Commit Graph

675 Commits (05d864c913f6e03b00b4608ebaafc2ea8c65f935)

Author SHA1 Message Date
Victor Morales 4f7a760a94
Add crun support (#6864)
Signed-off-by: Victor Morales <v.morales@samsung.com>
2020-12-01 11:00:50 -08:00
Barry Melbourne f6a5948f58
Upgrade Jetstack Cert-Manager v1.0.4 (#6937) 2020-11-30 06:52:50 -08:00
Florian Ruynat f6eed8091e
Remove contiv related files (#6964) 2020-11-30 06:48:50 -08:00
Dmitry Chusovitin c09aabab0c
Remove executable bit from yaml and j2 files (#6894) 2020-11-29 20:18:48 -08:00
Clicia Scarlet 97ff67e54a
Fix yaml syntax error when use multilines in dns_etchosts (#6960) 2020-11-28 08:32:47 -08:00
Kenichi Omichi 7a1f033c1d
Update helm stable repo (#6867)
As https://helm.sh/blog/new-location-stable-incubator-charts/
helm stable repo is changed to https://charts.helm.sh/stable
In addition, if using helm v3.4.0+ the old stable repo installation
is failed.
So this updates the stable repo to avoid such error.
2020-10-31 09:54:51 -07:00
David Medinets 12ab8b7af3
update version of ingress-nginx controller in docs. (#6855)
* update version of ingress-nginx controller.

Change tag from controller-v0.34.0 to controller-v0.40.2 to use newest tag.

* Update docs about aws deploy templates.

In the yaml templates, there is no mention of idle timeouts. This is why I removed the documentation about it. This might be a mistake. Please verify this. I don't know enough to verify it myself.

* Change label when checking version.

When checking for `app.kubernetes.io/name=ingress-nginx`, a completed pod was selected which is not helpful when trying to `exec`. Changing the label selects the running controller pod.

* put back the information about ELB Idle Timeouts.

When I removed the information, I had overlooked that it was mentioned in the L7 yaml file. Thanks.
2020-10-28 11:05:57 -07:00
David Louks 79b7f0d592
Use existing variable for tiller service account name (#6829)
* Use existing variable for tiller service account name

* keep crb as tiller
2020-10-19 03:04:13 -07:00
Samuel Liu dbe6eb20c8
Modify imagepullpolicy (#6816) 2020-10-12 17:45:22 -07:00
yelhouti 8bec5beb4b
fix: add tags for set facts nodelocaldns (#6813) 2020-10-12 16:47:21 -07:00
Hans Feldt 92b1166dd0
Disable dashboard by default (#6804)
Users should opt in for features and not opt out.
2020-10-11 08:06:47 -07:00
rafal-jan 9d7f358d4b
Fix csi-snapshotter timeout option. Fix ebs-external-attacher-role ClusterRole. (#6776) 2020-10-06 06:44:21 -07:00
bozzo b1bb5a4796
Fix cinder & external_openstack cacert deployment (#6745)
The CA cert was only deployed on master nodes
2020-10-06 05:34:21 -07:00
Florian Ruynat c49bda7319
Update nginx ingress controller to 0.40.1 (#6786) 2020-10-06 05:10:21 -07:00
Joren Zandstra 9729b6b75a
Add extra arguments variables for openstack and vsphere cloud controller manager daemonsets (#6783) 2020-10-02 10:14:48 -07:00
dlandtwing bc8e16fc69
nginx ingress: fix yaml for multiple nodeselectors (#6768)
In case multiple nodeselectors are specified in ingress_nginx_nodeselector, the generated daemonset yaml template for nginx is invalid due to missing indentation starting with the second nodeselector
2020-09-30 07:23:26 -07:00
Mateusz Adamek aba63f0f9a
Added support for dynamic tags in AWS and Azure. (#6752)
* Added support for dynamic tags in AWS and Azure.

* Added examples of dynamic tags configuration.
2020-09-26 10:50:48 -07:00
axelgobletbdr 77149e5d89
Fixes #6740: Allow disabling reverse DNS lookups in coredns (#6741)
* created variable to enable/disable reverse dns lookups in coredns

* fixed linting-error in dns-stack.md
2020-09-25 02:33:11 -07:00
Hans Feldt 28073c76ac
Calico upgrade path validation and old version cleanup (#6733)
* calico: add constant calico_min_version_required

and verify current deployed version against it.

* calico: remove upgrade support with data migration

The tool was used pre v3.0.0 and is no longer needed.

* calico: remove old version support from tasks

* calico: remove old ver support from policy ctrl

* calico: remove old ver support from node

* canal: remove old ver support

* remove unused calicoctl download checksums

calico_min_version_required is the oldest version that can be installed
Older versions can be removed.
2020-09-24 09:04:06 -07:00
Florian Ruynat 9a8e4381be
Fix snapshot.storage apiVersion (#6711) 2020-09-23 08:32:10 -07:00
Marc-Antoine 5ec2467268
Add external_openstack_lbaas_provider setting for occm (#6566)
* Add external_openstack_lbaas_provider setting for occm

* Integrate with existing lbaas_provider block

* Refactor lbaas_provider config template block

* Remove external_openstack_lbaas_use_octavia from sample inventory
2020-09-21 07:04:32 -07:00
David Louks bd49c993de
Added support for setting tiller_service_account and tiller_replicas (#6696)
* Added support for setting tiller_service_account and tiller_replicas

* Specify helm 2 version to ensure we have a test path that still hits helm 2 code

* Moved tiller_service_account to defaults.yml. Fixed is tiller_replicas defined check.
2020-09-20 23:52:30 -07:00
David Louks 3bf40d5db9
make metallb image repos configurable (#6671) (#6672)
* Make metallb image repos configurable

* Moved metallb image repo definitions to download role defaults

* Removed comment. These are set in download defaults
2020-09-17 02:45:13 -07:00
Lukas Grossar a870dd368e
Allow configuration of nodelabels in local_volume_provisioner (#6620) 2020-09-17 02:44:58 -07:00
Florian Ruynat 152e0162a9
Update api version, deprecated in 1.19 (#6656) 2020-09-11 15:12:09 -07:00
w33dw0r7d 03dff09b8a
fix kubelet_flexvolumes_plugins_dir undefined (#6645) 2020-09-11 00:34:14 -07:00
Florian Ruynat a556f8f2bf
Remove deprecated (and removed in 1.19) flag and function --basic-auth-file (#6655) 2020-09-11 00:30:14 -07:00
holmesb a99ba3bb16
Allowing resource management of metrics-server container. Will allow fine-tuning of resource allocation and solving throttling issues. Setting defaults as per the current request & limit allocation: cpu: 43m, memory 55Mi for both limits & requests. (#6652)
Signed-off-by: Brendan Holmes <holmesb@users.noreply.github.com>

Co-authored-by: Brendan Holmes <holmesb@users.noreply.github.com>
2020-09-10 03:46:02 -07:00
Julien Pervillé f660c29348
Declare port 10254 in nginx ingress pod template (#6609) 2020-09-04 04:54:11 -07:00
tasekida fc61f8d52e
Update cert manager to 0.16.1 (#6600)
* Update cert manager to 0.16.1

* Update cert manager to 0.16.1

Co-authored-by: Barry Melbourne <9964974+bmelbourne@users.noreply.github.com>
2020-09-04 04:53:48 -07:00
Hugo Blom 2ff7ab8d40
Add snapshot-controller for CSI drivers and snapshot CRDs, add a default volumesnapshotclass when running cinder CSI (#6537)
* add snapshot-controller and v1beta1 snapshot api

* fix typo

* udpate manifest to v1beta1

* update

* update manifests

* fix spelling

* wait until crd is applied

* fix missing info in kube module

* revert snapshotclass

* add snapshot crds before applying the csi driver

* add crds, missed them in last commit

* use pull policy from kubespray
2020-09-03 04:01:43 -07:00
Hans Feldt 93698a8f73
Calico: update crds to v1 and cr (#6360)
* Update CustomResourceDefinition for kubecontrollersconfigurations.crd.projectcalico.org to v1
* Align ClusterRole for kube-controllers with upstream (calico)
2020-09-03 00:51:40 -07:00
Marc-Antoine 5a8b68a429
Add support for openstack application credentials (#6534)
* Add support for openstack application credentials

* Add some lines for readability

* Update external_openstack_tenant_id check

Do not check external_openstack_tenant_id when application credentials are defined

* Add check for external_openstack_domain_id

* Fix typo
2020-08-31 03:30:28 -07:00
Barry Melbourne 058438a25d
Remove support for CoreOS Container Linux (#6576) 2020-08-28 02:28:53 -07:00
Maxime Guyot 6e938a3106
Fix E306 in other roles (#6517) 2020-08-28 01:20:53 -07:00
Florian Ruynat 2f93d62aa5
Update nginx ingress to 0.34.1 (#6571) 2020-08-27 10:15:53 -07:00
Barry Melbourne 8e2bae0f2a
Fix Ansible Lint warnings (No such file or directory) (#6581) 2020-08-26 23:19:10 -07:00
Arthur Outhenin-Chalandre 2f2ed116f7
Improve metallb template for bgp peers (#6574)
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
2020-08-26 23:15:03 -07:00
Marc-Antoine 0c09ec5d13
Bump Openstack cloud controller image verison to 1.18.2 (#6562) 2020-08-21 00:10:03 -07:00
Barry Melbourne bf6fdce339
Fix cert-manager E305 ansible-lint error (#6549) 2020-08-20 04:25:45 -07:00
Barry Melbourne 9cc70e9e70
Upgrade JetStack Cert-Manager to v0.15.2 (#6414)
* Upgrade JetStack Cert-Manager to v0.15.2

* Add README.md table of contents
2020-08-05 23:26:55 -07:00
Mike Williams e72dbf3dfc
Option for MetalLB to talk BGP (#6383)
* Option for MetalLB to talk BGP

* Check for BGP peers when metallb_protocol is bgp

* README clarification

* Commented values as documentation only in the sample inventory

* layer 2 or BGP, not both
2020-08-05 01:52:40 -07:00
bozzo cc70200a07
Fix Flexvolume mount in Openstack Controller (#6480) 2020-08-04 05:28:35 -07:00
Steven Reitsma f3c17361da
Create a PodDisruptionBudget for the Cinder CSI controllerplugin (#6385) 2020-08-04 05:28:19 -07:00
Kuralamudhan Ramakrishnan 90e5f8ffe1
adding ovn4nfv in kubespray (#6381)
Signed-off-by: Kuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com>
2020-07-31 07:33:08 -07:00
Vladimir Masarik 8425c2363b
Replaced a broken link (#6467) 2020-07-30 00:58:31 -07:00
Samuel Liu 15ec44901d
azure csi typo (#6469) 2020-07-30 00:52:31 -07:00
Maxime Guyot 214e08f8c9
Fix ansible-lint E305 (#6459) 2020-07-28 01:39:08 -07:00
Maxime Guyot e70f27dd79
Add noqa and disable .ansible-lint global exclusions (#6410) 2020-07-27 06:24:17 -07:00
Hugo Blom 1f9841f609
update cinder csi manifests (#6434) 2020-07-26 23:32:17 -07:00
Arthur Outhenin-Chalandre 1a1fe99669
Add a way to deploy cilium alongside another CNI (#6373)
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
2020-07-17 05:57:01 -07:00
Kenichi Omichi 29312a3ec0
Add oomichi to reviwers of MetalLB addon (#6393)
I'd like to review PRs related to metallb addon as possible to make
it better, and it would be easy to track related PRs if becoming the
reviewer.
2020-07-14 20:44:37 -07:00
Steven Reitsma deca5ec903
Remove old csi-attacher flag and fix RBAC for Cinder CSI (#6358)
Add proper RBAC for new csi-attacher version
2020-07-13 04:48:32 -07:00
petruha 4cb576da19
Add readiness probe to dns-autoscaler (#6382) 2020-07-13 02:50:34 -07:00
spaced 9433fe46c8
Add workaround with include_task for mitogen (#6312) 2020-07-07 08:09:59 -07:00
Kenichi Omichi 060d25fc79
Update MetalLB README.md (#6350)
Recently MetalLB becomes one of addons with renaming the options.
This updates MetalLB README.md for this change.
2020-07-02 07:12:54 -07:00
nurekage 017df7113d
Patch Calico for V3.14.0 missing CR and CRD (#6276) 2020-07-01 08:44:16 -07:00
Paul Rey bcac3c62a2
Add additional metadata configuration options to external Openstack CCM (kubernetes-sigs#6338) (#6339)
* Add additional metadata configuration option to external Openstack CCM (kubernetes-sigs#6338)

* Set the variable external_openstack_metadata_search_order undefined by default
2020-07-01 04:52:17 -07:00
Florian Ruynat 16ec5939c2
Update deprecated api (#6245) 2020-06-30 09:00:07 -07:00
Kenichi Omichi 25bab0e976
Change MetalLB to one of addons (#6238)
This changes MetalLB contrib to one of addons for deploying MetalLB with
Kubernetes cluster deployment. By the default, Kubespray doesn't deploy
MetalLB addon.
2020-06-29 15:11:59 -07:00
Joel Seguillon 4c1e0b188d
Add .editorconfig file (#6307) 2020-06-29 12:39:59 -07:00
Mateus Caruccio 1892cd65f6
Add support for dns_etchosts (#6236) 2020-06-26 00:03:31 -07:00
irizzant a6a6e843af
Add /dev volume (#6319) 2020-06-25 06:22:38 -07:00
Alvaro 80d16e6c91
Support for Ambassador OSS as an Ingress (#6135)
Support for Ambassador OSS as an Ingress Controller when
settings `ingress_ambassador_enabled: true`.

Signed-off-by: Alvaro Saurin <alvaro.saurin@gmail.com>
2020-06-24 07:39:17 -07:00
Pasquale Toscano 8f5c4dcd2e
Add support for Kata Containers (#6256)
* Install Kata Containers as additional container runtime

* Create RuntimeClasses for Kata Containers

* Updated Vagrant to optionally run without Docker as container manager

* Updated Vagrant to optionally use Libvirt nested virtualization

* Add Kata Containers documentation

* Fix lint errors

* Add kata_containers_enabled to kubespray-defaults

* Fixed typo error

* Fixed typo error
2020-06-22 00:28:39 -07:00
Florian Ruynat 19d4b5dd04
Update various dependencies (#6265) 2020-06-16 01:08:03 -07:00
Kenichi Omichi 78251b0304
Fix check external_openstack_tenant_name value (#6270)
We need to specify either external_openstack_tenant_name or
external_openstack_tenant_id. Those values were checked by seeing they
are defined or they have actual values separately.
However those values are always defined because of the following code
of openstack/defaults/main.yml:

external_openstack_tenant_id: "{{ lookup('env','OS_TENANT_ID')| default(lookup('env','OS_PROJECT_ID'),true) }}"
external_openstack_tenant_name: "{{ lookup('env','OS_TENANT_NAME')| default(lookup('env','OS_PROJECT_NAME'),true) }}"

So even if not specifying both values, those checks could not detect
the misconfiguration. This fixes this to detect the misconfiguration.
2020-06-16 01:02:03 -07:00
Kenichi Omichi 10a17cfe54
Look up OS_PROJECT_NAME for OpenStack project name (#6262)
On OpenStack history, we used to call "tenant" for separeted namespace.
However we use "project" now instead.
Then we have replaced "tenant" with "project". Then all "TENANT" variables
also are renamed to "PROJECT".
This makes Kubespray search "PROJECT" variable also for newer OpenStack
clouds.
2020-06-12 00:47:56 -07:00
Florian Ruynat 101686c665
Remove outdated CriticalAddonsOnly toleration and critical-pod annotation (#6202) 2020-06-09 05:23:30 -07:00
Florian Ruynat 6852f821a5
Update nginx ingress to 0.32.0 (#6063) 2020-06-09 02:45:18 -07:00
Hugo Blom 3f443f3878
set allowVolumeExpansion in cinder csi (#6220) 2020-06-05 08:27:43 -07:00
Aleksandr Loktionov 85b3526617
Fix vSphere CPI configMap and vSphere CSI secret re-deploy (#6209) (#6210) 2020-06-02 05:42:15 -07:00
jeanfabrice be3283c9ba
Fix conflicting clusterIP fact between coredns and nodelocaldns (#6195) 2020-05-29 04:27:15 -07:00
petruha f959cc296f
Fix metrics-server rules (#6165) 2020-05-28 03:18:02 -07:00
Florian Ruynat 6179405e84
Update docker default to 19.03 - cleanup docker docs & refs (#6153) 2020-05-28 00:52:02 -07:00
Wang Zhen d62836f2ab
Replace seccomp profile docker/default with runtime/default (#6170)
Signed-off-by: Wang Zhen <lazybetrayer@gmail.com>
2020-05-27 14:02:02 -07:00
qvicksilver 437189c213
Fix missing permissions for OpenStack cloud-controller-manager preventing metrics scraping (#6124) 2020-05-18 02:35:45 -07:00
Paul Rey b5aaaf864d
Add additional network configuration options to external Openstack CCM (#6083) (#6085)
* Add additional network configuration options to external Openstack CCM (#6083)

* Change the default version of external openstack cloud controller image to v1.18.1 since there was an issue in v1.18.0 where some IPs of the private network were ignored

* Change Network section in external-openstack-cloud-config.j2 to Networking

* Add networking customization information in the openstack documentation
2020-05-18 02:31:36 -07:00
Anton Kulikov ed12936be2
Add missing RBAC rule #6116 (#6121) 2020-05-11 04:25:51 -07:00
Florian Ruynat 7c00ce5f30
Update metrics-server tag and template (#6090) 2020-05-11 03:55:50 -07:00
petruha 9ce7fc9b2c
Create namespace when dashboard deployment uses customized namespace. (#6107)
* Create namespace when dashboard deployment uses customized namespace.

* Fix syntax.
2020-05-10 11:38:02 -07:00
Florian Ruynat b6243bfc1c
Fix ImagePullPolicy missing variable usage (#6091) 2020-05-10 11:37:50 -07:00
Victor Morales 367566adaa
Fix kubernetes-dashboard template identation (#6066)
The 98e7a07fba commit udpates the
dashboard version to 2.0.0 but it enable skip login flag wasn't
updated. This change updates its identation to avoid issues when
dashboard_skip_login is enabled.
2020-05-06 11:17:17 -07:00
qvicksilver 680aa60429
Specify tag for OpenStack Cloud Controller image (#6048) 2020-04-30 02:02:17 -07:00
qvicksilver e41766fd58
Fix broken Octavia integration in OpenStack External Cloud Provider (#6046) 2020-04-29 11:30:25 -07:00
Joel Seguillon db5f83f8c9
update dashboard access doc for 2.0.x (#6036)
* update dashboard access doc for 2.0.x

* make metrics scrapper system-cluster-critical
2020-04-29 07:20:25 -07:00
Lee Spottiswood a3d3f27aaa
allow dns autoscaler limits to be specified via variables (#6020) 2020-04-28 23:34:25 -07:00
Hugo Blom 724a316204
Cinder-CSI default storageclass and volumeBindingMode (#6026)
* Set volumeBindingMode in cinder CSI template (#22)

* make sure true/false is lowercase in cinder-csi storageclass
2020-04-28 00:12:04 -07:00
Joel Seguillon 98e7a07fba
bump to dashboard 2.0.0 with metrics scrapper support (#5821)
* bump to dashboard 2.0 rc6 with metrics scrapper

* fix missing yaml seperator making Replicaset complaining about missing ServiceAccount

* unwanted legay gross hack forgot to remove before

* no  need namespace on CrBinding

* bump to 2.0.0 release

* remove dashboard_metrics_scrapper_enabled
2020-04-25 03:55:28 -07:00
Florian Ruynat 299e35ebe4
Cleanup unused/erroneous variables (#6003) 2020-04-24 01:54:07 -07:00
Florian Ruynat b8cd9403df
Fix nginx template missing latest changes (#6000) 2020-04-22 08:41:52 -07:00
Florian Ruynat 1c187e9729
Downgrade coredns to 1.6.5 due to upgrade errors while migrating coredns configmap (Corefile) (#5960) 2020-04-22 05:27:52 -07:00
Pierre Lebrun 03c8d0113c
Add vSphere external cloud provider (#5959) 2020-04-20 08:47:39 -07:00
Florian Ruynat 32fec3bb74
Update minor version for tools (helm, busybox, registry etc...) (#5961) 2020-04-18 07:59:36 -07:00
Florian Ruynat 83fe607f62
Cleanup deprecated labels beta.kubernetes.io/arch and beta.kubernetes.io/os (#5964) 2020-04-17 05:51:06 -07:00
Maxime Guyot 0924c2510c
Use role to copy CNI bin (#5953) 2020-04-16 10:06:45 -07:00
Pasquale Toscano 00efc63f74
Customize PodSecurityPolicies from inventory (#5920)
* Customize PodSecurityPolicies from inventory

* Fixed yaml indentation
2020-04-15 03:18:02 -07:00
Florian Ruynat b5125e59ab
update rbac.authorization.k8s.io to non deprecated api-groups (#5517) 2020-04-14 13:14:04 -07:00
MikeG 7910198b93
fix error in templating in local-path-provisioner (#5950) 2020-04-14 06:52:12 -07:00
MikeG 45a177e2a0
add local-path-provosioner helper image def (#5817) 2020-04-07 23:51:43 -07:00