Calin Cristian Andrei
2db39d4856
[containerd] add hashes for 1.5.12, 1.5.13, 1.6.5 and 1.6.6 and make 1.6.6 the new default
2022-06-17 08:00:32 -07:00
Alessio Greggi
97b4d79ed5
feat: make kubernetes owner parametrized ( #8952 )
...
* feat: make kubernetes owner parametrized
* docs: update hardening guide with configuration for CIS 1.1.19
* fix: set etcd data directory permissions to be compliant to CIS 1.1.12
2022-06-17 01:34:32 -07:00
Calin Cristian Andrei
c2700266b0
[download] fix dependencies for downloads
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
2cd8c51a07
[kubeadm] use v1beta3 configuration version
...
* extra admission controls now don't have a version in their file names
eventratelimit.v1beta2.yaml.j2 -> eventratelimit.yaml.j2
* cri_socket variable includes the unix:// prefix to be conformat with
upstream
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
fad296616c
[docker] use cri-dockerd instead of dockershim for any kubernetes version deployed with docker as the container_manager
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
ec01b40e85
[cri_dockerd] upgrade cri_dockerd to 0.2.2 for 1.24 compatibility
...
* use new artifact release name
* enable cri-dockerd dual setack support if enable_dual_stack_networks
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
9efe145688
[calico] make 3.23.1 the default and drop 3.20.x and 3.19.x
2022-06-15 00:57:20 -07:00
Calin Cristian Andrei
47495c336b
[kubernetes] drop hashes for 1.21.x
2022-06-15 00:57:20 -07:00
rtsp
668b9b026c
[cert-manager] Upgrade to v1.8.1 ( #8976 )
2022-06-14 15:11:34 -07:00
Ho Kim
7d3e59cf2e
Remove unneeded socat installation for Flatcar ( #8970 )
2022-06-14 02:23:34 -07:00
Florian Ruynat
1429ba9a07
Update docker version to 20.10.17 ( #8965 )
2022-06-14 02:11:33 -07:00
Kenichi Omichi
cd7381d8de
Drop Ansible support for v2.9 and v2.10 ( #8925 )
...
Ansible v2.9 and v2.10 are EOL as [1].
This drops those version supports by following the upstream Ansible.
This sets use_ssh_args true always because that is required to use
ssh_args on ansible.cfg on Ansible v2.11 or later[2].
ansible_ssh_host is replaced with ansible_host because ansible_ssh_host
has been deprecated already and cenots7 jobs were failed due to the
deprecated ansible_ssh_host.
[1]: https://docs.ansible.com/ansible/devel/reference_appendices/release_and_maintenance.html#ansible-core-changelogs
[2]: https://docs.ansible.com/ansible/latest/collections/ansible/posix/synchronize_module.html#parameter-use_ssh_args
2022-06-09 07:07:42 -07:00
Mathieu Parent
f53764f949
calicoctl repo has been merged in calico ( #8920 )
2022-06-09 07:01:42 -07:00
Mohamed Zaian
bb530da5c2
[registry] Switch registry to use registry.k8s.io
...
Please see the conversation here: https://groups.google.com/a/kubernetes.io/g/dev/c/DYZYNQ_A6_c
2022-06-08 14:12:22 +02:00
Boris Barnier
0761659a43
Update Kube-router version to 1.5.0 ( #8928 )
...
https://github.com/cloudnativelabs/kube-router/releases/tag/v1.5.0
2022-06-06 07:38:34 -07:00
Mohamed Zaian
b2346cdaec
[feat] Upgrade metrics server to v0.6.1 ( #8909 )
...
* Metrics Server now requires access to nodes/metrics RBAC resource instead of nodes/stats. See: https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.6.0
* Minimize rbac permissions.
2022-06-06 07:34:37 -07:00
Florian Ruynat
4dfce51ded
Update dashboard to 2.6.0 (k8s 1.24 support) ( #8906 )
2022-06-06 16:47:33 +03:00
rtsp
1f65e6d3b5
[ingress-nginx] upgrade to 1.2.1 ( #8904 )
2022-06-01 00:23:10 -07:00
Chris Ricker
2f30ab558a
Add 1.24 mappings for etcd and snapshot_controller ( #8903 )
...
Map appropriate versions of etcd and snapshot_controller containers with
k8s 1.24
2022-06-01 00:09:02 -07:00
Daniil Muidinov
5c136ae3af
[calico] add 3.22.3 and 3.23.1 ( #8897 )
...
* [calico]
* add 3.22.3 and 3.23.1
* set 3.22.3 default
* fix download crd for calico 3.22.3 and upper
* update calico README.md
2022-05-31 13:27:23 -07:00
Samuel Liu
14acd124bc
fix containerd images downalod bugs ( #8894 )
2022-05-31 00:22:53 -07:00
Mohamed Zaian
78aacee21b
[kubernetes] add hashes for 1.24.1 and other versions. ( #8876 )
...
* [kubernetes] add hashes for 1.24.1 and other versions.
versions: v1.21.13, v1.22.10, v1.23.7 & v1.24.1
* [kubernetes] make v1.23.7 default1
2022-05-27 12:00:42 -07:00
Kenichi Omichi
73fc70dbe8
Delete kube_version v1.20- related code ( #8869 )
...
Current Kubespray supports the Kubernetes version 1.21 or upper with
`kube_version_min_required: v1.21.0`
Then kube_version v1.20- related code is not used at all.
This deletes those code for cleanup.
2022-05-25 21:31:22 -07:00
Necatican Yıldırım
2b151c6aa2
cni-plugins: upgrade to 1.1.1 ( #8852 )
...
Signed-off-by: necatican <necaticanyildirim@gmail.com>
2022-05-21 11:14:16 +03:00
Samuel Liu
593359ec77
fix kube-ovn image ( #8838 )
2022-05-18 08:36:53 -07:00
Mohamed Zaian
632d457f78
[ingress-nginx] upgrade to 1.2.0 ( #8814 )
2022-05-12 09:07:14 -07:00
Samuel Liu
f26f544ff6
[kube-ovn]: update kube-ovn version and sync some feature ( #8790 )
...
* [kube-ovn]: some feature
kube-ovn vlan mode
ipv6/ipv4 dual stack
...
* remove unused env
* fix readinessprobe
2022-05-11 21:35:15 -07:00
Necatican Yıldırım
13443b05a6
Overhaul Cilium manifests to match the newer versions ( #8717 )
...
* [cilium] Separate templates for cilium, cilium-operator, and hubble installations
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* [cilium] Update cilium-operator templates
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* [cilium] Allow using custom args and mounting extra volumes for the Cilium Operator
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* [cilium] Update the cilium configmap to filter out the deprecated variables, and add the new variables
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* [cilium] Add an option to use Wireguard encryption on Cilium 1.10 and up
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* [cilium] Update cilium-agent templates
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* [cilium] Bump Cilium version to 1.11.3
Signed-off-by: necatican <necaticanyildirim@gmail.com>
2022-05-11 06:23:04 -07:00
Victor Morales
02b6e4833a
Update Kata Containers runtime ( #8797 )
...
* Update Kata containers binary to 2.4.1 version
* Update overhead kata runtime values
* Fix kata-qemu default values in CRI-O
2022-05-08 17:01:18 -07:00
Cristian Calin
94484873d1
[containerd] add 1.6.4 which is needed for kubernetes 1.24.0 and make it the default ( #8791 )
2022-05-05 14:10:43 -07:00
Florian Ruynat
674ec92224
Add crictl 1.24 for new k8s version ( #8787 )
2022-05-05 08:40:22 -07:00
Kenichi Omichi
fbcf426240
Drop containerd 1.4 support ( #8780 )
...
The version 1.4 of containerd has been End of Life since March 3, 2022
as https://containerd.io/releases/#support-horizon
It is nice to drop the support from Kubespray also to follow containerd.
2022-05-04 23:02:20 -07:00
Mohamed Zaian
2301554e98
[kubernetes] add hashes for 1.24.0 ( #8783 )
2022-05-04 22:58:21 -07:00
Lubos Mercl
c20ab7d987
add fix for GCP CSI driver ( #8616 )
...
Signed-off-by: Lubos Mercl <lubos.mercl@gmail.com>
2022-05-03 08:55:56 -07:00
Cristian Calin
9605bbaa67
[nerdctl] upgrade to 0.19.0 ( #8772 )
2022-05-03 05:39:56 -07:00
Kenichi Omichi
c04a73c11a
Update containerd version to 1.6.3 ( #8770 )
...
containerd version 1.6.3 has been released as [1]
This adds the checksums and makes Kubespray use it.
[1]: https://github.com/containerd/containerd/releases/tag/v1.6.3
2022-05-02 22:43:55 -07:00
bilalcaliskan
26a0b0f1e8
chore(flannel): change flannel repository and upgrade image version ( #8740 )
...
* chore: change flannel repository and upgrade image version
* docs: upgrade flanneld version
2022-05-02 11:29:14 -07:00
Mohamed Zaian
afcedf6d77
Pull master, Rebase, add changes again ( #8745 )
2022-05-02 00:39:14 -07:00
Calin Cristian Andrei
b6e2c56ae6
[kubernetes] add hashes for 1.21.12
2022-04-29 07:57:13 -07:00
Calin Cristian Andrei
b005985d4e
[kubernetes] add hashes for 1.23.6
2022-04-29 07:57:13 -07:00
Mohamed Zaian
b7004d72c5
[kubernetes] add hashes for 1.22.9 ( #8746 )
...
* [kubernetes] add hashes for 1.22.9
2022-04-28 16:10:50 +03:00
Cristian Calin
2c2d4513ac
[helm] upgrade to 3.8.2 ( #8723 )
2022-04-18 12:51:50 -07:00
zhengtianbao
937e64d296
Update flannel use install-cni-plugin to fit upstream ( #8714 )
...
* Update flannel use install-cni-plugin to fit upstream
* Replace flannel cni repo
* Remove download flannel binary
2022-04-18 09:44:41 -07:00
Mathieu Parent
c98a0a448f
metallb: Add images to downloads ( #8715 )
...
For offline mode
2022-04-14 10:06:46 -07:00
Mohamed Zaian
7e7218f5ce
etcd: add etcd v3.5.3 for kubernetes 1.21+ ( #8712 )
...
* As per this issue https://github.com/kubernetes-sigs/kubespray/pull/8664 I propose to make etcd v.3.5.3 default for any kubernetes version which uses 3.5.x since that 3.5.[0-2] not recommended for production.
2022-04-14 05:48:46 -07:00
Thomas Eberle
00a4d2d3c4
Removed quotation of nerdctl_extra_flags. ( #8695 )
...
The quotations in the variable nerdctl_extra_flags are not required for the `nerdctl_image_pull_command` and throw the following error when executing the cluster-playbook with `container_insecure_registries` set:
unknown flag: --insecure-registry\\\"
This happens as the complete nerdctl_image_pull_command string variable gets split into an array string for the cmd task. The escaped quotation doesn't get escaped properly and is added to the cmd-string array as part of the command. This leads to a wrong written insecure-registry flag, which throws this error.
2022-04-08 08:02:43 -07:00
Samuel Liu
424ef3b3f9
[calico] add calico apiserver ( #8690 )
...
* [calico] add calico apiserver
* fix yamllint
* remove addext argument
* Configure API server with the CA bundle
* add check kdd
2022-04-08 00:02:42 -07:00
Mathieu Parent
996ef98b87
Add support for kube-vip ( #8669 )
...
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
2022-04-07 10:37:57 -07:00
rtsp
0481dd946f
[cert-manager] Upgrade to v1.8.0 ( #8688 )
2022-04-06 00:52:57 -07:00
Cristian Calin
b67cadf743
[crun] upgrade to 1.4.4 ( #8675 )
2022-04-04 23:57:36 -07:00