杨刚
4d3f637684
Remove PodSecurityPolicies in Metallb for kubernetes 1.25 ( #9442 )
2022-10-27 21:46:30 -07:00
Mohamed Zaian
2af918132e
Update kubernetes dashboard to 2.7.0 (k8s 1.25 support) ( #9425 )
2022-10-24 18:32:36 -07:00
杨刚
b192053e28
as argocd 2.4.15 is releasesd , update the version ( #9420 )
2022-10-23 20:34:24 -07:00
Kenichi Omichi
0374a55eb3
Specify securityContext for cert-manager ( #9404 )
...
On hardening environments, cert-manager pods could not be created
from the corresponding deployments. This adds the securityContext
to solve the issue.
2022-10-20 00:57:08 -07:00
Vladimir
958840da89
Add var for control initialDelaySeconds in nginx ingress probe ( #9405 )
...
Signed-off-by: Zemtsov Vladimir <vl.zemtsov@gmail.com>
Signed-off-by: Zemtsov Vladimir <vl.zemtsov@gmail.com>
2022-10-19 21:20:56 -07:00
Mohamed Zaian
0f44e8c812
[ingress-nginx] upgrade to 1.4.0 ( #9403 )
2022-10-18 16:53:00 -07:00
Kenichi Omichi
c38fb866b7
Update securityContext of netchecker ( #9398 )
...
To run netchecker with necessary privilege,
this updates the securityContext.
2022-10-17 19:11:18 -07:00
Unai Arríen
52904ee6ad
Avoid MetalLB speaker image download when MetalLB speaker is disabled ( #9248 )
...
* Avoid MetalLB speaker image download when metallb_speaker_enabled is set to
* Move metallb_speaker_enabled var to allow outside metalLB role references
* Move metallb_speaker_enabled var to allow outside metalLB role references
* Improve metallb_speaker_enabled default values
2022-10-13 16:50:47 -07:00
ghostloda
547ef747da
fix helm install with password authentication ( #9343 )
2022-10-12 23:55:01 -07:00
Unai Arríen
ef76a578a4
Change dns upstream condition for nodelocaldns ( #9378 )
2022-10-11 00:47:02 -07:00
Piotr Kowalczyk
3b99d24ceb
Fix: install calico-kube-controller on kdd ( #9358 )
...
* Fix: install policy controller on kdd too
* Remove the calico_policy_version condition altogether
* Install policy controller both on canal and calico under same condition
2022-10-10 19:45:01 -07:00
Kay Yan
4701abff4c
upgrade-api-version-for-PodDisruptionBudget ( #9369 )
2022-10-10 17:51:02 -07:00
Kevin Huang
c346e46022
fix(cinder-csi-nodeplugin): Remove the pods-cloud-data volume ( #9362 )
2022-10-08 01:23:19 -07:00
Hugo Blom
a8e4984cf7
Add missing permissions to openstack cc ( #9335 )
...
Add missing permissions to Openstack cloud controller to make sure controller runs as intended
2022-09-27 22:19:35 -07:00
Federico Cucinella
e486151aea
cloud-provider-openstack: upgrade 1.22.0 to 1.23.4 ( #9332 )
2022-09-26 17:35:46 -07:00
Robin Wallace
c4de3df492
upcloud csi driver: bump version to v0.3.3 ( #9317 )
2022-09-24 13:18:04 -07:00
Florian Ruynat
4ad67acedd
Move back vsphere csi to kube-system ns ( #9312 )
2022-09-23 10:46:26 -07:00
Kay Yan
1b3c2dab2e
add_max_concurrent_in_coredns ( #9307 )
2022-09-22 04:27:03 -07:00
pingrulkin
a2e23c1a71
vsphere-csi: add nodeAffinity to daemonset ( #9293 )
2022-09-19 17:47:22 -07:00
Mohamed Zaian
a71da25b57
[argocd] update argocd to v2.4.12 ( #9297 )
2022-09-19 17:37:22 -07:00
Vadim
5ac614f97d
fix duplicate field in ingress-nginx template ( #9285 )
2022-09-19 03:03:22 -07:00
ErmalKristo
b8b8b82ff4
Adds support for multiple architectures to yq ( #9288 )
2022-09-19 02:14:38 -07:00
Mahdi Abbasi
023b16349e
Add variable for the vsphere-csi namespace ( #9278 )
2022-09-15 02:01:23 -07:00
ghostloda
f3fb758f0c
Remove useless file ( #9258 )
2022-09-07 17:10:49 -07:00
Michael Schmitz
be2bfd867c
Add Support for Rewrite Plugin to CoreDNS/NodelocalDNS ( #9245 )
2022-09-03 16:16:35 -07:00
Ho Kim
e31890806c
Add 'avoid-buggy-ips' support of MetalLB ( #9166 )
2022-08-18 21:49:51 -07:00
Piotr Kowalczyk
49d869f662
Fix CSI drivers issues on Azure ( #9153 )
...
* Include missing azuredisk rbac manifest
* Remove missing azure csi manifest
* Remove invalid reference mount to waagent settings
* Use cloud-config secret instead of /etc/kubernetes/cloud_config file
2022-08-18 00:56:36 -07:00
ERIK
9ad2d24ad8
Add unsafe_show_logs switch ( #9164 )
...
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
2022-08-16 18:52:48 -07:00
Cristian Calin
8585134db4
when ingress-nginx is deployes without a class, we need to use 'ingress-controller-leader' resource instead of the default 'ingress-controller-leader-nginx' ( #9156 )
2022-08-09 04:52:50 -07:00
Aveline
06f8368ce6
Fix Hetzner CCM cluster-cidr ( #9127 )
2022-07-30 20:18:27 -07:00
rtsp
b3876142d2
[cert-manager] Upgrade to v1.9.0 ( #9117 )
2022-07-29 00:11:11 -07:00
Mohamed Zaian
9f11946f8a
[argocd] update argocd to v2.4.7 ( #9105 )
2022-07-27 09:32:29 -07:00
Mohamed Zaian
ce04fdde72
[ingress-nginx] upgrade to 1.3.0 ( #9088 )
...
* This release removes support for Kubernetes v1.19.0
* This release adds support for Kubernetes v1.24.0
* Starting with this release, we will need permissions on the coordination.k8s.io/leases resource for leaderelection lock
2022-07-14 18:46:25 -07:00
Peter Pan
14063b023c
Extend DNS memory limit. 170Mi tents to OOM ( #9084 )
2022-07-13 00:03:37 -07:00
Samuel Liu
d821bed2ea
Fix some typo ( #9056 )
...
* fix ingress controller task name
* fix calico word
* add check typo
2022-07-11 09:49:48 -07:00
yasintahaerol
6d543b830a
Fix vcloud-csi bug related to #9046 ( #9066 )
...
* Fix vcloud-csi bug related to #9046
Signed-off-by: yasintahaerol <yasintahaerol@gmail.com>
* add supervisor-fss-namespace=kube-system flag to vsphere-csi-controller-deployment
Signed-off-by: yasintahaerol <yasintahaerol@gmail.com>
2022-07-07 10:31:35 -07:00
Emin AKTAS
4607ac2e93
fix(vsphere-csi): remove namespace env variable and set namespace as kube-system ( #9046 )
...
Signed-off-by: eminaktas <eminaktas34@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
Co-authored-by: Yasin Taha Erol <yasintahaerol@gmail.com>
2022-07-06 01:00:50 -07:00
Mohamed Zaian
51195212b4
[argocd] update argocd to v2.4.3 ( #9050 )
2022-07-05 08:22:47 -07:00
忘尘
1562a9c2ec
add missing verbs ( #9032 )
2022-06-29 00:18:05 -07:00
Samuel Liu
e8ccbebd6f
add ingress nginx webhook ( #9033 )
...
* add ingress nginx webhook
* fix ingress nginx template
2022-06-28 11:55:35 -07:00
Robin Wallace
79f6cd774a
create snapshot-controller only if needed
2022-06-22 00:37:44 -07:00
Sébastien Masset
9d5d945bdb
[MASTER] Add missing configuration for extra tolerations ( #8908 )
...
* Added new configuration item for extra tolerations in policy controllers
Signed-off-by: Sébastien Masset <smt.masset@gmail.com>
* Added new configuration item for extra tolerations in DNS autoscaler
Signed-off-by: Sébastien Masset <smt.masset@gmail.com>
* Aligned existing handling of extra DNS tolerations
Signed-off-by: Sébastien Masset <smt.masset@gmail.com>
2022-06-20 01:36:06 -07:00
Calin Cristian Andrei
2de5c4821c
[calico] clean up workarounds for older versions
2022-06-15 00:57:20 -07:00
orange-llajeanne
2fba94c5e5
fix a typo in the "matallb_auto_assign" variable name ( #8949 )
...
* fix a typo in the "matallb_auto_assign" variable name
* add metallb check to fail when deprecated "matallb_auto_assign" variable is defined
2022-06-13 09:40:12 -07:00
Steffen Becker
6b43d6aff2
Proposed fix to Issue 8667 ( #8944 )
...
Proposed fix to Issue 8667
Proposed fix to Issue 8667
2022-06-09 23:37:46 -07:00
Mohamed Zaian
bb530da5c2
[registry] Switch registry to use registry.k8s.io
...
Please see the conversation here: https://groups.google.com/a/kubernetes.io/g/dev/c/DYZYNQ_A6_c
2022-06-08 14:12:22 +02:00
Mohamed Zaian
b2346cdaec
[feat] Upgrade metrics server to v0.6.1 ( #8909 )
...
* Metrics Server now requires access to nodes/metrics RBAC resource instead of nodes/stats. See: https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.6.0
* Minimize rbac permissions.
2022-06-06 07:34:37 -07:00
Samuel Liu
1600fd9082
clean up tags ( #8880 )
2022-05-31 07:52:53 -07:00
irizzant
85bd1eea27
fix(calico): add missing "get" verb ( #8847 )
...
Signed-off-by: irizzant <i.rizzante@gmail.com>
2022-05-21 01:20:00 -07:00
David Louks
93fe3e06ef
Add support for including annotations on aws-ebs-csi-controller ( #8779 )
...
* Add support for including annotations on aws-ebs-csi-controller
* update comment to specify role arn
2022-05-20 15:00:00 -07:00
Samuel Liu
a28b58dbd0
[calico]use ipamconfig instead of calico ipam command ( #8839 )
...
* use ipamconfig instead of calico ipam command
* fix ansible lint
2022-05-19 11:13:20 -07:00
orange-llajeanne
a26a9ee14f
set apparmor_enabled in netchecker task ( #8844 )
2022-05-19 10:49:21 -07:00
weizhoublue
b289f533b3
get wrong server name of coredns ( #8811 )
...
Signed-off-by: weizhou.lan@daocloud.io <weizhou.lan@daocloud.io>
2022-05-12 08:33:14 -07:00
Oogy
5684610a55
Support metallb peer password ( #8792 )
...
* support metallb peer password
* add MetalLB BGP password example
2022-05-11 21:39:15 -07:00
spaced
bb67b654c5
local volume provisioner should not run on control plane nodes by default ( #8805 )
2022-05-10 19:04:24 +03:00
Robin Wallace
b715500b48
csi: bump upcloud csi driver ( #8784 )
2022-05-09 10:43:19 -07:00
Robin Wallace
42fc71fafa
[PodSecurityPolicy] Move the install of psp ( #8744 )
2022-05-09 09:21:19 -07:00
Victor Morales
02b6e4833a
Update Kata Containers runtime ( #8797 )
...
* Update Kata containers binary to 2.4.1 version
* Update overhead kata runtime values
* Fix kata-qemu default values in CRI-O
2022-05-08 17:01:18 -07:00
Lubos Mercl
c20ab7d987
add fix for GCP CSI driver ( #8616 )
...
Signed-off-by: Lubos Mercl <lubos.mercl@gmail.com>
2022-05-03 08:55:56 -07:00
Mulugeta Ayalew Tamiru
3f065918d9
Update verbs for volumeattachments resource ( #8731 )
...
* Update verbs for volumeattachments resource
Update verbs for volumeattachments resource so that the kubelet can create volumeattachments and mount volumes when deploying Kubernetes on VMware vSphere.
* Update verbs for volumeattachments resource
Update verbs for volumeattachments resource to match upstream
* Update vsphere-csi-controller-rbac.yml.j2
2022-04-22 00:04:13 -07:00
Mathieu Parent
c98a0a448f
metallb: Add images to downloads ( #8715 )
...
For offline mode
2022-04-14 10:06:46 -07:00
Robin Wallace
d7254eead6
UpCloud integration ( #8653 )
...
* [upcloud] add upcloud csi-driver
* Option to use ansible_host as api ip for kubueconfig
2022-04-11 15:13:23 -07:00
Anthony Bible
9dced7133c
Fixes for Hetzner terraform and Hetzner Cloud ( #8702 )
...
* - add ability to specify the network_zone in hetzner terraform
- Export the network id from hetzner terraform the the generated inventory.ini
* - Add with_networks variable to allow different deployments of hcloud controller manager
- Add network id to hcloud controller secret (added via the inventory)
- Don't include extra_args if it's not set
2022-04-11 10:26:06 -07:00
rtsp
0481dd946f
[cert-manager] Upgrade to v1.8.0 ( #8688 )
2022-04-06 00:52:57 -07:00
Cristian Calin
cefd1339fc
[vsphere_csi] update to 2.5.1 and make external_vsphere_version 7.0u1 by default ( #8676 )
2022-04-04 01:08:11 -07:00
rtsp
a67e36703f
Update cert-manager to v1.7.2 ( #8648 )
2022-03-26 04:53:22 -07:00
Fredrik Liv
ffa285c2e7
Fixed cluster roles for openstack cloud controller ( #8638 )
2022-03-21 06:19:21 -07:00
Fredrik Liv
af7066d33c
Updated openstack cloud controller version to v1.22.0 ( #8629 )
...
* Updated openstack cloud controller version to match kubernetes version
* Rolled back file structure change
2022-03-18 01:47:16 -07:00
spaced
2b79be68e7
fix typo and duplicated declaration of ingressclasses ( #8591 )
2022-03-12 23:36:23 -08:00
Maciej Wereski
51821a811f
MetalLB: update to v0.12.1 ( #8593 )
...
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
2022-03-03 08:49:48 -08:00
kakkotetsu
3effb008c9
improve validation conditions for MetalLB BGP Peers ( #8568 )
2022-02-22 23:12:18 -08:00
cyril-corbon
418fc00718
fix: kube-dns service deletion ( #8565 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-02-21 02:48:11 -08:00
Tony Fouchard
1d635e04e4
Allow to specify a source address for metallb peerings, and target only some nodes using node selectors ( #8534 )
2022-02-15 13:57:19 -08:00
Byeonggon Lee
5695c892d0
Fix wrong port name in metallb.yml.j2 ( #8510 )
2022-02-07 09:43:45 -08:00
cyril-corbon
790448f48b
feat: update cert-manager to 1.7.0 ( #8491 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-02-03 17:24:00 -08:00
Tristan
92d612c3e0
8487: Allow override of default CoreDNS zone cache ( #8488 )
...
Using the coredns_cluster_zone_cache_block variable
2022-02-01 00:48:18 -08:00
Ilya Margolin
2bbe5732b7
Add node label to etcd metrics ( #8475 )
...
targetRef on endpoints surfaces as
__meta_kubernetes_endpoint_address_target_kind/__meta_kubernetes_endpoint_address_target_name
in prometheus and gets converted to the label `node` by
prometheus-operator
2022-01-31 06:08:23 -08:00
cyril-corbon
d31db847b7
feat: update local path to v0.0.21 ( #8492 )
2022-01-31 01:08:24 -08:00
cyril-corbon
9fce9ca42a
feat: upgrade azuredisk csi to v1.10.0 ( #8432 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-01-24 00:41:56 -08:00
Victor Morales
e88aa7c96b
Add youki runtime support ( #8411 )
2022-01-21 14:01:07 -08:00
Johann Schley
38d129a0b6
add external hcloud cloud controller manager ( #8440 )
2022-01-20 12:31:09 -08:00
onock
392815d97c
[cert-manager] Fix missing RBAC rules for ClusterRole cert-manager-cainjector kubernetes-sigs#8104. ( #8444 )
2022-01-20 12:17:09 -08:00
rtsp
e791089466
cert-manager: Fix incorrect leader election namespace lead to insufficient permission ( #8433 )
2022-01-17 02:37:29 -08:00
Samuel Liu
1a69f8c3ad
parameterized snaphot controller namespaces ( #8305 )
...
* Parameterized snaphot controller namespaces
* add ns yml
* add docs
* namespace
2022-01-14 12:58:26 -08:00
rtsp
ccd3180a69
cert-manager: Allow to change leader election namespace for GKE Autopilot support ( #8424 )
...
More information:
- kubernetes-sigs/kubespray#8393
- jetstack/cert-manager#4102
- jetstack/cert-manager#3717
2022-01-14 12:54:26 -08:00
cyril-corbon
01dcbc18ac
feat: upgrade metallb to v0.11.0 ( #8420 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-01-14 05:22:28 -08:00
cyril-corbon
86953b2ac4
fix: add tolerations / affinity to cert-manager ( #8389 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-01-11 09:14:26 -08:00
Kenichi Omichi
73c889eb10
Fix failures of ansible-lint ( #8401 )
...
This fixes the following types of failures:
- empty-string-compare
- literal-compare
- risky-file-permissions
- risky-shell-pipe
- var-spacing
In addition, this changes .gitlab-ci/lint.yml to block the same issue
by using the same method at Kubespray CI.
2022-01-11 00:45:16 -08:00
Kenichi Omichi
f80fd24a55
Fix risky-file-permissions ( #8370 )
...
When running ansible-lint directly, we can see a lot of warning
message like
risky-file-permissions File permissions unset or incorrect
This fixes the warning messages.
2022-01-09 01:51:12 -08:00
Victor Morales
52266406f8
Bump cert-manager version to v1.6.1 ( #8377 )
2022-01-07 16:45:34 -08:00
cyril-corbon
cd601c77c7
feat: upgrade metrics server to v0.5.2 ( #8338 )
...
Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
2022-01-07 08:18:33 -08:00
Florian Ruynat
6abae713f7
Update helm / kube-router and coredns ( #8382 )
...
* Update kube-router to 1.4.0
* Update Helm to 3.7.2
* Up coredns to 1.8.6 when k8s is 1.23.x
2022-01-06 12:14:27 -08:00
Max Gautier
cb54eb40ce
Use a variable for standardizing kubectl invocation ( #8329 )
...
* Add kubectl variable
* Replace kubectl usage by kubectl variable in roles
* Remove redundant --kubeconfig on kubectl usage
* Replace unecessary shell usage with command
2022-01-05 02:26:32 -08:00
Unai Arríen
0e98814732
Configure PriorityClassName for MetalLB deployment ( #8362 )
2022-01-04 08:20:52 -08:00
zhengtianbao
c3c128352f
Remove registry-proxy ( #8327 )
2021-12-21 23:55:35 -08:00
zhengtianbao
02a89543d6
registry: add ingress support ( #8311 )
2021-12-21 10:20:46 -08:00
Antoine Gatineau
6aafb9b2d4
fix bad indentation ( #8314 )
2021-12-17 07:36:29 -08:00
zhengtianbao
aa9b8453a0
registry: service add clusterIP, nodePort, loadBalancer support ( #8291 )
...
* registry: service add clusterIP, nodePort, loadBalancer support
* modify camelcase name to underscore
* Add registry service type compatibility check
2021-12-15 00:18:19 -08:00
Cristian Calin
0e969c0b72
vSphere-CSI: update to 2.4.0 ( #8295 )
2021-12-10 11:07:23 -08:00
Steven Reitsma
b396801e28
Update Cinder CSI to v1.22 ( #8296 )
2021-12-10 10:49:11 -08:00