Commit Graph

983 Commits (master)

Author SHA1 Message Date
flxbwr ad565ad922
Fix waiting for MetalLB controller (#10858)
The current state waiting method is bad to implement.
When changing the deployment version, which is execute with the upgrade_cluster in the previous ansible task: "Kubernetes Apps | Install and configure MetalLB", next ansible task: "Kubernetes Apps | Wait for MetalLB controller to be running" may fall with an error.
2024-02-06 02:58:59 -08:00
Max Gautier c80f2cd573
Allow the DNS stack to be backward compatible with an old dns_domain (#10630)
Handle all old dns domains:
- for nodelocaldns: in the same server block as the current dns_domain
- for coredns: uffix rewrite of each of the old dns domains to the
  current one
2024-01-24 06:31:22 +01:00
Daniel Strufe 2eb588bed9
Update external huawei cloud controller to 0.26.6 (#10824)
* Update huaweicloud controller to 0.26.6

See <https://github.com/kubernetes-sigs/cloud-provider-huaweicloud/compare/v0.26.3...v0.26.6>

* Update huaweicloud sample to use 0.26.6
2024-01-23 09:28:00 +01:00
Louis Tu a88bad7947
Add scheduler plugins support (#10747)
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2024-01-23 07:42:33 +01:00
Max Gautier 89d42a7716
Fix coredns_dual usage (#10821) 2024-01-22 18:36:16 +01:00
Alexander de2c4429a4
Enable configuring mountOptions, reclaimPolicy and volumeBindingMode … (#10450)
* Enable configuring mountOptions, reclaimPolicy and volumeBindingMode for cinder-csi StorageClasses

* Check if class.mount_options is defined at all, before generating the option list
2024-01-22 18:00:34 +01:00
lobiyed.karim 7b7c9f509e
Add PodDisruptionBudget for CoreDNS deployment. Allows users to control disruption behavior and set maximum unavailable pods (#10557) 2024-01-16 10:04:47 +01:00
Gaëtan Trellu 50fbfa2a9a
Fix PyYAML package name on SLES and openSUSE (#10794) 2024-01-15 04:21:08 +01:00
Louis Tu ddf5c6ee12
Update coredns rolling update strategy (#10748)
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2024-01-08 17:38:05 +01:00
刘旭 08c0b34270
[cert-manager] upgrade to v1.13.2 (#10616) 2024-01-05 04:45:10 +01:00
Max Gautier 471326f458
Remove PodSecurityPolicy support and references (#10723)
This is removed from kubernetes since 1.25, time to cut some dead code.
2023-12-18 14:13:43 +01:00
Michael Kebe d435edefc4
Removed DEPRECATED --logtostderr from metrics-server (#10709)
The --logtostderr is deprecated.

https://github.com/kubernetes/enhancements/tree/master/keps/sig-instrumentation/2845-deprecate-klog-specific-flags-in-k8s-components
2023-12-14 22:49:28 +01:00
刘旭 eb73f1d27d
support disable dns autoscaler when use CoreDNS (#10608) 2023-12-14 10:03:34 +01:00
Max Gautier 85f15900a4
Remove unneeded workaround for removing kubeadm DNS (#10695)
Kubeadm dns phase is correctly skipped.
This was a workaround for kubernetes/kubeadm#1557, which was actually
not a bug ; the correct fix was #4867
2023-12-07 12:54:15 +01:00
Alexander c440106eff
add dnsPolicy: ClusterFirstWithHostNet to DaemonSets with hostNetwork: true value to avoid DNSConfigFormat events (#10618) 2023-12-05 02:52:17 +01:00
Valerii Kretinin cf3ac625da
revert env section deletion (#10655) 2023-11-28 09:47:46 +01:00
刘旭 bc5b38a771
support CoreDNS use host network and config dns port (#10617) 2023-11-17 14:41:53 +01:00
Seal1998 6305dd39e9
Metallb --lb-class cmd arg to support multiple LoadBalancer implementations (#10550)
* metallb --lb-class cmd arg to support multiple load balancer implementations

* removed loadbalancer_class from metallb_config; metallb_loadbalancer_class in role defaults
2023-11-08 12:43:48 +01:00
Mohamed Omar Zaian f5f1f9478c
[argocd] update argocd to v2.8.4 (#10568) 2023-10-30 12:54:26 +01:00
Unai Arríen 228efcba0e
Migrate node-role.kubernetes.io/master to node-role.kubernetes.io/con… (#10464)
* Migrate node-role.kubernetes.io/master to node-role.kubernetes.io/control-plane

* Migrate node-role.kubernetes.io/master to node-role.kubernetes.io/control-plane

* Migrate node-role.kubernetes.io/master to node-role.kubernetes.io/control-plane
2023-10-17 21:39:40 +02:00
Elias-elastisys d3101d65aa
Added templating to coredns error to allow for consolidation (#10501) 2023-10-10 14:32:41 +02:00
蔣 航 c6ab6406c2
Add Retry for Applying PriorityClass (#10469)
Signed-off-by: hang.jiang <hang.jiang@daocloud.io>
2023-09-24 19:54:56 -07:00
Christian 7919a47165
[metallb] add config option for IPAddressPool avoidBuggyIPs (#10458)
* Add avoid_buggy_ips as optional
* Revert avoid_buggy_ips default back to false
* Change auto_assign to optional, default true
2023-09-21 20:29:49 -07:00
Mohamed Omar Zaian bc5e33791f
[vsphere_csi] Update to 3.1.0 (#10451) 2023-09-20 04:56:00 -07:00
Florian Ruynat 493969588e
Use cluster_name variable instead of hardcoded value in cinder-csi controller plugin (#10422) 2023-09-08 07:18:16 -07:00
Daniel Strufe e573a2f6d4
Add huawei cloud controller (#10198)
* Add huaweicloud as external cloud controller

* Add huaweicloud example config

* Rename AK,SK to ACCESS_KEY and SECRET_KEY

* Add reference to huaweicloud

* Fix variable naming

* Fix env var name

* Update example

* Fix variable naming

* Fix cloud_config path

* Add namespace for leader election

* Revert reviewers

* Delete OWNERS

Delete owners who are not responsible here.

* Fix build validation
2023-08-24 18:55:17 -07:00
Mohamed Omar Zaian a894a5e29b
[argocd] update argocd to v2.8.0 (#10364) 2023-08-16 21:38:20 -07:00
cortex3 4c37399c75
fix hcloud-cloud-controller-manager not working in certain setups (#10297) 2023-08-16 05:14:27 -07:00
Arthur Outhenin-Chalandre d21bfb84ad
project: resolve ansible-lint key-order rule (#10314)
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-08-10 00:57:27 -07:00
Nicolas Goudry 2a7c9d27b2
fix(multus): loop_control template error when item is None (#10347) 2023-08-09 20:51:26 -07:00
Arthur Outhenin-Chalandre 36e5d742dc
Resolve ansible-lint name errors (#10253)
* project: fix ansible-lint name

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: ignore jinja template error in names

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: capitalize ansible name

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: update notify after name capitalization

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-07-26 07:36:22 -07:00
Arthur Outhenin-Chalandre 5d00b851ce
project: fix var-spacing ansible rule (#10266)
* project: fix var-spacing ansible rule

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing on the beginning/end of jinja template

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing of default filter

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix spacing between filter arguments

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix double space at beginning/end of jinja

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix remaining jinja[spacing] ansible-lint warning

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-07-04 20:36:54 -07:00
Arthur Outhenin-Chalandre f8f197e26b
Fix outdated tag and experimental ansible-lint rules (#10254)
* project: fix outdated tag and experimental

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: remove no longer useful noqa 301

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: replace unnamed-task by name[missing]

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: fix daemon-reload -> daemon_reload

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-06-30 02:51:57 -07:00
Arthur Outhenin-Chalandre 37e004164b
metallb: increase wait timeout from 30s to 2m (#10260)
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-06-27 20:54:32 -07:00
Arthur Outhenin-Chalandre 25cb90bc2d
Upgrade ansible (#10190)
* project: update all dependencies including ansible

Upgrade to ansible 7.x and ansible-core 2.14.x. There seems to be issue
with ansible 8/ansible-core 2.15 so we remain on those versions for now.
It's quite a big bump already anyway.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* tests: install aws galaxy collection

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* ansible-lint: disable various rules after ansible upgrade

Temporarily disable a bunch of linting action following ansible upgrade.
Those should be taken care of separately.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: resolve deprecated-module ansible-lint error

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: resolve no-free-form ansible-lint error

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: resolve schema[meta] ansible-lint error

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: resolve schema[playbook] ansible-lint error

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: resolve schema[tasks] ansible-lint error

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: resolve risky-file-permissions ansible-lint error

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: resolve risky-shell-pipe ansible-lint error

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: remove deprecated warn args

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: use fqcn for non builtin tasks

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: resolve syntax-check[missing-file] for contrib playbook

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: use arithmetic inside jinja to fix ansible 6 upgrade

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-06-26 03:15:45 -07:00
Arthur Outhenin-Chalandre 4ad89ef8f1
local_path_provisioner: fix invalid podhelper yaml (#10237)
New line was not inserted between image and imagePullPolicy for some
reasons with the jinja. Simplifying this altogether should fix this.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-06-20 20:10:21 -07:00
Samuel Liu db696785d5
update local path provisioner version and remove psp (#10054)
* update local_path_provisioner_version

* remove psp and update cm
2023-06-19 11:44:21 -07:00
Mohamed Omar Zaian ad3f84df98
[argocd] update argocd to v2.7.4 (#10226) 2023-06-19 07:20:22 -07:00
Samuel Liu d296adcd65
allow change argocd url (#10176) 2023-06-18 19:18:20 -07:00
palme 775851b00c
[flatcar] add python dependency check for helm-apps (#10192)
* add pyyaml install via task instead of package

* Change condition for better consistency in the codebase
2023-06-12 17:51:58 -07:00
Arthur Outhenin-Chalandre f8fadf53cd
helm: fix pyyaml package on RH distros (#10204)
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-06-12 17:39:57 -07:00
Ashish Singh Dev fc5937e948
fix gce-pd-csi driver (#10208)
* fix gce-pd-csi driver

* fixed, 1. reading replicas value from defaults.yml, and 2. corrected gcp-pd-csi driver version in README.md
2023-06-11 20:45:47 -07:00
James 4c76feb574
Kubelet csr approver fixes (#10165)
* Fix upgrade-path for kubelet-csr-approver

Fixes an error when you enable kubelet-csr-approver when upgrading.
It hangs waiting for the certificate to be approved since the
kubelet-csr-approver is not installed yet.

* Add missing package when using helm role
2023-06-06 02:27:00 -07:00
Mohamed Omar Zaian b7fa2d7b87
Fix metrics-server for k8s 1.26 (#10183) 2023-06-02 18:16:40 -07:00
Samuel Liu 7771ac6074
add krew_no_upgrade_check (#10175) 2023-06-02 18:12:40 -07:00
Richard Fairthorne ce18b0f22d
fix missing newline in template (#10174) 2023-05-31 23:27:45 -07:00
Aleksandr Karabanov 2d8f60000c
Solves #2933: Allow http_proxy, https_proxy and no_proxy environment variables in cert-manager playbook (#10162) 2023-05-31 20:23:45 -07:00
Jeroen Rijken ea7dcd46d7
Update MetalLB deployment, wait for resource. (#9995)
* Update MetalLB deployment, wait for resource.

Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>

* yml to yaml, add basic test for metallb

Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>

---------

Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2023-05-30 11:37:49 -07:00
Maxime Leroy 29f833e9a4
fix(ssl-ca): mount ssl ca directories (#9794)
Signed-off-by: Maxime Leroy <19607336+maxime1907@users.noreply.github.com>
2023-05-28 19:43:42 -07:00
ERIK 75e00420ec
Add arch and version to the downloaded binary name (#10122)
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-05-24 22:30:50 -07:00
Rob Tongue f264426646
cert-manager controller args: (#10049)
- Adding in the ability to feed extra-args to cert-manager-controller.
2023-05-24 08:12:53 -07:00
Mathias Petermann 862fd2c5c4
feature(ingress_nginx) Add ingressclass for ingress_nginx (#10091)
Add option to configure class as the default class
Add option to disable wathcing for ingresses without class

Remove redundant if that always evaluates to true

Fix default value missing for ingress_nginx_default
2023-05-24 04:12:50 -07:00
darkobas2 4014a1cccb
fix multus include (#10105)
``
"msg": "Failed to template loop_control.label: 'ansible.utils.unsafe_proxy.AnsibleUnsafeText object' has no attribute 'item'. 'ansible.utils.unsafe_proxy.AnsibleUnsafeText object' has no attribute 'item'", "skip_reason": "Conditional result was False"}
``
fixes case when multus should NOT be included.
2023-05-23 01:12:27 -07:00
Mohamed Omar Zaian 9405eb821b
[feature] Supprt enabling cpu limit in corends deployment (#10103) 2023-05-19 03:38:29 -07:00
Kenichi Omichi 7afbdb3e1e
Drop canal network_plugin (#10100)
According to the canal github[1] the repo is not maintained over 5 years.
In addition, the README says
```
  Originally, we thought we might more deeply integrate the two projects
  (possibly even going as far as a rebranding!). However, over time it
  became clear that that wasn't really necessary to fulfil our goal of
  making them work well together. Ultimately, we decided to focus on
  adding features to both projects rather than doing work just to
  combine them.
```
So it is difficult to support canal by Kubespray at this situation.

[1]: https://github.com/projectcalico/canal
2023-05-18 03:40:33 -07:00
Maxime Leroy 4ffe138dfa
feat(coredns): coredns_rewrite_block to perform internal message rewriting (#10045)
Signed-off-by: Maxime Leroy <19607336+maxime1907@users.noreply.github.com>
2023-05-12 14:32:46 -07:00
James 07d45e6b62
Kubelet csr approver (#9877)
* chore(helm-apps): fix README example

README shows a non-working example according to the specs for this role.

* Add support for kubelet-csr-approver

Co-Authored-By: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* Add tests for kubelet-csr-approver

Co-Authored-By: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* Add Documentation for Kubelet CSR Approver

Co-Authored-By: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Co-authored-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-05-10 17:49:09 -07:00
John Adams 9a72de54de
Cleanup of external openstack cloud config (#9899)
* redorder options and remove use-octavia

* lowercase true/false
2023-05-10 03:41:02 -07:00
Navid Nabavi 4313c13656
[feature] Add coredns_additional_configs to handle any extra configurations for coredns deployment (#10023) (#10025) 2023-05-09 06:45:58 -07:00
Eugene Marchanka c880b24a80
[MetalLB] Remove unused resources (#10004)
* Fix MetalLB deploy

This will fix MetalLB deploy

* Remove `metallb_ip_range` check

* Remove missing `metallb-config.yml`

* fix template name

* make deployment of layer3 conditional

* revert

* revert
2023-05-08 17:20:52 -07:00
Mohamed Omar Zaian a505a4c71f
[feat] Update metrics server to v0.6.3 (#10026) 2023-04-26 04:10:16 -07:00
pli 8727f88e41
metrics_server: add extras nodeselector, affinity, tolerations (#9972)
* metrics_server: add extras nodeselector, affinity, tolerations

* fix tolerations invalid YAML if undefined
2023-04-26 00:30:16 -07:00
Mohamed Omar Zaian 4deeaba335
[feature] Update dns-autoscaler (#9996) 2023-04-24 02:47:01 -07:00
Jeroen Rijken 709ae1d244
Update MetalLB and switch to CRD notation. (#9120)
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2023-04-14 01:14:41 -07:00
Mohamed Omar Zaian ed6f8df784
[feature] Update CoreDNS manifests (#9977) 2023-04-12 21:38:35 -07:00
Eugene Marchanka eecaec2919
[vSphere-csi-driver] Custom namespace fails playbook (#9946)
* Fix: vSphere Error: `Apply a CSI secret manifest`

This PR will fix an issue that you will see on 2nd deploy when deploying External vSphere
How to re-produce:
1. Set custom `vsphere_csi_namespace: "vmware-system-csi"`
2. Deploy as usual
3. Observe no errors
4. Deploy 2nd time without `reset`
5. Playbook fails with:
```
TASK [kubernetes-apps/csi_driver/vsphere : vSphere CSI Driver | Apply a CSI secret manifest]
fatal: [node-00]: FAILED! => changed=true                                                                                                                                                 
  censored: 'the output has been hidden due to the fact that ''no_log: true'' was specified for this result'
```

* create namespace if does not exist

* lint fix

* try to fix lint errors

* fix `too few spaces before comment`

* change the order of applied manifests

* typo
2023-04-09 22:13:15 -07:00
Dominykas Norkus 5e2cb4d244
Add bind address variable to OCCM (#9958) 2023-04-04 15:57:40 -07:00
Mohamed Omar Zaian dff58023d9
[argocd] update argocd to v2.6.7 (#9953) 2023-04-04 12:01:43 -07:00
Mathias Petermann dcc04e54f3
fix(cert manager): Fix manifest if cert_manager_trusted_internal_ca is provided (#9922) 2023-03-27 08:12:28 -07:00
panguicai 1555d78155
upgrade argocd to v2.6.3 (#9848)
Signed-off-by: panguicai008 <1121906548@qq.com>
2023-03-03 06:44:58 -08:00
Eugene Artemenko 5cbcec8968
Add resources section to all containers releated to Vsphere CSI driver (#9687) 2023-02-27 02:36:20 -08:00
Mohamed Zaian 260dad8f10
[ingress-nginx] upgrade to 1.6.4 (#9818) 2023-02-23 01:35:34 -08:00
pli 4ba1df5237
Fix kubernetes-app/argocd: download related things with the download role (#9786)
* Fix yq install in argocd role: use download_file instead of get_url

* Fix use download_file instead of get_url to download argocd-install manifest in argocd role

* Fix order and add arm64 checksum

* Fix: Failed to template loop_control.label: 'None'
2023-02-19 16:11:37 -08:00
Bas 2c93c997cf
pre-commit autocorrected files (#9750) 2023-02-06 01:35:16 -08:00
manzsolutions-lpr 6c41191646
Add support for PodSecurityStandards (#9713) 2023-02-06 01:27:01 -08:00
Kevin Huang 1853085ffe
feat(cinder-csi): Allow deletionPolicy to be configurable (#9736) 2023-02-02 15:46:28 -08:00
stelucz 9247137e60
Replace label `k8s-app: nodelocaldns` in DaemonSet template by `k8s-app: node-local-dns` (#9745) 2023-02-02 15:42:28 -08:00
杨刚 (成都) e8f048c71d
[argocd] update argocd to v2.5.10 (#9753)
Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-02-02 15:38:29 -08:00
杨刚 (成都) b9a34b83d4
[argocd] update argocd to v2.5.9 (#9723)
Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-01-28 19:14:33 -08:00
杨刚 8d6cfd6e53
[argocd] update argocd to v2.5.8 (#9708)
Signed-off-by: yanggang <gang.yang@daocloud.io>

Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-01-27 00:14:25 -08:00
ERIK ee2193d4cf
Add dns configuration for cert manager (#9673)
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>

Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2023-01-23 17:42:15 -08:00
yanggang fd80ef1ff1
[argocd] update argocd to v2.5.7 (#9682)
Signed-off-by: yanggang <gang.yang@daocloud.io>

Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-01-18 15:38:34 -08:00
Arthur Outhenin-Chalandre 4a6eb7eaa2
enable back kubelet_authorization_mode_webhook by default (#9662)
In 6db6c8678c, this was disabled becaue
kubesrpay gave too much permissions that were not needed. This commit
re-enable back this option by default and also removes the extra
permissions that kubespray gave that were in fact not needed.

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-01-16 23:56:32 -08:00
Vitaly Yakovenko d919c58e21
[multus] added support for mixed type of container engine (#9224)
* [multus] added support for mixed type of container engine

* [multus] fixed for using with cluster/upgrade-cluster/scale playbooks
2023-01-16 23:30:33 -08:00
Mohamed Zaian c7cffb14a7
[cert-manager] update cert-manager to v1.11.0 (#9661) 2023-01-16 02:36:51 -08:00
yanggang 6b4bb2a121
[argocd] update argocd to v2.5.6 (#9654)
Signed-off-by: yanggang <gang.yang@daocloud.io>

Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-01-15 21:16:50 -08:00
László Rafael ea35021c96
Add defaults for external_vsphere_user and external_vsphere_password in the vsphere csi_driver (#9664) 2023-01-14 14:24:14 -08:00
Marijn van der Giesen 0d5bcd3e20
feat(coredns): Forward extra domains to coredns kubernetes plugin (#9635) 2023-01-05 06:57:58 -08:00
Marijn van der Giesen ab80342750
[feat] Add custom options to coredns kubernets plugin (#9608) 2022-12-27 18:21:27 -08:00
Maxime Leroy 9fe89a0641
fix(apps): cinder: wrong rbac for csi-snapshotter-role (#9610) 2022-12-27 00:45:28 -08:00
Mohamed Zaian 438da0c8e6
[argocd] update argocd to v2.5.5 (#9604) 2022-12-22 00:53:25 -08:00
Robin Wallace ccf60fc9ca
upcloud: Delete default reclaim policy (#9574) 2022-12-14 16:15:34 -08:00
JSpon 94eae6a8dc
adjust calico-kube-controller to use hostNetwork when using etcd as datastore (#9573) 2022-12-13 20:41:34 -08:00
Ugur Can Ozturk a0f41bf82a
[metrics_server]: Enabled HA mode by adding 'metrics_server_replicas'… (#9539)
* [metrics_server]: Enabled HA mode by adding 'metrics_server_replicas' variable and adding podAntiAffinity rule

Signed-off-by: Ugur Can Ozturk <57688057+ugur99@users.noreply.github.com>

* [metrics_server]: added namespaces selector

Signed-off-by: Ugur Can Ozturk <57688057+ugur99@users.noreply.github.com>

Signed-off-by: Ugur Can Ozturk <57688057+ugur99@users.noreply.github.com>
2022-12-06 18:22:38 -08:00
rtsp 529faeea9e
[cert-manager] Upgrade to v1.10.1 (#9512) 2022-11-29 07:17:26 -08:00
Robin Wallace ed0acd8027
[openstack cloud controller] bump to v1.25.3 (#9500) 2022-11-18 04:26:31 -08:00
emiran-orange df6da52195
Enable check mode in DNS Cleanup tasks (#9472) 2022-11-10 19:58:09 -08:00
emiran-orange 5c25b57989
Ability to define options for DNS upstream servers (#9311)
* Ability to define options for DNS upstream servers

* Doc and sample inventory vars
2022-11-08 06:44:25 -08:00
Olivier Lemasle 5d1fe64bc8
Update local-volume-provisioner (#9463)
- Update and re-work the documentation:
  - Update links
  - Fix formatting (especially for lists)
  - Remove documentation about `useAlphaApi`,
    a flag only for k8s versions < v1.10
  - Attempt to clarify the doc
- Update to version 1.5.0
- Remove PodSecurityPolicy (deprecated in k8s v1.21+)
- Update ClusterRole following upstream
  (cf https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner/pull/292)
- Add nodeSelector to DaemonSet (following upstream)
2022-11-07 15:28:17 -08:00
yanggang 0d6dc08578
upgrade argocd version 2.4.16 (#9467) 2022-11-06 18:04:16 -08:00