"
# https://download.docker.com/linux/ubuntu/
docker_versioned_pkg:
@@ -34,8 +35,10 @@ docker_versioned_pkg:
'20.10': docker-ce=5:20.10.20~3-0~ubuntu-{{ ansible_distribution_release | lower }}
'23.0': docker-ce=5:23.0.6-1~ubuntu.{{ ansible_distribution_version }}~{{ ansible_distribution_release | lower }}
'24.0': docker-ce=5:24.0.9-1~ubuntu.{{ ansible_distribution_version }}~{{ ansible_distribution_release | lower }}
- 'stable': docker-ce=5:24.0.9-1~ubuntu.{{ ansible_distribution_version }}~{{ ansible_distribution_release | lower }}
- 'edge': docker-ce=5:24.0.9-1~ubuntu.{{ ansible_distribution_version }}~{{ ansible_distribution_release | lower }}
+ '26.0': docker-ce=5:26.0.2-1~ubuntu.{{ ansible_distribution_version }}~{{ ansible_distribution_release | lower }}
+ '26.1': docker-ce=5:26.1.2-1~ubuntu.{{ ansible_distribution_version }}~{{ ansible_distribution_release | lower }}
+ 'stable': docker-ce=5:26.1.2-1~ubuntu.{{ ansible_distribution_version }}~{{ ansible_distribution_release | lower }}
+ 'edge': docker-ce=5:26.1.2-1~ubuntu.{{ ansible_distribution_version }}~{{ ansible_distribution_release | lower }}
docker_cli_versioned_pkg:
'latest': docker-ce-cli
@@ -44,6 +47,8 @@ docker_cli_versioned_pkg:
'20.10': docker-ce-cli=5:20.10.20~3-0~ubuntu-{{ ansible_distribution_release | lower }}
'23.0': docker-ce-cli=5:23.0.6-1~ubuntu.{{ ansible_distribution_version }}~{{ ansible_distribution_release | lower }}
'24.0': docker-ce-cli=5:24.0.9-1~ubuntu.{{ ansible_distribution_version }}~{{ ansible_distribution_release | lower }}
+ '26.0': docker-ce-cli=5:26.0.2-1~ubuntu.{{ ansible_distribution_version }}~{{ ansible_distribution_release | lower }}
+ '26.1': docker-ce-cli=5:26.1.2-1~ubuntu.{{ ansible_distribution_version }}~{{ ansible_distribution_release | lower }}
'stable': docker-ce-cli=5:24.0.9-1~ubuntu.{{ ansible_distribution_version }}~{{ ansible_distribution_release | lower }}
'edge': docker-ce-cli=5:24.0.9-1~ubuntu.{{ ansible_distribution_version }}~{{ ansible_distribution_release | lower }}
diff --git a/roles/etcd/templates/etcd.env.j2 b/roles/etcd/templates/etcd.env.j2
index 13a2437e1..8fd8e1e04 100644
--- a/roles/etcd/templates/etcd.env.j2
+++ b/roles/etcd/templates/etcd.env.j2
@@ -71,8 +71,8 @@ ETCD_EXPERIMENTAL_INITIAL_CORRUPT_CHECK={{ etcd_experimental_initial_corrupt_che
{% if etcd_experimental_enable_distributed_tracing %}
ETCD_EXPERIMENTAL_ENABLE_DISTRIBUTED_TRACING=true
-ETCD_EXPERIMENTAL_DISTRIBUTED_TRACING_SAMPLE_RATE={{ etcd_experimental_distributed_tracing_sample_rate }}
+ETCD_EXPERIMENTAL_DISTRIBUTED_TRACING_SAMPLING_RATE={{ etcd_experimental_distributed_tracing_sample_rate }}
ETCD_EXPERIMENTAL_DISTRIBUTED_TRACING_ADDRESS={{ etcd_experimental_distributed_tracing_address }}
ETCD_EXPERIMENTAL_DISTRIBUTED_TRACING_SERVICE_NAME={{ etcd_experimental_distributed_tracing_service_name }}
ETCD_EXPERIMENTAL_DISTRIBUTED_TRACING_INSTANCE_ID={{ etcd_member_name }}
-{% endif %}
\ No newline at end of file
+{% endif %}
diff --git a/roles/kubernetes-apps/ansible/defaults/main.yml b/roles/kubernetes-apps/ansible/defaults/main.yml
index cb2317b1e..726e7fc21 100644
--- a/roles/kubernetes-apps/ansible/defaults/main.yml
+++ b/roles/kubernetes-apps/ansible/defaults/main.yml
@@ -16,8 +16,6 @@ coredns_ordinal_suffix: ""
coredns_deployment_nodeselector: "kubernetes.io/os: linux"
coredns_default_zone_cache_block: |
cache 30
-coredns_host_network: false
-coredns_port: 53
coredns_pod_disruption_budget: false
# value for coredns pdb
diff --git a/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
index 587a4e65d..8a4811937 100644
--- a/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
@@ -34,7 +34,7 @@ data:
}
{% endfor %}
{% endif %}
- .:{{ coredns_port }} {
+ .:53 {
{% if coredns_additional_configs is defined %}
{{ coredns_additional_configs | indent(width=8, first=False) }}
{% endif %}
diff --git a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
index cbdca5727..e929dba62 100644
--- a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
@@ -24,7 +24,6 @@ spec:
annotations:
createdby: 'kubespray'
spec:
- hostNetwork: {{ coredns_host_network | default(false) }}
securityContext:
seccompProfile:
type: RuntimeDefault
@@ -76,10 +75,10 @@ spec:
- name: config-volume
mountPath: /etc/coredns
ports:
- - containerPort: {{ coredns_port }}
+ - containerPort: 53
name: dns
protocol: UDP
- - containerPort: {{ coredns_port }}
+ - containerPort: 53
name: dns-tcp
protocol: TCP
- containerPort: 9153
diff --git a/roles/kubernetes-apps/ansible/templates/coredns-svc.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-svc.yml.j2
index 961e02a6a..0e051c346 100644
--- a/roles/kubernetes-apps/ansible/templates/coredns-svc.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/coredns-svc.yml.j2
@@ -20,11 +20,9 @@ spec:
- name: dns
port: 53
protocol: UDP
- targetPort: "dns"
- name: dns-tcp
port: 53
protocol: TCP
- targetPort: "dns-tcp"
- name: metrics
port: 9153
protocol: TCP
diff --git a/roles/kubernetes-apps/argocd/defaults/main.yml b/roles/kubernetes-apps/argocd/defaults/main.yml
index f98a9d32e..b164b624f 100644
--- a/roles/kubernetes-apps/argocd/defaults/main.yml
+++ b/roles/kubernetes-apps/argocd/defaults/main.yml
@@ -1,6 +1,6 @@
---
argocd_enabled: false
-argocd_version: v2.8.4
+argocd_version: v2.11.0
argocd_namespace: argocd
# argocd_admin_password:
argocd_install_url: "https://raw.githubusercontent.com/argoproj/argo-cd/{{ argocd_version }}/manifests/install.yaml"
diff --git a/roles/kubernetes-apps/external_cloud_controller/huaweicloud/defaults/main.yml b/roles/kubernetes-apps/external_cloud_controller/huaweicloud/defaults/main.yml
index f81bf1e2e..9cd42ed68 100644
--- a/roles/kubernetes-apps/external_cloud_controller/huaweicloud/defaults/main.yml
+++ b/roles/kubernetes-apps/external_cloud_controller/huaweicloud/defaults/main.yml
@@ -16,4 +16,4 @@ external_huaweicloud_cloud: "{{ lookup('env','OS_CLOUD') }}"
## arg2: "value2"
external_huawei_cloud_controller_extra_args: {}
external_huawei_cloud_controller_image_repo: "swr.ap-southeast-1.myhuaweicloud.com"
-external_huawei_cloud_controller_image_tag: "v0.26.6"
+external_huawei_cloud_controller_image_tag: "v0.26.8"
diff --git a/roles/kubernetes-apps/external_cloud_controller/huaweicloud/templates/external-huawei-cloud-config.j2 b/roles/kubernetes-apps/external_cloud_controller/huaweicloud/templates/external-huawei-cloud-config.j2
index 07f1771d6..875ea9b89 100644
--- a/roles/kubernetes-apps/external_cloud_controller/huaweicloud/templates/external-huawei-cloud-config.j2
+++ b/roles/kubernetes-apps/external_cloud_controller/huaweicloud/templates/external-huawei-cloud-config.j2
@@ -21,3 +21,6 @@ subnet-id={{ external_huaweicloud_lbaas_subnet_id }}
{% if external_huaweicloud_lbaas_network_id is defined %}
id={{ external_huaweicloud_lbaas_network_id }}
{% endif %}
+{% if external_huaweicloud_security_group_id is defined %}
+security-group-id={{ external_huaweicloud_security_group_id }}
+{% endif %}
diff --git a/roles/kubernetes-apps/external_cloud_controller/huaweicloud/templates/external-huawei-cloud-controller-manager-ds.yml.j2 b/roles/kubernetes-apps/external_cloud_controller/huaweicloud/templates/external-huawei-cloud-controller-manager-ds.yml.j2
index b9b2ec354..29f99b205 100644
--- a/roles/kubernetes-apps/external_cloud_controller/huaweicloud/templates/external-huawei-cloud-controller-manager-ds.yml.j2
+++ b/roles/kubernetes-apps/external_cloud_controller/huaweicloud/templates/external-huawei-cloud-controller-manager-ds.yml.j2
@@ -47,6 +47,11 @@ spec:
- --cloud-config=$(CLOUD_CONFIG)
- --cloud-provider=huaweicloud
- --use-service-account-credentials=true
+ - --node-status-update-frequency=5s
+ - --node-monitor-period=5s
+ - --leader-elect-lease-duration=30s
+ - --leader-elect-renew-deadline=20s
+ - --leader-elect-retry-period=2s
{% for key, value in external_huawei_cloud_controller_extra_args.items() %}
- "{{ '--' + key + '=' + value }}"
{% endfor %}
diff --git a/roles/kubernetes-apps/external_cloud_controller/huaweicloud/templates/external-huawei-cloud-controller-manager-role-bindings.yml.j2 b/roles/kubernetes-apps/external_cloud_controller/huaweicloud/templates/external-huawei-cloud-controller-manager-role-bindings.yml.j2
index bbdf3364a..3c893f3fa 100644
--- a/roles/kubernetes-apps/external_cloud_controller/huaweicloud/templates/external-huawei-cloud-controller-manager-role-bindings.yml.j2
+++ b/roles/kubernetes-apps/external_cloud_controller/huaweicloud/templates/external-huawei-cloud-controller-manager-role-bindings.yml.j2
@@ -1,16 +1,12 @@
-apiVersion: v1
-items:
-- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRoleBinding
- metadata:
- name: system:cloud-controller-manager
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: system:cloud-controller-manager
- subjects:
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: system:cloud-controller-manager
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: system:cloud-controller-manager
+subjects:
- kind: ServiceAccount
name: cloud-controller-manager
- namespace: kube-system
-kind: List
-metadata: {}
+ namespace: kube-system
\ No newline at end of file
diff --git a/roles/kubernetes-apps/external_cloud_controller/huaweicloud/templates/external-huawei-cloud-controller-manager-roles.yml.j2 b/roles/kubernetes-apps/external_cloud_controller/huaweicloud/templates/external-huawei-cloud-controller-manager-roles.yml.j2
index 2e2d8b64e..d2710e960 100644
--- a/roles/kubernetes-apps/external_cloud_controller/huaweicloud/templates/external-huawei-cloud-controller-manager-roles.yml.j2
+++ b/roles/kubernetes-apps/external_cloud_controller/huaweicloud/templates/external-huawei-cloud-controller-manager-roles.yml.j2
@@ -1,117 +1,113 @@
-apiVersion: v1
-items:
-- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRole
- metadata:
- name: system:cloud-controller-manager
- rules:
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ name: system:cloud-controller-manager
+rules:
- resources:
- - tokenreviews
+ - tokenreviews
verbs:
- - get
- - list
- - watch
- - create
- - update
- - patch
+ - get
+ - list
+ - watch
+ - create
+ - update
+ - patch
apiGroups:
- - authentication.k8s.io
+ - authentication.k8s.io
- resources:
- - configmaps
- - endpoints
- - pods
- - services
- - secrets
- - serviceaccounts
- - serviceaccounts/token
+ - configmaps
+ - endpoints
+ - pods
+ - services
+ - secrets
+ - serviceaccounts
+ - serviceaccounts/token
verbs:
- - get
- - list
- - watch
- - create
- - update
- - patch
+ - get
+ - list
+ - watch
+ - create
+ - update
+ - patch
apiGroups:
- - ''
+ - ''
- resources:
- - nodes
+ - nodes
verbs:
- - get
- - list
- - watch
- - delete
- - patch
- - update
+ - get
+ - list
+ - watch
+ - delete
+ - patch
+ - update
apiGroups:
- - ''
+ - ''
- resources:
- - services/status
- - pods/status
+ - services/status
+ - pods/status
verbs:
- - update
- - patch
+ - update
+ - patch
apiGroups:
- - ''
+ - ''
- resources:
- - nodes/status
+ - nodes/status
verbs:
- - patch
- - update
+ - patch
+ - update
apiGroups:
- - ''
+ - ''
- resources:
- - events
- - endpoints
+ - events
+ - endpoints
verbs:
- - create
- - patch
- - update
+ - create
+ - patch
+ - update
apiGroups:
- - ''
+ - ''
- resources:
- - leases
+ - leases
verbs:
- - get
- - update
- - create
- - delete
+ - get
+ - update
+ - create
+ - delete
apiGroups:
- - coordination.k8s.io
+ - coordination.k8s.io
- resources:
- - customresourcedefinitions
+ - customresourcedefinitions
verbs:
- - get
- - update
- - create
- - delete
+ - get
+ - update
+ - create
+ - delete
apiGroups:
- apiextensions.k8s.io
- resources:
- - ingresses
+ - ingresses
verbs:
- - get
- - list
- - watch
- - update
- - create
- - patch
- - delete
+ - get
+ - list
+ - watch
+ - update
+ - create
+ - patch
+ - delete
apiGroups:
- - networking.k8s.io
+ - networking.k8s.io
- resources:
- - ingresses/status
+ - ingresses/status
verbs:
- - update
- - patch
+ - update
+ - patch
apiGroups:
- - networking.k8s.io
+ - networking.k8s.io
- resources:
- - endpointslices
+ - endpointslices
verbs:
- - get
- - list
- - watch
+ - get
+ - list
+ - watch
apiGroups:
- - discovery.k8s.io
-kind: List
-metadata: {}
+ - discovery.k8s.io
\ No newline at end of file
diff --git a/roles/kubernetes-apps/external_cloud_controller/openstack/defaults/main.yml b/roles/kubernetes-apps/external_cloud_controller/openstack/defaults/main.yml
index 4bcf135a3..05a3a882c 100644
--- a/roles/kubernetes-apps/external_cloud_controller/openstack/defaults/main.yml
+++ b/roles/kubernetes-apps/external_cloud_controller/openstack/defaults/main.yml
@@ -21,5 +21,6 @@ external_openstack_cacert: "{{ lookup('env', 'OS_CACERT') }}"
## arg1: "value1"
## arg2: "value2"
external_openstack_cloud_controller_extra_args: {}
-external_openstack_cloud_controller_image_tag: "v1.25.3"
+external_openstack_cloud_controller_image_tag: "v1.28.2"
external_openstack_cloud_controller_bind_address: 127.0.0.1
+external_openstack_cloud_controller_dns_policy: ClusterFirst
diff --git a/roles/kubernetes-apps/external_cloud_controller/openstack/templates/external-openstack-cloud-controller-manager-ds.yml.j2 b/roles/kubernetes-apps/external_cloud_controller/openstack/templates/external-openstack-cloud-controller-manager-ds.yml.j2
index 8bae2aa11..85df9975e 100644
--- a/roles/kubernetes-apps/external_cloud_controller/openstack/templates/external-openstack-cloud-controller-manager-ds.yml.j2
+++ b/roles/kubernetes-apps/external_cloud_controller/openstack/templates/external-openstack-cloud-controller-manager-ds.yml.j2
@@ -36,7 +36,7 @@ spec:
serviceAccountName: cloud-controller-manager
containers:
- name: openstack-cloud-controller-manager
- image: {{ docker_image_repo }}/k8scloudprovider/openstack-cloud-controller-manager:{{ external_openstack_cloud_controller_image_tag }}
+ image: {{ external_openstack_cloud_controller_image_repo }}:{{ external_openstack_cloud_controller_image_tag }}
args:
- /bin/openstack-cloud-controller-manager
- --v=1
@@ -81,7 +81,9 @@ spec:
- name: CLOUD_CONFIG
value: /etc/config/cloud.conf
hostNetwork: true
- dnsPolicy: ClusterFirstWithHostNet
+{% if external_openstack_cloud_controller_dns_policy is defined %}
+ dnsPolicy: {{ external_openstack_cloud_controller_dns_policy }}
+{% endif %}
volumes:
{% if kubelet_flexvolumes_plugins_dir is defined %}
- name: flexvolume-dir
diff --git a/roles/kubernetes-apps/meta/main.yml b/roles/kubernetes-apps/meta/main.yml
index b97dc5f77..b02684d30 100644
--- a/roles/kubernetes-apps/meta/main.yml
+++ b/roles/kubernetes-apps/meta/main.yml
@@ -128,7 +128,7 @@ dependencies:
- role: kubernetes-apps/scheduler_plugins
when:
- scheduler_plugins_enabled
- - kube_major_version is version('v1.28', '<')
+ - kube_major_version is version('v1.29', '<')
- inventory_hostname == groups['kube_control_plane'][0]
tags:
- scheduler_plugins
diff --git a/roles/kubernetes-apps/metallb/tasks/main.yml b/roles/kubernetes-apps/metallb/tasks/main.yml
index 221fe3c79..6a804cbef 100644
--- a/roles/kubernetes-apps/metallb/tasks/main.yml
+++ b/roles/kubernetes-apps/metallb/tasks/main.yml
@@ -33,7 +33,7 @@
- inventory_hostname == groups['kube_control_plane'][0]
- name: Kubernetes Apps | Wait for MetalLB controller to be running
- command: "{{ bin_dir }}/kubectl rollout status -n metallb-system deployment -l app=metallb,component=controller --timeout=2m"
+ command: "{{ bin_dir }}/kubectl rollout status -n {{ metallb_namespace }} deployment -l app=metallb,component=controller --timeout=2m"
become: true
when:
- inventory_hostname == groups['kube_control_plane'][0]
@@ -104,5 +104,5 @@
name: config
kubectl: "{{ bin_dir }}/kubectl"
resource: ConfigMap
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
state: absent
diff --git a/roles/kubernetes-apps/metallb/templates/layer2.yaml.j2 b/roles/kubernetes-apps/metallb/templates/layer2.yaml.j2
index d24973288..e3fdb191a 100644
--- a/roles/kubernetes-apps/metallb/templates/layer2.yaml.j2
+++ b/roles/kubernetes-apps/metallb/templates/layer2.yaml.j2
@@ -11,7 +11,7 @@ apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: "{{ entry }}"
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
spec:
ipAddressPools:
- "{{ entry }}"
diff --git a/roles/kubernetes-apps/metallb/templates/layer3.yaml.j2 b/roles/kubernetes-apps/metallb/templates/layer3.yaml.j2
index 490bae24f..b32c19403 100644
--- a/roles/kubernetes-apps/metallb/templates/layer3.yaml.j2
+++ b/roles/kubernetes-apps/metallb/templates/layer3.yaml.j2
@@ -9,7 +9,7 @@ apiVersion: metallb.io/v1beta1
kind: Community
metadata:
name: "{{ community_name }}"
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
spec:
communities:
- name: "{{ community_name }}"
@@ -21,7 +21,7 @@ apiVersion: metallb.io/v1beta1
kind: Community
metadata:
name: well-known
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
spec:
communities:
- name: no-export
@@ -51,7 +51,7 @@ apiVersion: metallb.io/v1beta1
kind: BGPAdvertisement
metadata:
name: "{{ peer_name }}-local"
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
spec:
aggregationLength: 32
aggregationLengthV6: 128
@@ -70,7 +70,7 @@ apiVersion: metallb.io/v1beta1
kind: BGPAdvertisement
metadata:
name: "{{ peer_name }}-external"
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
spec:
{% if peer.aggregation_length is defined and peer.aggregation_length <= 30 %}
aggregationLength: {{ peer.aggregation_length }}
@@ -93,7 +93,7 @@ apiVersion: metallb.io/v1beta2
kind: BGPPeer
metadata:
name: "{{ peer_name }}"
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
spec:
myASN: {{ peer.my_asn }}
peerASN: {{ peer.peer_asn }}
diff --git a/roles/kubernetes-apps/metallb/templates/metallb.yaml.j2 b/roles/kubernetes-apps/metallb/templates/metallb.yaml.j2
index af18a100b..ebdea51e3 100644
--- a/roles/kubernetes-apps/metallb/templates/metallb.yaml.j2
+++ b/roles/kubernetes-apps/metallb/templates/metallb.yaml.j2
@@ -6,7 +6,7 @@ metadata:
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/warn: privileged
- name: metallb-system
+ name: {{ metallb_namespace }}
---
apiVersion: apiextensions.k8s.io/v1
@@ -23,7 +23,7 @@ spec:
caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlGWlRDQ0EwMmdBd0lCQWdJVU5GRW1XcTM3MVpKdGkrMmlSQzk1WmpBV1MxZ3dEUVlKS29aSWh2Y05BUUVMDQpCUUF3UWpFTE1Ba0dBMVVFQmhNQ1dGZ3hGVEFUQmdOVkJBY01ERVJsWm1GMWJIUWdRMmwwZVRFY01Cb0dBMVVFDQpDZ3dUUkdWbVlYVnNkQ0JEYjIxd1lXNTVJRXgwWkRBZUZ3MHlNakEzTVRrd09UTXlNek5hRncweU1qQTRNVGd3DQpPVE15TXpOYU1FSXhDekFKQmdOVkJBWVRBbGhZTVJVd0V3WURWUVFIREF4RVpXWmhkV3gwSUVOcGRIa3hIREFhDQpCZ05WQkFvTUUwUmxabUYxYkhRZ1EyOXRjR0Z1ZVNCTWRHUXdnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDDQpEd0F3Z2dJS0FvSUNBUUNxVFpxMWZRcC9vYkdlenhES0o3OVB3Ny94azJwellualNzMlkzb1ZYSm5sRmM4YjVlDQpma2ZZQnY2bndscW1keW5PL2phWFBaQmRQSS82aFdOUDBkdVhadEtWU0NCUUpyZzEyOGNXb3F0MGNTN3pLb1VpDQpvcU1tQ0QvRXVBeFFNZjhRZDF2c1gvVllkZ0poVTZBRXJLZEpIaXpFOUJtUkNkTDBGMW1OVW55Rk82UnRtWFZUDQpidkxsTDVYeTc2R0FaQVBLOFB4aVlDa0NtbDdxN0VnTWNiOXlLWldCYmlxQ3VkTXE5TGJLNmdKNzF6YkZnSXV4DQo1L1pXK2JraTB2RlplWk9ZODUxb1psckFUNzJvMDI4NHNTWW9uN0pHZVZkY3NoUnh5R1VpSFpSTzdkaXZVTDVTDQpmM2JmSDFYbWY1ZDQzT0NWTWRuUUV2NWVaOG8zeWVLa3ZrbkZQUGVJMU9BbjdGbDlFRVNNR2dhOGFaSG1URSttDQpsLzlMSmdDYjBnQmtPT0M0WnV4bWh2aERKV1EzWnJCS3pMQlNUZXN0NWlLNVlwcXRWVVk2THRyRW9FelVTK1lsDQpwWndXY2VQWHlHeHM5ZURsR3lNVmQraW15Y3NTU1UvVno2Mmx6MnZCS21NTXBkYldDQWhud0RsRTVqU2dyMjRRDQp0eGNXLys2N3d5KzhuQlI3UXdqVTFITndVRjBzeERWdEwrZ1NHVERnSEVZSlhZelYvT05zMy94TkpoVFNPSkxNDQpoeXNVdyttaGdackdhbUdXcHVIVU1DUitvTWJzMTc1UkcrQjJnUFFHVytPTjJnUTRyOXN2b0ZBNHBBQm8xd1dLDQpRYjRhY3pmeVVscElBOVFoSmFsZEY3S3dPSHVlV3gwRUNrNXg0T2tvVDBvWVp0dzFiR0JjRGtaSmF3SURBUUFCDQpvMU13VVRBZEJnTlZIUTRFRmdRVW90UlNIUm9IWTEyRFZ4R0NCdEhpb1g2ZmVFQXdId1lEVlIwakJCZ3dGb0FVDQpvdFJTSFJvSFkxMkRWeEdDQnRIaW9YNmZlRUF3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFOQmdrcWhraUc5dzBCDQpBUXNGQUFPQ0FnRUFSbkpsWWRjMTFHd0VxWnh6RDF2R3BDR2pDN2VWTlQ3aVY1d3IybXlybHdPYi9aUWFEa0xYDQpvVStaOVVXT1VlSXJTdzUydDdmQUpvVVAwSm5iYkMveVIrU1lqUGhvUXNiVHduOTc2ZldBWTduM3FMOXhCd1Y0DQphek41OXNjeUp0dlhMeUtOL2N5ak1ReDRLajBIMFg0bWJ6bzVZNUtzWWtYVU0vOEFPdWZMcEd0S1NGVGgrSEFDDQpab1Q5YnZHS25adnNHd0tYZFF0Wnh0akhaUjVqK3U3ZGtQOTJBT051RFNabS8rWVV4b2tBK09JbzdSR3BwSHNXDQo1ZTdNY0FTVXRtb1FORXd6dVFoVkJaRWQ1OGtKYjUrV0VWbGNzanlXNnRTbzErZ25tTWNqR1BsMWgxR2hVbjV4DQpFY0lWRnBIWXM5YWo1NmpBSjk1MVQvZjhMaWxmTlVnanBLQ0c1bnl0SUt3emxhOHNtdGlPdm1UNEpYbXBwSkI2DQo4bmdHRVluVjUrUTYwWFJ2OEhSSGp1VG9CRHVhaERrVDA2R1JGODU1d09FR2V4bkZpMXZYWUxLVllWb1V2MXRKDQo4dVdUR1pwNllDSVJldlBqbzg5ZytWTlJSaVFYUThJd0dybXE5c0RoVTlqTjA0SjdVL1RvRDFpNHE3VnlsRUc5DQorV1VGNkNLaEdBeTJIaEhwVncyTGFoOS9lUzdZMUZ1YURrWmhPZG1laG1BOCtqdHNZamJadnR5Mm1SWlF0UUZzDQpUU1VUUjREbUR2bVVPRVRmeStpRHdzK2RkWXVNTnJGeVVYV2dkMnpBQU4ydVl1UHFGY2pRcFNPODFzVTJTU3R3DQoxVzAyeUtYOGJEYmZFdjBzbUh3UzliQnFlSGo5NEM1Mjg0YXpsdTBmaUdpTm1OUEM4ckJLRmhBPQ0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==
service:
name: webhook-service
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
path: /convert
conversionReviewVersions:
- v1alpha1
@@ -544,7 +544,7 @@ spec:
caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlGWlRDQ0EwMmdBd0lCQWdJVU5GRW1XcTM3MVpKdGkrMmlSQzk1WmpBV1MxZ3dEUVlKS29aSWh2Y05BUUVMDQpCUUF3UWpFTE1Ba0dBMVVFQmhNQ1dGZ3hGVEFUQmdOVkJBY01ERVJsWm1GMWJIUWdRMmwwZVRFY01Cb0dBMVVFDQpDZ3dUUkdWbVlYVnNkQ0JEYjIxd1lXNTVJRXgwWkRBZUZ3MHlNakEzTVRrd09UTXlNek5hRncweU1qQTRNVGd3DQpPVE15TXpOYU1FSXhDekFKQmdOVkJBWVRBbGhZTVJVd0V3WURWUVFIREF4RVpXWmhkV3gwSUVOcGRIa3hIREFhDQpCZ05WQkFvTUUwUmxabUYxYkhRZ1EyOXRjR0Z1ZVNCTWRHUXdnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDDQpEd0F3Z2dJS0FvSUNBUUNxVFpxMWZRcC9vYkdlenhES0o3OVB3Ny94azJwellualNzMlkzb1ZYSm5sRmM4YjVlDQpma2ZZQnY2bndscW1keW5PL2phWFBaQmRQSS82aFdOUDBkdVhadEtWU0NCUUpyZzEyOGNXb3F0MGNTN3pLb1VpDQpvcU1tQ0QvRXVBeFFNZjhRZDF2c1gvVllkZ0poVTZBRXJLZEpIaXpFOUJtUkNkTDBGMW1OVW55Rk82UnRtWFZUDQpidkxsTDVYeTc2R0FaQVBLOFB4aVlDa0NtbDdxN0VnTWNiOXlLWldCYmlxQ3VkTXE5TGJLNmdKNzF6YkZnSXV4DQo1L1pXK2JraTB2RlplWk9ZODUxb1psckFUNzJvMDI4NHNTWW9uN0pHZVZkY3NoUnh5R1VpSFpSTzdkaXZVTDVTDQpmM2JmSDFYbWY1ZDQzT0NWTWRuUUV2NWVaOG8zeWVLa3ZrbkZQUGVJMU9BbjdGbDlFRVNNR2dhOGFaSG1URSttDQpsLzlMSmdDYjBnQmtPT0M0WnV4bWh2aERKV1EzWnJCS3pMQlNUZXN0NWlLNVlwcXRWVVk2THRyRW9FelVTK1lsDQpwWndXY2VQWHlHeHM5ZURsR3lNVmQraW15Y3NTU1UvVno2Mmx6MnZCS21NTXBkYldDQWhud0RsRTVqU2dyMjRRDQp0eGNXLys2N3d5KzhuQlI3UXdqVTFITndVRjBzeERWdEwrZ1NHVERnSEVZSlhZelYvT05zMy94TkpoVFNPSkxNDQpoeXNVdyttaGdackdhbUdXcHVIVU1DUitvTWJzMTc1UkcrQjJnUFFHVytPTjJnUTRyOXN2b0ZBNHBBQm8xd1dLDQpRYjRhY3pmeVVscElBOVFoSmFsZEY3S3dPSHVlV3gwRUNrNXg0T2tvVDBvWVp0dzFiR0JjRGtaSmF3SURBUUFCDQpvMU13VVRBZEJnTlZIUTRFRmdRVW90UlNIUm9IWTEyRFZ4R0NCdEhpb1g2ZmVFQXdId1lEVlIwakJCZ3dGb0FVDQpvdFJTSFJvSFkxMkRWeEdDQnRIaW9YNmZlRUF3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFOQmdrcWhraUc5dzBCDQpBUXNGQUFPQ0FnRUFSbkpsWWRjMTFHd0VxWnh6RDF2R3BDR2pDN2VWTlQ3aVY1d3IybXlybHdPYi9aUWFEa0xYDQpvVStaOVVXT1VlSXJTdzUydDdmQUpvVVAwSm5iYkMveVIrU1lqUGhvUXNiVHduOTc2ZldBWTduM3FMOXhCd1Y0DQphek41OXNjeUp0dlhMeUtOL2N5ak1ReDRLajBIMFg0bWJ6bzVZNUtzWWtYVU0vOEFPdWZMcEd0S1NGVGgrSEFDDQpab1Q5YnZHS25adnNHd0tYZFF0Wnh0akhaUjVqK3U3ZGtQOTJBT051RFNabS8rWVV4b2tBK09JbzdSR3BwSHNXDQo1ZTdNY0FTVXRtb1FORXd6dVFoVkJaRWQ1OGtKYjUrV0VWbGNzanlXNnRTbzErZ25tTWNqR1BsMWgxR2hVbjV4DQpFY0lWRnBIWXM5YWo1NmpBSjk1MVQvZjhMaWxmTlVnanBLQ0c1bnl0SUt3emxhOHNtdGlPdm1UNEpYbXBwSkI2DQo4bmdHRVluVjUrUTYwWFJ2OEhSSGp1VG9CRHVhaERrVDA2R1JGODU1d09FR2V4bkZpMXZYWUxLVllWb1V2MXRKDQo4dVdUR1pwNllDSVJldlBqbzg5ZytWTlJSaVFYUThJd0dybXE5c0RoVTlqTjA0SjdVL1RvRDFpNHE3VnlsRUc5DQorV1VGNkNLaEdBeTJIaEhwVncyTGFoOS9lUzdZMUZ1YURrWmhPZG1laG1BOCtqdHNZamJadnR5Mm1SWlF0UUZzDQpUU1VUUjREbUR2bVVPRVRmeStpRHdzK2RkWXVNTnJGeVVYV2dkMnpBQU4ydVl1UHFGY2pRcFNPODFzVTJTU3R3DQoxVzAyeUtYOGJEYmZFdjBzbUh3UzliQnFlSGo5NEM1Mjg0YXpsdTBmaUdpTm1OUEM4ckJLRmhBPQ0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==
service:
name: webhook-service
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
path: /convert
conversionReviewVersions:
- v1beta1
@@ -1291,7 +1291,7 @@ metadata:
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/warn: privileged
name: controller
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
{% if metallb_speaker_enabled %}
---
@@ -1301,7 +1301,7 @@ metadata:
labels:
app: metallb
name: speaker
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
{% endif %}
---
apiVersion: rbac.authorization.k8s.io/v1
@@ -1310,7 +1310,7 @@ metadata:
labels:
app: metallb
name: controller
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
rules:
- apiGroups:
- ""
@@ -1402,7 +1402,7 @@ metadata:
labels:
app: metallb
name: pod-lister
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
rules:
- apiGroups:
- ""
@@ -1480,7 +1480,7 @@ kind: ClusterRole
metadata:
labels:
app: metallb
- name: metallb-system:controller
+ name: {{ metallb_namespace }}:controller
rules:
- apiGroups:
- ""
@@ -1561,7 +1561,7 @@ kind: ClusterRole
metadata:
labels:
app: metallb
- name: metallb-system:speaker
+ name: {{ metallb_namespace }}:speaker
rules:
- apiGroups:
- ""
@@ -1598,7 +1598,7 @@ metadata:
labels:
app: metallb
name: controller
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
@@ -1606,7 +1606,7 @@ roleRef:
subjects:
- kind: ServiceAccount
name: controller
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
---
apiVersion: rbac.authorization.k8s.io/v1
@@ -1615,7 +1615,7 @@ metadata:
labels:
app: metallb
name: pod-lister
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
@@ -1623,7 +1623,7 @@ roleRef:
subjects:
- kind: ServiceAccount
name: speaker
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
---
apiVersion: rbac.authorization.k8s.io/v1
@@ -1631,15 +1631,15 @@ kind: ClusterRoleBinding
metadata:
labels:
app: metallb
- name: metallb-system:controller
+ name: {{ metallb_namespace }}:controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
- name: metallb-system:controller
+ name: {{ metallb_namespace }}:controller
subjects:
- kind: ServiceAccount
name: controller
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
{% if metallb_speaker_enabled %}
---
@@ -1648,15 +1648,15 @@ kind: ClusterRoleBinding
metadata:
labels:
app: metallb
- name: metallb-system:speaker
+ name: {{ metallb_namespace }}:speaker
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
- name: metallb-system:speaker
+ name: {{ metallb_namespace }}:speaker
subjects:
- kind: ServiceAccount
name: speaker
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
{% endif %}
---
@@ -1664,14 +1664,14 @@ apiVersion: v1
kind: Secret
metadata:
name: webhook-server-cert
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
---
apiVersion: v1
kind: Service
metadata:
name: webhook-service
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
spec:
ports:
- port: 443
@@ -1687,7 +1687,7 @@ metadata:
app: metallb
component: controller
name: controller
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
spec:
revisionHistoryLimit: 3
selector:
@@ -1782,7 +1782,7 @@ metadata:
app: metallb
component: speaker
name: speaker
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
spec:
selector:
matchLabels:
@@ -1888,7 +1888,7 @@ webhooks:
clientConfig:
service:
name: webhook-service
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
path: /validate-metallb-io-v1beta2-bgppeer
failurePolicy: Fail
name: bgppeersvalidationwebhook.metallb.io
@@ -1908,7 +1908,7 @@ webhooks:
clientConfig:
service:
name: webhook-service
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
path: /validate-metallb-io-v1beta1-addresspool
failurePolicy: Fail
name: addresspoolvalidationwebhook.metallb.io
@@ -1928,7 +1928,7 @@ webhooks:
clientConfig:
service:
name: webhook-service
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
path: /validate-metallb-io-v1beta1-bfdprofile
failurePolicy: Fail
name: bfdprofilevalidationwebhook.metallb.io
@@ -1948,7 +1948,7 @@ webhooks:
clientConfig:
service:
name: webhook-service
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
path: /validate-metallb-io-v1beta1-bgpadvertisement
failurePolicy: Fail
name: bgpadvertisementvalidationwebhook.metallb.io
@@ -1968,7 +1968,7 @@ webhooks:
clientConfig:
service:
name: webhook-service
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
path: /validate-metallb-io-v1beta1-community
failurePolicy: Fail
name: communityvalidationwebhook.metallb.io
@@ -1988,7 +1988,7 @@ webhooks:
clientConfig:
service:
name: webhook-service
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
path: /validate-metallb-io-v1beta1-ipaddresspool
failurePolicy: Fail
name: ipaddresspoolvalidationwebhook.metallb.io
@@ -2008,7 +2008,7 @@ webhooks:
clientConfig:
service:
name: webhook-service
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
path: /validate-metallb-io-v1beta1-l2advertisement
failurePolicy: Fail
name: l2advertisementvalidationwebhook.metallb.io
diff --git a/roles/kubernetes-apps/metallb/templates/pools.yaml.j2 b/roles/kubernetes-apps/metallb/templates/pools.yaml.j2
index f22a4e3d1..42cc6ec1a 100644
--- a/roles/kubernetes-apps/metallb/templates/pools.yaml.j2
+++ b/roles/kubernetes-apps/metallb/templates/pools.yaml.j2
@@ -9,7 +9,7 @@
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
- namespace: metallb-system
+ namespace: "{{ metallb_namespace }}"
name: "{{ pool_name }}"
spec:
addresses:
diff --git a/roles/kubernetes/node/vars/ubuntu-24.yml b/roles/kubernetes/node/vars/ubuntu-24.yml
new file mode 100644
index 000000000..59bc55dda
--- /dev/null
+++ b/roles/kubernetes/node/vars/ubuntu-24.yml
@@ -0,0 +1,2 @@
+---
+kube_resolv_conf: "/run/systemd/resolve/resolv.conf"
diff --git a/roles/kubernetes/preinstall/tasks/0040-verify-settings.yml b/roles/kubernetes/preinstall/tasks/0040-verify-settings.yml
index 91b78b75f..55dda5b81 100644
--- a/roles/kubernetes/preinstall/tasks/0040-verify-settings.yml
+++ b/roles/kubernetes/preinstall/tasks/0040-verify-settings.yml
@@ -77,6 +77,13 @@
- not ignore_assert_errors
- inventory_hostname in groups['kube_node']
+# This command will fail if cgroups are not enabled on the node.
+# For reference: https://kubernetes.io/docs/concepts/architecture/cgroups/#check-cgroup-version
+- name: Stop if cgroups are not enabled on nodes
+ command: stat -fc %T /sys/fs/cgroup/
+ changed_when: false
+ when: not ignore_assert_errors
+
# This assertion will fail on the safe side: One can indeed schedule more pods
# on a node than the CIDR-range has space for when additional pods use the host
# network namespace. It is impossible to ascertain the number of such pods at
diff --git a/roles/kubernetes/preinstall/tasks/0080-system-configurations.yml b/roles/kubernetes/preinstall/tasks/0080-system-configurations.yml
index 8159dcc23..768cd62c9 100644
--- a/roles/kubernetes/preinstall/tasks/0080-system-configurations.yml
+++ b/roles/kubernetes/preinstall/tasks/0080-system-configurations.yml
@@ -104,7 +104,7 @@
reload: yes
when: fs_may_detach_mounts.stat.exists | d(false)
-- name: Ensure kube-bench parameters are set
+- name: Ensure kubelet expected parameters are set
ansible.posix.sysctl:
sysctl_file: "{{ sysctl_file_path }}"
name: "{{ item.name }}"
diff --git a/roles/kubernetes/preinstall/vars/main.yml b/roles/kubernetes/preinstall/vars/main.yml
index 28ee56a27..4b3524a54 100644
--- a/roles/kubernetes/preinstall/vars/main.yml
+++ b/roles/kubernetes/preinstall/vars/main.yml
@@ -97,7 +97,7 @@ pkgs:
major_versions:
- "8"
- "9"
- Centos: *major_redhat_like
+ CentOS: *major_redhat_like
rsync: {}
socat: {}
software-properties-common: *debian_family_base
diff --git a/roles/kubespray-defaults/defaults/main/checksums.yml b/roles/kubespray-defaults/defaults/main/checksums.yml
index 9ad9a9322..ee511ae6b 100644
--- a/roles/kubespray-defaults/defaults/main/checksums.yml
+++ b/roles/kubespray-defaults/defaults/main/checksums.yml
@@ -81,10 +81,14 @@ crio_archive_checksums:
# Kubernetes versions above Kubespray's current target version are untested and should be used with caution.
kubelet_checksums:
arm:
+ v1.29.5: 0
+ v1.29.4: 0
v1.29.3: 0
v1.29.2: 0
v1.29.1: 0
v1.29.0: 0
+ v1.28.10: 0
+ v1.28.9: 0
v1.28.8: 0
v1.28.7: 0
v1.28.6: 0
@@ -94,6 +98,8 @@ kubelet_checksums:
v1.28.2: 0
v1.28.1: 0
v1.28.0: 0
+ v1.27.14: 0
+ v1.27.13: 0
v1.27.12: 0
v1.27.11: 0
v1.27.10: 0
@@ -108,10 +114,14 @@ kubelet_checksums:
v1.27.1: 0
v1.27.0: 0
arm64:
+ v1.29.5: 0d4328a3c67e4f0dbf270fa49343f3eab9316adde1a1bd2a857fa56876a9aff1
+ v1.29.4: dc4bb6ea6cd35b024d63cc20d1c1800a9c695bd6f70411c57358d7c407513b00
v1.29.3: 891dce19ed0eae34050c2eca0454204892e97bfe1a926f988cd044a987a9c7c9
v1.29.2: 9b4aa572d4cd51a41b1067161d961423d0d12b120fb636ea887a12a975d4b19a
v1.29.1: e46417ab1ceae995f0e00d4177959a36ed34b807829422bc9dda70b263fe5c5d
v1.29.0: 0e0e4544c2a0a3475529154b7534d0d58683466efa04a2bb2e763b476db0bb16
+ v1.28.10: feae161e374ee0155b5263cda339f30f16b525631535a003be7aa437661e1580
+ v1.28.9: 312471ad255acfcdeea2c5849b171467af4518e96d69d727a3197ff334e9299d
v1.28.8: 90d61f40b7bb061b0fc6d08b8b9ddae51f90863c899b098e19eaa89dc855f2c0
v1.28.7: e2c98b39b0b0745ef3e30febaeb8eaaf31ec721012405bd0dcf25e84026c221e
v1.28.6: ee2c060deff330d3338e24aec9734c9e5d5aea4fea1905c0795bccff6997a65e
@@ -121,6 +131,8 @@ kubelet_checksums:
v1.28.2: 32269e9ec38c561d028b65c3048ea6a100e1292cbe9e505565222455c8096577
v1.28.1: 9b7fa64b2785da4a38768377961e227f8da629c56a5df43ca1b665dd07b56f3c
v1.28.0: 05dd12e35783cab4960e885ec0e7d0e461989b94297e7bea9018ccbd15c4dce9
+ v1.27.14: 31c97a723021ccc90a47a15ad1de1ffdf58ba109aea922eb359ad2fcb8e8ce4b
+ v1.27.13: d7bfb14d0b0fc2c41074baf02617cf98589fd029fb3539ea017825e36371f19c
v1.27.12: 0d7d2d25c8b909d6cec7c1c2a5bfe51428ec33eaa5e8b209c718b77983e9dcba
v1.27.11: e81987a864fb47afe14f65fa4e93760bc19c424335e0f0540c6c725b727ce22a
v1.27.10: 0edadc44ef36be8d8106cad9972360c0477540e2d8c0bbeb38fd97fd1d7801d5
@@ -135,10 +147,14 @@ kubelet_checksums:
v1.27.1: dbb09d297d924575654db38ed2fc627e35913c2d4000c34613ac6de4995457d0
v1.27.0: 37aa2edc7c0c4b3e488518c6a4b44c8aade75a55010534ee2be291220c73d157
amd64:
+ v1.29.5: 261dc3f3c384d138835fe91a02071c642af94abb0cca56ebc04719240440944c
+ v1.29.4: 58571f0ed62543a9bbac541e52c15d8385083113a463e23aec1341d0b5043939
v1.29.3: d8b55a2f8a87c8cd2cbf867d76d1d7f98b7198a740db19bad6ed7b8b813de771
v1.29.2: f71a85039b71fe08f1c063a93d61a1c952dc8f9a8c6be9b13fbdac8f0d9ff960
v1.29.1: 1b1975c58d38be1a99a8bcba4564ac489afd223b0abe9f2ab08bbde89d2412a3
v1.29.0: e1c38137db8d8777eed8813646b59bf4d22d19b9011ab11dc28e2e34f6b80a05
+ v1.28.10: a361e744aaeef4539f0636ecd1827c85207a5f2b0c2b0a98dbbce1498061f509
+ v1.28.9: f3af46cff11c675a80d91ebb38ebc4e85a9f813ce93e56ee131e7fea1491b786
v1.28.8: 049b412a5861255cd3922f612acb79ab51135e166c5d80acf12fba9179eebf0c
v1.28.7: 120b1495babc4364f7e16a9d0f8b8e6b6f78316d047e4f6de77b5569b05813c7
v1.28.6: 8506df1f20a5f8bba0592f5a4cf5d0cc541047708e664cb88580735400d0b26f
@@ -148,6 +164,8 @@ kubelet_checksums:
v1.28.2: 17edb866636f14eceaad58c56eab12af7ab3be3c78400aff9680635d927f1185
v1.28.1: 2bc22332f44f8fcd3fce57879fd873f977949ebd261571fbae31fbb2713a5dd3
v1.28.0: bfb6b977100963f2879a33e5fbaa59a5276ba829a957a6819c936e9c1465f981
+ v1.27.14: f28defa43f80f82ce909940c1b57b71cba1fcf0de6fc4723e798ef5c72376c28
+ v1.27.13: ed68df2a77f3057ab47f57eacb6e9310e91731e4f43c58a3c3b5c857d78d0080
v1.27.12: aae861a21913c274228ccdad1609b370e5198c9f4b39b8924b20a7ffe7f148e0
v1.27.11: 2ce92a5d8985b93bd8ffc4f5519cd79bf2f844590aa38228a3d809c5bf5986e0
v1.27.10: 25a34bf98bb8a296ea07f1ebbcb496b1e6b6c6da3247695288a7c99fc8c1be2c
@@ -162,10 +180,14 @@ kubelet_checksums:
v1.27.1: cb2845fff0ce41c400489393da73925d28fbee54cfeb7834cd4d11e622cbd3a7
v1.27.0: 0b4ed4fcd75d33f5dff3ba17776e6089847fc83064d3f7a3ad59a34e94e60a29
ppc64le:
+ v1.29.5: b0caa52184a3e89a7f529c776ebabd7d34aecad560614f787fe08cff777a43cb
+ v1.29.4: 1ecc89b6f17df357835e3e56f553ec27f2aea69a5865dfb39cff77e6e70e6adb
v1.29.3: 811f2b17f443cd694b8650f5ec2c7e3a59394f8bf3e25d16182549aaab16a420
v1.29.2: b0eb5e0362a4e153ed1239c65b0abb02b2d9fbbca6846d0bab8b285de8c84fca
v1.29.1: 467d2b457205363f53f72081295ea390fc25215b0ccc29dc04c4f82925266067
v1.29.0: 67f09f866d3e4aee8211ce9887ec8bc427b188474a882a7af999fc0fee939028
+ v1.28.10: 0ba43fda35f588eaf65955481a7c6f633e4e787a45322bf55a7558ece4944e39
+ v1.28.9: cf33fbff3fb852ce9f8afda8818381af343fb5e7d30dde72999cc0d273631815
v1.28.8: f3e4551e5234d296344a481196e607d88581705fedd561e8c807db1de8a9cc4b
v1.28.7: c67277445af9a97a375da3caa6a7dae7bb52fa454deb811c5bc89c2838b3322f
v1.28.6: 8f79f40bef88aaedfdf7256de48a972295b0069ae0ddefa90dff3f8690c825ce
@@ -175,6 +197,8 @@ kubelet_checksums:
v1.28.2: 79f568ac700d29f88d669c6b6a09adb3b726bdd13c10aa0839cbc70b414372e5
v1.28.1: 547fc76f0c1d78352fad841ebeacd387fe48750b2648565dfd49197621622fbb
v1.28.0: 22de59965f2d220afa24bf04f4c6d6b65a4bb1cd80756c13381973b1ac3b4578
+ v1.27.14: dadfffb524b3c7e825c2742fb7723846eef4dfdf47c90e3bec90c0ca325b4b30
+ v1.27.13: c3e589e5ec1aabc1e9a0b2700a13ae9541dc8a678fbedad68b0fc82dee4fd866
v1.27.12: 9d6da53ca98e58b947ef0073feff96f03000c32efcee8af93716728b501d7290
v1.27.11: ce4dc48a61399038eff680b952386ed9be471c5af1e43dc461e0fb5339de9356
v1.27.10: c5014bed224347245fadec3d763846ec33ccd7a580d0c4ee19a45a948392f20c
@@ -190,10 +214,14 @@ kubelet_checksums:
v1.27.0: 17c061a9f7919697ac71c151c19337f65b86f59f59441687ac92e977d851c75b
kubectl_checksums:
arm:
+ v1.29.5: f3c83a9674098c5a4f27defed001934719f487897dd61db1992057e5ed103b3e
+ v1.29.4: ff4a1f437dc902b73505841a7705a6405694856a798e962ec2fdf7793f0aeadb
v1.29.3: 12f72bd88eaa04cd8f09827c64195a695fdd5fb64e11c98524c83d21bcb0e37a
v1.29.2: f1bab202f0ce0c4209af0a977fc3dd4076397b1983544e09942ca4f586dff900
v1.29.1: a4b478cc0e9adaab0c5bb3627c20c5228ea0fe2aeff9e805d611eb3edb761972
v1.29.0: a2388eb458d07ec734e4fa02fd0147456a1922a7d6b8e67a32db9d64a4d7621c
+ v1.28.10: e7b977779169f394383696afe872f6f0a4274789adbce1b70f5b28a20ee2cbd0
+ v1.28.9: 2da7aead4f58aefee6892b2cc8184de26ef7808bf2d599553267d5cdbc1ce83a
v1.28.8: 98c44038dd978a58aa01849c25c2bd522fab7494a39bb3fd56c90944ba6e872f
v1.28.7: d0c2e9228aff23bdcc62072ef9cebf5ebb0b14fb8638b6df8f7f6d5220c36bd9
v1.28.6: 2358d98d4970c177a3af0ae1c2398f69922074a961a61cdff6ae4a7f13106dc1
@@ -203,6 +231,8 @@ kubectl_checksums:
v1.28.2: 6576aa70413ff00c593a07b549b8b9d9e5ef73c42bb39ab4af475e0fdb540613
v1.28.1: eaa05dab1bffb8593d8e5caa612530ee5c914ee2be73429b7ce36c3becad893f
v1.28.0: 372c4e7bbe98c7067c4b7820c4a440c931ad77f7cb83d3237b439ca3c14d3d37
+ v1.27.14: 75caa5e6845887a273a3bebc0f67994b8aaeaab65f5ecd4c2a7d1f9f5c14e3ee
+ v1.27.13: 8008a94f57e1aaa88097f4ac9ceae33d86e78bf0bf306a8c1942ab9adf7c5ea0
v1.27.12: eed221f15d1a00ca723afe690ca35ee5c74faa64fa7af432479686f4f26d3510
v1.27.11: 11586f333abaf2776e0d2f9e02c71ae5eeff3ad8e629815aa8bb7d7e9a406301
v1.27.10: 4d81649935ec127f9aa21954697f82e0796f61e8e6406fd058b3a8b80e858c8e
@@ -217,10 +247,14 @@ kubectl_checksums:
v1.27.1: fe704e355bf2c5f69964cd12772687535a11a5e9ec0baf4f27e0a8fb156bc615
v1.27.0: 288470e3eb89a2f55273d753ce6674dfb00e732f2971428acb964810aa726188
arm64:
+ v1.29.5: 9ee9168def12ac6a6c0c6430e0f73175e756ed262db6040f8aa2121ad2c1f62e
+ v1.29.4: 61537408eedcad064d7334384aed508a8aa1ea786311b87b505456a2e0535d36
v1.29.3: 191a96b27e3c6ae28b330da4c9bfefc9592762670727df4fcf124c9f1d5a466a
v1.29.2: 3507ecb4224cf05ae2151a98d4932253624e7762159936d5347b19fe037655ca
v1.29.1: 96d6dc7b2bdcd344ce58d17631c452225de5bbf59b83fd3c89c33c6298fb5d8b
v1.29.0: 8f7a4bd6bae900a4ddab12bd1399aa652c0d59ea508f39b910e111d248893ff7
+ v1.28.10: e659d23d442c2706debe5b96742326c0a1e1d7b5c695a9fe7dfe8ea7402caee8
+ v1.28.9: e0341d3973213f8099e7fcbbf6d1d506967bc2b7a4faac3fb3b4340f226e9b2f
v1.28.8: 93d60dd36093b4c719f1f1bafcf59437c17cb2209341c7c94771e7dd9acdab33
v1.28.7: 13d547495bdea49b223fe06bffb6d2bef96436634847f759107655aa80fc990e
v1.28.6: 0de705659a80c3fef01df43cc0926610fe31482f728b0f992818abd9bdcd2cb9
@@ -230,6 +264,8 @@ kubectl_checksums:
v1.28.2: ea6d89b677a8d9df331a82139bb90d9968131530b94eab26cee561531eff4c53
v1.28.1: 46954a604b784a8b0dc16754cfc3fa26aabca9fd4ffd109cd028bfba99d492f6
v1.28.0: f5484bd9cac66b183c653abed30226b561f537d15346c605cc81d98095f1717c
+ v1.27.14: 29f3a1f520d929df38873c68dec73519c1e5e521140e01cf9d7701f7b5ffe4f3
+ v1.27.13: bfc6cb71041ebc0f048402988eccc107cfff2b866c864231c9ada05ab328e5bf
v1.27.12: bfc6cb71041ebc0f048402988eccc107cfff2b866c864231c9ada05ab328e5bf
v1.27.11: d30e1aa873e78eb376ddee3c785aa78c44eddc56ce2ef901dac1ce0c2c4f50b0
v1.27.10: 2e1996379d5a8b132e0606fcd3df3c8689e11882630b75cca3b7135126847871
@@ -244,10 +280,14 @@ kubectl_checksums:
v1.27.1: fd3cb8f16e6ed8aee9955b76e3027ac423b6d1cc7356867310d128082e2db916
v1.27.0: f8e09630211f2b7c6a8cc38835e7dea94708d401f5c84b23a37c70c604602ddc
amd64:
+ v1.29.5: 603c8681fc0d8609c851f9cc58bcf55eeb97e2934896e858d0232aa8d1138366
+ v1.29.4: 10e343861c3cb0010161e703307ba907add2aeeeaffc6444779ad915f9889c88
v1.29.3: 89c0435cec75278f84b62b848b8c0d3e15897d6947b6c59a49ddccd93d7312bf
v1.29.2: 7816d067740f47f949be826ac76943167b7b3a38c4f0c18b902fffa8779a5afa
v1.29.1: 69ab3a931e826bf7ac14d38ba7ca637d66a6fcb1ca0e3333a2cafdf15482af9f
v1.29.0: 0e03ab096163f61ab610b33f37f55709d3af8e16e4dcc1eb682882ef80f96fd5
+ v1.28.10: 389c17a9700a4b01ebb055e39b8bc0886330497440dde004b5ed90f2a3a028db
+ v1.28.9: b4693d0b22f509250694b10c7727c42b427d570af04f2065fe23a55d6c0051f1
v1.28.8: e02aad5c0bac52c970700b814645b62c4f18b634144398ac344875dbaf1072f8
v1.28.7: aff42d3167685e4d8e86fda0ad9c6ce6ec6c047bc24d608041d54717a18192ba
v1.28.6: c8351fe0611119fd36634dd3f53eb94ec1a2d43ef9e78b92b4846df5cc7aa7e3
@@ -257,6 +297,8 @@ kubectl_checksums:
v1.28.2: c922440b043e5de1afa3c1382f8c663a25f055978cbc6e8423493ec157579ec5
v1.28.1: e7a7d6f9d06fab38b4128785aa80f65c54f6675a0d2abef655259ddd852274e1
v1.28.0: 4717660fd1466ec72d59000bb1d9f5cdc91fac31d491043ca62b34398e0799ce
+ v1.27.14: 1d2431c68bb6dfa9de3cd40fd66d97a9ac73593c489f9467249eea43e9c16a1e
+ v1.27.13: e991f163197cbd85bbff22f656a74d48b69db5addfa43cc04cca0cf5328f57f1
v1.27.12: d639eda39be2dce42fbec21e038942ab5734541715e3ea5fb29c9ad76686bd7f
v1.27.11: 7ae327978a1edb43700070c86f5fd77215792c6b58a7ea70192647e0da848e29
v1.27.10: bfb219643c28d9842fceae51590776f06987835d93fc3cb9b0149c9111c741ac
@@ -271,10 +313,14 @@ kubectl_checksums:
v1.27.1: 7fe3a762d926fb068bae32c399880e946e8caf3d903078bea9b169dcd5c17f6d
v1.27.0: 71a78259d70da9c5540c4cf4cff121f443e863376f68f89a759d90cef3f51e87
ppc64le:
+ v1.29.5: 1d2635f6bd0218c53037c113171479e15e51b60823f7f1b93afb48ae1d9e5b09
+ v1.29.4: 10a1a7e4423483a386ab1ab9237cda1e9d24423c2cf23b7fa514f533aa23ce87
v1.29.3: 84292286ed2941e52a9df9ccaaf30c3bfebe02a096b67e553d8b643295f231f0
v1.29.2: 382552d15a1aa7ec5a316b2a912e7fbdaaff2f3c714cd38b2b0c6a48b670fed8
v1.29.1: b7780124ccfe9640f3a37d242d31e8dbb252bcd379bd0d7bf3776d15baf15ca3
v1.29.0: ea926d8cf25e2ce982ff5c375da32b51ccbd122b721b1bc4a32f52a9a0d073ab
+ v1.28.10: aea8f54280e56dd58822fa4ae835ce6c6586727b32fb7bc915c2bee5038ccba9
+ v1.28.9: 6c5f40b6467b67fe2cc1540c7e7cb15ba6ad092361395aa7989c2c26e3de0697
v1.28.8: c9c21c1db306ec34bdc0f8179d1a1e20f8bcdd6d42fccf84267a5686e3218ad1
v1.28.7: 1394cc047551bbecffee7f1c28cccd0f3c9839a72344854362a08e98d6513c18
v1.28.6: 60fdb4386b5499dd6a6e3a369f35eef63c99647f7a0436fdbeb4db8c052d14f6
@@ -284,6 +330,8 @@ kubectl_checksums:
v1.28.2: 87cca30846fec99a4fbea122b21e938717b309631bd2220de52049fce30d2e81
v1.28.1: 81b45c27abbdf2be6c5203dfccfd76ded1ac273f9f7672e6dcdf3440aa191324
v1.28.0: 7a9dcb4c75b33b9dac497c1a756b1f12c7c63f86fc0f321452360fbe1a79ce0f
+ v1.27.14: 04e07e0f74f9890ce4e391476ca9404e30a09f541726c6ad9ab43e93fe672cf8
+ v1.27.13: 39341fa0aa075af4bf0dc0bc0ce4ee628b0301a8ecd18a6277abf4e4cb6c4e5d
v1.27.12: d08c112cba1a2244fa04f6ead792aad37170f828ec2301301256df25fc6ebe59
v1.27.11: af736cbdb7ae42e696fa3543e483726c1728c95039b9520797511965caca56b6
v1.27.10: 445928336932248cb104d99919e659696afa60f8dd8513821f92775e893d0dcb
@@ -299,10 +347,14 @@ kubectl_checksums:
v1.27.0: daa9f1d4fe3f217de2546bca4ac14601f34b34a25c1f571f1e44eb313aee1385
kubeadm_checksums:
arm:
+ v1.29.5: 0
+ v1.29.4: 0
v1.29.3: 0
v1.29.2: 0
v1.29.1: 0
v1.29.0: 0
+ v1.28.10: 0
+ v1.28.9: 0
v1.28.8: 0
v1.28.7: 0
v1.28.6: 0
@@ -312,6 +364,8 @@ kubeadm_checksums:
v1.28.2: 0
v1.28.1: 0
v1.28.0: 0
+ v1.27.14: 0
+ v1.27.13: 0
v1.27.12: 0
v1.27.11: 0
v1.27.10: 0
@@ -326,10 +380,14 @@ kubeadm_checksums:
v1.27.1: 0
v1.27.0: 0
arm64:
+ v1.29.5: d4db8c514f2764edc039462c218dbcd316577f76f21b209b76e9a4b1f08e3100
+ v1.29.4: 438287a91e08cbefecab79be8ac893a935c3dbf6e87bea895fb99f2bc38cf06e
v1.29.3: ce2e4c230f954e59ae77e34c4ff2ae08cad3970505ae1e21b6337e6d83b21682
v1.29.2: e05720feb9d2d67eff25b0156a5c22e2de37be2ffab4e1f4d31e8c526fafd0e1
v1.29.1: 3bff8c50c104c45e416cce9991706c6ac46365f0defbcd54f8cf4ace0fa68dcf
v1.29.0: bbddee2d46d2e1643ae3623698b45b13aa2e858616d61c642f2f49e5bb14c980
+ v1.28.10: f6809d72ed1bf6fde460e48e5c714c3bc92f680e328defa9bd592a796347b644
+ v1.28.9: cd6aefad8144a9771fd470529ff14be2675df7b561f7c56dee3fed4f81332dc4
v1.28.8: e0f47adc69ef84e2f6c42cc341b8a790904a929ad10ed1c23c2e822ec804e247
v1.28.7: f556e49494737f97a15bf15bb4b27d45f8747b477302cdfd22dd61816bc02203
v1.28.6: 4298cad464e92eec19cdf3e6a607a82a1d626ae70fedba7956175152ab983457
@@ -339,6 +397,8 @@ kubeadm_checksums:
v1.28.2: 010789a94cf512d918ec4a3ef8ec734dea0061d89a8293059ef9101ca1bf6bff
v1.28.1: 7d2f68917470a5d66bd2a7d62897f59cb4afaeffb2f26c028afa119acd8c3fc8
v1.28.0: b9b473d2d9136559b19eb465006af77df45c09862cd7ce6673a33aae517ff5ab
+ v1.27.14: cb840eb83404047cdafec0b15054023c90a47491b56d2dceba1050040f37cc7e
+ v1.27.13: f334ba0612fada50e98a7ea56b686b35c22f0e3243ec2210f2a6a87e841a139f
v1.27.12: e74d47c14b5a251cff961dcce92cd632abcfd0fba4a07e78f0a5a5b2796e4b84
v1.27.11: b8452d6c3f1331beb3d5fa42466a9bc96638a76c40980dba9822300f230c0858
v1.27.10: ed0447155a7e967ae23480b06b31b2c0aaa871e7c59dfd82ae25b03a1eccf6e6
@@ -353,10 +413,14 @@ kubeadm_checksums:
v1.27.1: 024a59cd6fc76784b597c0c1cf300526e856e8c9fefa5fa7948158929b739551
v1.27.0: acd805c6783b678ee0068b9dd8165bbfd879c345fd9c25d6a978dbc965f48544
amd64:
+ v1.29.5: e424dcdbe661314b6ca1fcc94726eb554bc3f4392b060b9626f9df8d7d44d42c
+ v1.29.4: ea20ab064f716ab7f69a36d72df340257b31c9721ea86e1cf9d70b35999ddeea
v1.29.3: 6abaa1208bf40b6d1f49e518bd68c8ae4a1be0c5b7d3e45d87979999ab070d8b
v1.29.2: 2d4e4fa8685bcbfb661cb41050cd4756f50a7aa147f68492d51a99f9cdfd69ac
v1.29.1: d4d81d9020b550c896376fb9e0586a9f15a332175890d061619b52b3e9bc6cbd
v1.29.0: 629d4630657caace9c819fd3797f4a70c397fbd41a2a7e464a0507dad675d52c
+ v1.28.10: 1a344d34755c5f005120308f09a730e7564c8f857de6606b6bc5f18a69606e5a
+ v1.28.9: a4d8acf0a74cb1d07d96a1a34148f54c6420874221af16d8ec902d9bffc7ef89
v1.28.8: c11946cbfd962e1197062534514226cfd70230349e6343ff3ecebfca5476ee64
v1.28.7: 8aa005bdf6af43e47fc818b26f4cb9f361aae8ec4390519e8d4033be65fbef2b
v1.28.6: bda3eda8d51e8746a42b535b7eab7df52b091a796227c3212dc30909a8f1b431
@@ -366,6 +430,8 @@ kubeadm_checksums:
v1.28.2: 6a4808230661c69431143db2e200ea2d021c7f1b1085e6353583075471310d00
v1.28.1: 6134dbc92dcb83c3bae1a8030f7bb391419b5d13ea94badd3a79b7ece75b2736
v1.28.0: 12ea68bfef0377ccedc1a7c98a05ea76907decbcf1e1ec858a60a7b9b73211bb
+ v1.27.14: 1ce264643e521494e111b1c9ee59694a54d1f2464bbac3a7a531324ffeae0182
+ v1.27.13: b88c30b7067f095b7fa02c5560cc50d6e69a5a9fecc606ef477dc7efc86453b9
v1.27.12: 06ee36cc80cfdfc01c937d750783d3ca6169a3da76382c7af3dd172d9f6bfa4e
v1.27.11: 31bf446a712fb08190838c35d1f4c93b0f975708c59634a5dc3d8915a241c83e
v1.27.10: 23985e958443ac1aabdbeeedc675358abc0638eb580707829fd42b0996a0aae5
@@ -380,10 +446,14 @@ kubeadm_checksums:
v1.27.1: c7d32d698e99b90f877025104cb4a9f3f8c707e99e6817940f260135b6d1ad0a
v1.27.0: 78d0e04705a7bdb76a514d60f60c073b16334b15f57ee87f064354ca8a233e80
ppc64le:
+ v1.29.5: 05c92f52d75268f0aaff5056e0d6b3e03002b2d17432360750100ada9b2c381b
+ v1.29.4: ec47a2dbe1969b9513b0313b5b07b72a870e5da54864d9c8391ec5e857404659
v1.29.3: c0e1f6e9451f28c7b8abf7d3a081fe97578ada69908135e3390f5783511ff7f8
v1.29.2: a0f8ffa8cbfa4bb061ff028df2f6dbb31a9527c561d8c0186d679559f9f347b4
v1.29.1: 3ec6d90c05dd8e4c6bb1f42fd2fe0f091d85317efaf47d9baebd9af506b3878b
v1.29.0: 4c414a463ed4277e9062c797d1c0435aa7aec2fd1688c5d34e3161c898113cb5
+ v1.28.10: 39a5a27b70ea9eb7e86a37c8862691d875f462a6d52a02355873ffca4595e045
+ v1.28.9: 616d06ae90a8e3eb79d99a06b1a7dd304da02e7a2d8c58c1c0e501bdd3982a00
v1.28.8: 5a42d2c06f553c4284ce6f3f48432389cd63f768f2a032b78ca6ee4c925e9b11
v1.28.7: 60aec330562326fe1ac4a26fe16053c976467fdbc5811c37a5b4a5c13379cac8
v1.28.6: 71fc8af0f80599a991ece0c31b21ca85f3ce49322941a305048d9287c249446c
@@ -393,6 +463,8 @@ kubeadm_checksums:
v1.28.2: fdc28482a4316c84d61b0997c29c4d4c7b11459af9c654fdee3b4a3031f0fcb7
v1.28.1: 73e06f2b614ed5665951f7c059e225a7b0b31319c64a3f57e146fbe7a77fe54e
v1.28.0: 146fe9194486e46accd5054fa93939f9608fdbeefefc4bc68e4c40fb4a84ccc9
+ v1.27.14: 9eb15d0db3ade2b1fa3035ed1cb2cfb6f00cc090451d4457bcf08edbcca3616e
+ v1.27.13: 2b5812317f2afaabb14c84a32b8b0dc43c447afa994d0a4c02a8ea4e6bea05db
v1.27.12: 6be7ae703299b3c2788ca5e689973d659038a6edc8dde68d7fc966fa539cba0f
v1.27.11: b7da90f29cae799d96e47aadb1f20b567fbded09d3d5ddcb88d3378098c6a1f3
v1.27.10: c928ad330bae724b1ef9775e07285408727513a024e3d86e3d72e05768859db8
diff --git a/roles/kubespray-defaults/defaults/main/download.yml b/roles/kubespray-defaults/defaults/main/download.yml
index f66ebbb38..d75e090b2 100644
--- a/roles/kubespray-defaults/defaults/main/download.yml
+++ b/roles/kubespray-defaults/defaults/main/download.yml
@@ -156,10 +156,10 @@ crio_supported_versions:
v1.27: v1.27.4
crio_version: "{{ crio_supported_versions[kube_major_version] }}"
-# Scheduler plugins doesn't build for K8s 1.28 yet
+# Scheduler plugins doesn't build for K8s 1.29 yet
scheduler_plugins_supported_versions:
v1.29: 0
- v1.28: 0
+ v1.28: v0.28.9
v1.27: v0.27.8
scheduler_plugins_version: "{{ scheduler_plugins_supported_versions[kube_major_version] }}"
@@ -281,6 +281,8 @@ kube_router_image_repo: "{{ docker_image_repo }}/cloudnativelabs/kube-router"
kube_router_image_tag: "{{ kube_router_version }}"
multus_image_repo: "{{ github_image_repo }}/k8snetworkplumbingwg/multus-cni"
multus_image_tag: "{{ multus_version }}"
+external_openstack_cloud_controller_image_repo: "registry.k8s.io/provider-os/openstack-cloud-controller-manager"
+external_openstack_cloud_controller_image_tag: "v1.28.2"
kube_vip_image_repo: "{{ github_image_repo }}/kube-vip/kube-vip"
kube_vip_image_tag: v0.8.0
@@ -329,13 +331,13 @@ rbd_provisioner_image_tag: "{{ rbd_provisioner_version }}"
local_path_provisioner_version: "v0.0.24"
local_path_provisioner_image_repo: "{{ docker_image_repo }}/rancher/local-path-provisioner"
local_path_provisioner_image_tag: "{{ local_path_provisioner_version }}"
-ingress_nginx_version: "v1.9.6"
+ingress_nginx_version: "v1.10.1"
ingress_nginx_controller_image_repo: "{{ kube_image_repo }}/ingress-nginx/controller"
ingress_nginx_opentelemetry_image_repo: "{{ kube_image_repo }}/ingress-nginx/opentelemetry"
ingress_nginx_controller_image_tag: "{{ ingress_nginx_version }}"
ingress_nginx_opentelemetry_image_tag: "v20230721-3e2062ee5"
ingress_nginx_kube_webhook_certgen_image_repo: "{{ kube_image_repo }}/ingress-nginx/kube-webhook-certgen"
-ingress_nginx_kube_webhook_certgen_image_tag: "v20231011-8b53cabe0"
+ingress_nginx_kube_webhook_certgen_image_tag: "v1.4.1"
alb_ingress_image_repo: "{{ docker_image_repo }}/amazon/aws-alb-ingress-controller"
alb_ingress_image_tag: "v1.1.9"
cert_manager_version: "v1.13.2"
diff --git a/roles/kubespray-defaults/defaults/main/main.yml b/roles/kubespray-defaults/defaults/main/main.yml
index ed71d8a06..5a7847783 100644
--- a/roles/kubespray-defaults/defaults/main/main.yml
+++ b/roles/kubespray-defaults/defaults/main/main.yml
@@ -18,7 +18,7 @@ kubelet_fail_swap_on: true
kubelet_swap_behavior: LimitedSwap
## Change this to use another Kubernetes version, e.g. a current beta release
-kube_version: v1.29.3
+kube_version: v1.29.5
## The minimum version working
kube_version_min_required: v1.27.0
diff --git a/roles/network_plugin/calico/tasks/peer_with_router.yml b/roles/network_plugin/calico/tasks/peer_with_router.yml
index 6a7789894..0a00059bd 100644
--- a/roles/network_plugin/calico/tasks/peer_with_router.yml
+++ b/roles/network_plugin/calico/tasks/peer_with_router.yml
@@ -23,6 +23,38 @@
when:
- inventory_hostname == groups['kube_control_plane'][0]
+- name: Calico | Get node for per node peering
+ command:
+ cmd: "{{ bin_dir }}/calicoctl.sh get node {{ inventory_hostname }}"
+ register: output_get_node
+ when:
+ - inventory_hostname in groups['k8s_cluster']
+ - local_as is defined
+ - groups['calico_rr'] | default([]) | length == 0
+ delegate_to: "{{ groups['kube_control_plane'][0] }}"
+
+- name: Calico | Patch node asNumber for per node peering
+ command:
+ cmd: |-
+ {{ bin_dir }}/calicoctl.sh patch node "{{ inventory_hostname }}" --patch '{{ patch is string | ternary(patch, patch | to_json) }}'
+ vars:
+ patch: >
+ {"spec": {
+ "bgp": {
+ "asNumber": "{{ local_as }}"
+ },
+ "orchRefs": [{"nodeName": "{{ inventory_hostname }}", "orchestrator": "k8s"}]
+ }}
+ register: output
+ retries: 0
+ until: output.rc == 0
+ delay: "{{ retry_stagger | random + 3 }}"
+ when:
+ - inventory_hostname in groups['k8s_cluster']
+ - local_as is defined
+ - groups['calico_rr'] | default([]) | length == 0
+ - output_get_node.rc == 0
+
- name: Calico | Configure node asNumber for per node peering
command:
cmd: "{{ bin_dir }}/calicoctl.sh apply -f -"
@@ -48,6 +80,7 @@
- inventory_hostname in groups['k8s_cluster']
- local_as is defined
- groups['calico_rr'] | default([]) | length == 0
+ - output_get_node.rc != 0
- name: Calico | Configure peering with router(s) at node scope
command:
diff --git a/roles/reset/tasks/main.yml b/roles/reset/tasks/main.yml
index 98950966d..0f13f686b 100644
--- a/roles/reset/tasks/main.yml
+++ b/roles/reset/tasks/main.yml
@@ -7,6 +7,8 @@
- kubelet.service
- cri-dockerd.service
- cri-dockerd.socket
+ - etcd.service
+ - etcd-events.service
failed_when: false
tags:
- services
@@ -24,6 +26,8 @@
- crio.service.d/http-proxy.conf
- k8s-certs-renew.service
- k8s-certs-renew.timer
+ - etcd.service
+ - etcd-events.service
register: services_removed
tags:
- services
@@ -134,28 +138,6 @@
ignore_errors: true # noqa ignore-errors
changed_when: true
-- name: Reset | stop etcd services
- service:
- name: "{{ item }}"
- state: stopped
- with_items:
- - etcd
- - etcd-events
- failed_when: false
- tags:
- - services
-
-- name: Reset | remove etcd services
- file:
- path: "/etc/systemd/system/{{ item }}.service"
- state: absent
- with_items:
- - etcd
- - etcd-events
- register: services_removed
- tags:
- - services
-
- name: Reset | remove containerd
when: container_manager == 'containerd'
block:
diff --git a/scripts/gen_docs_sidebar.sh b/scripts/gen_docs_sidebar.sh
new file mode 100755
index 000000000..c7e0d29bf
--- /dev/null
+++ b/scripts/gen_docs_sidebar.sh
@@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+
+# Generate documentation
+# This script generates a list of all the markdown files in the docs folder
+# and prints them in a markdown list format.
+# The script will print the name of the folder and the files inside it.
+# The script will also convert the folder and file names to a more human-readable format.
+# The script will ignore any files that are not markdown files.
+# Usage: bash scripts/gen_docs_sidebar.sh > docs/_sidebar.md
+
+echo "* [Readme](/)"
+
+for folder in $(find docs/*/ | sort -f); do
+ # Check if it is a directory
+ if [ -d "$folder" ]; then
+ subdir=$(basename "$folder")
+ subdir=${subdir//_/ } # Replace "_" with empty string
+ subdir=$(echo "$subdir" | awk '{for(i=1;i<=NF;i++)sub(/./,toupper(substr($i,1,1)),$i)}1') # Convert first letter of each word to uppercase
+ if [ -n "$(find "$folder" -name '*.md' -type f)" ]; then
+ echo "* $subdir"
+ fi
+ for file in $(find docs/"$(basename "$folder")"/*.md | sort -f); do
+ if [ -f "$file" ]; then
+ FILE=$(basename "$file" .md)
+ FILE=${FILE//_/ } # Replace "_" with empty string
+ FILE=$(echo "$FILE" | awk '{for(i=1;i<=NF;i++)sub(/./,toupper(substr($i,1,1)),$i)}1') # Convert first letter of each word to uppercase
+ echo " * [$FILE](/$file)"
+ fi
+ done
+ fi
+done
diff --git a/test-infra/image-builder/roles/kubevirt-images/defaults/main.yml b/test-infra/image-builder/roles/kubevirt-images/defaults/main.yml
index c9f3699c6..1b9f5d401 100644
--- a/test-infra/image-builder/roles/kubevirt-images/defaults/main.yml
+++ b/test-infra/image-builder/roles/kubevirt-images/defaults/main.yml
@@ -20,6 +20,13 @@ images:
converted: false
tag: "latest"
+ ubuntu-2404:
+ filename: noble-server-cloudimg-amd64.img
+ url: https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img
+ checksum: sha256:0cf56a2b23b430c350311dbcb9221b64823a5f7a401b5cf6ab4821f2ffdabe76
+ converted: false
+ tag: "latest"
+
fedora-37:
filename: Fedora-Cloud-Base-37-1.7.x86_64.qcow2
url: https://download.fedoraproject.org/pub/fedora/linux/releases/37/Cloud/x86_64/images/Fedora-Cloud-Base-37-1.7.x86_64.qcow2
diff --git a/tests/cloud_playbooks/roles/packet-ci/defaults/main.yml b/tests/cloud_playbooks/roles/packet-ci/defaults/main.yml
index c3e801a97..59ef0f8fe 100644
--- a/tests/cloud_playbooks/roles/packet-ci/defaults/main.yml
+++ b/tests/cloud_playbooks/roles/packet-ci/defaults/main.yml
@@ -41,4 +41,5 @@ cloud_init:
amazon-linux-2: "I2Nsb3VkLWNvbmZpZwpzeXN0ZW1faW5mbzoKICBkaXN0cm86IHJoZWwKdXNlcnM6CiAtIG5hbWU6IGt1YmVzcHJheQogICBncm91cHM6IHdoZWVsCiAgIHN1ZG86ICdBTEw9KEFMTCkgTk9QQVNTV0Q6QUxMJwogICBzaGVsbDogL2Jpbi9iYXNoCiAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICBob21lOiAvaG9tZS9rdWJlc3ByYXkKICAgc3NoX2F1dGhvcml6ZWRfa2V5czoKICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1Cgo="
ubuntu-2004: "I2Nsb3VkLWNvbmZpZwogdXNlcnM6CiAgLSBuYW1lOiBrdWJlc3ByYXkKICAgIHN1ZG86IEFMTD0oQUxMKSBOT1BBU1NXRDpBTEwKICAgIHNoZWxsOiAvYmluL2Jhc2gKICAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICAgaG9tZTogL2hvbWUva3ViZXNwcmF5CiAgICBzc2hfYXV0aG9yaXplZF9rZXlzOgogICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1"
ubuntu-2204: "I2Nsb3VkLWNvbmZpZwogdXNlcnM6CiAgLSBuYW1lOiBrdWJlc3ByYXkKICAgIHN1ZG86IEFMTD0oQUxMKSBOT1BBU1NXRDpBTEwKICAgIHNoZWxsOiAvYmluL2Jhc2gKICAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICAgaG9tZTogL2hvbWUva3ViZXNwcmF5CiAgICBzc2hfYXV0aG9yaXplZF9rZXlzOgogICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1"
+ ubuntu-2404: "I2Nsb3VkLWNvbmZpZwogdXNlcnM6CiAgLSBuYW1lOiBrdWJlc3ByYXkKICAgIHN1ZG86IEFMTD0oQUxMKSBOT1BBU1NXRDpBTEwKICAgIHNoZWxsOiAvYmluL2Jhc2gKICAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICAgaG9tZTogL2hvbWUva3ViZXNwcmF5CiAgICBzc2hfYXV0aG9yaXplZF9rZXlzOgogICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1"
oracle-7: "I2Nsb3VkLWNvbmZpZwpzeXN0ZW1faW5mbzoKICBkaXN0cm86IHJoZWwKdXNlcnM6CiAtIG5hbWU6IGt1YmVzcHJheQogICBncm91cHM6IHdoZWVsCiAgIHN1ZG86ICdBTEw9KEFMTCkgTk9QQVNTV0Q6QUxMJwogICBzaGVsbDogL2Jpbi9iYXNoCiAgIGxvY2tfcGFzc3dkOiBGYWxzZQogICBob21lOiAvaG9tZS9rdWJlc3ByYXkKICAgc3NoX2F1dGhvcml6ZWRfa2V5czoKICAgICAtIHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQURBUUFCQUFBQkFRQ2FuVGkvZUt4MCt0SFlKQWVEaHErc0ZTMk9iVVAxL0k2OWY3aVYzVXRrS2xUMjBKZlcxZjZGZVh0LzA0VmYyN1dRcStOcXM2dkdCcUQ5UVhTWXVmK3QwL3M3RVBMalRlaTltZTFtcHFyK3VUZStLRHRUUDM5cGZEMy9lVkNhZUI3MjZHUDJGa2FEMEZ6cG1FYjY2TzNOcWh4T1E5Nkd4LzlYVHV3L0szbGxqNE9WRDZHcmpSM0I3YzRYdEVCc1pjWnBwTUovb0gxbUd5R1hkaDMxbVdRU3FBUk8vUDhVOEd3dDArSEdwVXdoL2hkeTN0K1NZb1RCMkd3VmIwem95Vnd0VnZmRFF6c204ZnEzYXY0S3ZlejhrWXVOREp2MDV4NGx2VVpnUjE1WkRSWHNBbmRoUXlxb1hkQ0xBZTArZWFLWHE5QmtXeEtGYjloUGUwQVVqamE1Cgo="
diff --git a/tests/files/packet_ubuntu24-all-in-one-docker.yml b/tests/files/packet_ubuntu24-all-in-one-docker.yml
new file mode 100644
index 000000000..b8318d49a
--- /dev/null
+++ b/tests/files/packet_ubuntu24-all-in-one-docker.yml
@@ -0,0 +1,18 @@
+---
+# Instance settings
+cloud_image: ubuntu-2404
+mode: all-in-one
+vm_memory: 1600Mi
+
+# Kubespray settings
+auto_renew_certificates: true
+
+# Currently ipvs not available on KVM: https://packages.ubuntu.com/search?suite=noble&arch=amd64&mode=exactfilename&searchon=contents&keywords=ip_vs_sh.ko
+kube_proxy_mode: iptables
+enable_nodelocaldns: False
+
+# Use docker
+container_manager: docker
+etcd_deployment_type: docker
+resolvconf_mode: docker_dns
+docker_repo_key_keyring: /etc/apt/trusted.gpg.d/docker.gpg
diff --git a/tests/files/packet_ubuntu24-calico-all-in-one.yml b/tests/files/packet_ubuntu24-calico-all-in-one.yml
new file mode 100644
index 000000000..286034b27
--- /dev/null
+++ b/tests/files/packet_ubuntu24-calico-all-in-one.yml
@@ -0,0 +1,24 @@
+---
+# Instance settings
+cloud_image: ubuntu-2404
+mode: all-in-one
+vm_memory: 1600Mi
+
+# Kubespray settings
+auto_renew_certificates: true
+
+# Currently ipvs not available on KVM: https://packages.ubuntu.com/search?suite=noble&arch=amd64&mode=exactfilename&searchon=contents&keywords=ip_vs_sh.ko
+kube_proxy_mode: iptables
+enable_nodelocaldns: False
+
+containerd_registries_mirrors:
+ - prefix: docker.io
+ mirrors:
+ - host: https://mirror.gcr.io
+ capabilities: ["pull", "resolve"]
+ skip_verify: false
+ - prefix: 172.19.16.11:5000
+ mirrors:
+ - host: http://172.19.16.11:5000
+ capabilities: ["pull", "resolve", "push"]
+ skip_verify: true
diff --git a/tests/files/packet_ubuntu22-calico-etcd-datastore.yml b/tests/files/packet_ubuntu24-calico-etcd-datastore.yml
similarity index 88%
rename from tests/files/packet_ubuntu22-calico-etcd-datastore.yml
rename to tests/files/packet_ubuntu24-calico-etcd-datastore.yml
index e2d3cb72a..ec7747de2 100644
--- a/tests/files/packet_ubuntu22-calico-etcd-datastore.yml
+++ b/tests/files/packet_ubuntu24-calico-etcd-datastore.yml
@@ -1,13 +1,13 @@
---
# Instance settings
-cloud_image: ubuntu-2204
+cloud_image: ubuntu-2404
mode: node-etcd-client
vm_memory: 1600Mi
# Kubespray settings
auto_renew_certificates: true
-# Currently ipvs not available on KVM: https://packages.ubuntu.com/search?suite=focal&arch=amd64&mode=exactfilename&searchon=contents&keywords=ip_vs_sh.ko
+# Currently ipvs not available on KVM: https://packages.ubuntu.com/search?suite=noble&arch=amd64&mode=exactfilename&searchon=contents&keywords=ip_vs_sh.ko
kube_proxy_mode: iptables
enable_nodelocaldns: False
diff --git a/tests/requirements.txt b/tests/requirements.txt
index 737a5fc82..f1d6ff109 100644
--- a/tests/requirements.txt
+++ b/tests/requirements.txt
@@ -1,12 +1,12 @@
-r ../requirements.txt
-ansible-lint==6.22.2
+ansible-lint==24.2.3
apache-libcloud==3.8.0
-ara[server]==1.7.0
+ara[server]==1.7.1
dopy==0.3.7
-molecule==6.0.2
+molecule==24.2.1
molecule-plugins[vagrant]==23.5.3
python-vagrant==1.0.0
-pytest-testinfra==9.0.0
+pytest-testinfra==10.1.0
tox==4.15.0
-yamllint==1.32.0
+yamllint==1.35.1
tzdata==2024.1
diff --git a/tests/scripts/md-table/test.sh b/tests/scripts/md-table/test.sh
index 46daa6384..cf9df9085 100755
--- a/tests/scripts/md-table/test.sh
+++ b/tests/scripts/md-table/test.sh
@@ -7,5 +7,5 @@ pip install -r ./tests/scripts/md-table/requirements.txt
echo "Generate current file..."
./tests/scripts/md-table/main.py > tmp.md
-echo "Compare docs/ci.md with actual tests in tests/files/*.yml ..."
-cmp docs/ci.md tmp.md
+echo "Compare docs/developers/ci.md with actual tests in tests/files/*.yml ..."
+cmp docs/developers/ci.md tmp.md
diff --git a/tests/scripts/testcases_run.sh b/tests/scripts/testcases_run.sh
index 7cd4671a7..a1c09be66 100755
--- a/tests/scripts/testcases_run.sh
+++ b/tests/scripts/testcases_run.sh
@@ -2,7 +2,6 @@
set -euxo pipefail
echo "CI_JOB_NAME is $CI_JOB_NAME"
-CI_TEST_ADDITIONAL_VARS=""
if [[ "$CI_JOB_NAME" =~ "upgrade" ]]; then
if [ "${UPGRADE_TEST}" == "false" ]; then
@@ -42,26 +41,6 @@ if [[ "$CI_JOB_NAME" =~ "opensuse" ]]; then
ansible all -m raw -a 'zypper --gpg-auto-import-keys refresh'
fi
-if [[ "$CI_JOB_NAME" =~ "ubuntu" ]]; then
- # We need to tell ansible that ubuntu hosts are python3 only
- CI_TEST_ADDITIONAL_VARS="-e ansible_python_interpreter=/usr/bin/python3"
-fi
-
-ENABLE_020_TEST="true"
-ENABLE_030_TEST="true"
-ENABLE_040_TEST="true"
-if [[ "$CI_JOB_NAME" =~ "macvlan" ]]; then
- ENABLE_020_TEST="false"
- ENABLE_030_TEST="false"
- ENABLE_040_TEST="false"
-fi
-
-if [[ "$CI_JOB_NAME" =~ "hardening" ]]; then
- # TODO: We need to remove this condition by finding alternative container
- # image instead of netchecker which doesn't work at hardening environments.
- ENABLE_040_TEST="false"
-fi
-
# Check out latest tag if testing upgrade
test "${UPGRADE_TEST}" != "false" && git fetch --all && git checkout "$KUBESPRAY_VERSION"
# Checkout the CI vars file so it is available
@@ -69,21 +48,41 @@ test "${UPGRADE_TEST}" != "false" && git checkout "${CI_COMMIT_SHA}" tests/files
test "${UPGRADE_TEST}" != "false" && git checkout "${CI_COMMIT_SHA}" ${CI_TEST_REGISTRY_MIRROR}
test "${UPGRADE_TEST}" != "false" && git checkout "${CI_COMMIT_SHA}" ${CI_TEST_SETTING}
+
+run_playbook () {
+playbook=$1
+shift
+# We can set --limit here and still pass it as supplemental args because `--limit` is a 'last one wins' option
+ansible-playbook --limit "all:!fake_hosts" \
+ $ANSIBLE_LOG_LEVEL \
+ -e @${CI_TEST_SETTING} \
+ -e @${CI_TEST_REGISTRY_MIRROR} \
+ -e @${CI_TEST_VARS} \
+ -e local_release_dir=${PWD}/downloads \
+ "$@" \
+ ${playbook}
+}
+
# Create cluster
-ansible-playbook ${ANSIBLE_LOG_LEVEL} -e @${CI_TEST_SETTING} -e @${CI_TEST_REGISTRY_MIRROR} -e @${CI_TEST_VARS} -e local_release_dir=${PWD}/downloads --limit "all:!fake_hosts" cluster.yml
+run_playbook cluster.yml
# Repeat deployment if testing upgrade
-if [ "${UPGRADE_TEST}" != "false" ]; then
- test "${UPGRADE_TEST}" == "basic" && PLAYBOOK="cluster.yml"
- test "${UPGRADE_TEST}" == "graceful" && PLAYBOOK="upgrade-cluster.yml"
- git checkout "${CI_COMMIT_SHA}"
- ansible-playbook ${ANSIBLE_LOG_LEVEL} -e @${CI_TEST_SETTING} -e @${CI_TEST_REGISTRY_MIRROR} -e @${CI_TEST_VARS} -e local_release_dir=${PWD}/downloads --limit "all:!fake_hosts" $PLAYBOOK
-fi
+case "${UPGRADE_TEST}" in
+
+ "basic")
+ run_playbook cluster.yml
+ ;;
+ "graceful")
+ run_playbook upgrade-cluster.yml
+ ;;
+ *)
+ ;;
+esac
# Test control plane recovery
if [ "${RECOVER_CONTROL_PLANE_TEST}" != "false" ]; then
- ansible-playbook ${ANSIBLE_LOG_LEVEL} -e @${CI_TEST_SETTING} -e @${CI_TEST_REGISTRY_MIRROR} -e @${CI_TEST_VARS} -e local_release_dir=${PWD}/downloads --limit "${RECOVER_CONTROL_PLANE_TEST_GROUPS}:!fake_hosts" -e reset_confirmation=yes reset.yml
- ansible-playbook ${ANSIBLE_LOG_LEVEL} -e @${CI_TEST_SETTING} -e @${CI_TEST_REGISTRY_MIRROR} -e @${CI_TEST_VARS} -e local_release_dir=${PWD}/downloads -e etcd_retries=10 --limit "etcd:kube_control_plane:!fake_hosts" recover-control-plane.yml
+ run_playbook reset.yml --limit "${RECOVER_CONTROL_PLANE_TEST_GROUPS}:!fake_hosts" -e reset_confirmation=yes
+ run_playbook recover-control-plane.yml -e etcd_retries=10 --limit "etcd:kube_control_plane:!fake_hosts"
fi
# Test collection build and install by installing our collection, emptying our repository, adding
@@ -114,61 +113,59 @@ EOF
# Write remove-node.yml
cat > remove-node.yml <