8c32be5feb
Add insecure_registry config to crio.conf ( #10142 )
2023-05-28 19:03:41 -07:00
4013c48acb
cleanup-for-2.22.0 ( #10126 )
2023-05-24 08:56:50 -07:00
d5cdae1f16
[kubernetes] Add hashes for 1.26.4-5, 1.25.9-10, 1.24.13-14 ( #9983 )
2023-05-18 20:06:28 -07:00
86b81a855a
fix: typo in comment ( #10064 )
...
Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
2023-05-12 05:59:01 -07:00
2b75552d1c
Replace swap vars with single `kubelet_fail_swap_on` ( #10036 )
2023-05-11 10:53:04 -07:00
9a72de54de
Cleanup of external openstack cloud config ( #9899 )
...
* redorder options and remove use-octavia
* lowercase true/false
2023-05-10 03:41:02 -07:00
7859aee735
[kubernetes] Add hashes for 1.26.3, 1.25.8, 1.24.12 ( #9900 )
2023-03-21 01:31:08 -07:00
82f68ca395
calico: cilium: use localhost lb by default on kube-proxy replacement ( #9718 )
...
This commit removes the variable `use_localhost_as_kubeapi_loadbalancer`
and rather detects that we are in a situation where we can use the
localhost apiserver loadbalancer (meaning that we use the localhost load
balancer and that the same ports are used for both the load balancer and
the kube-apiserver).
This also cleanups the calico code to use `kube_apiserver_global_endpoint`
rather than implementing the same logic all over again.
Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2023-03-07 04:28:36 -08:00
8b3f3c04cc
[kubernetes] Add hashes for 1.26.2, 1.25.7, 1.24.11 ( #9829 )
2023-03-01 15:31:17 -08:00
0707c8ea6f
fix: with_item to with_dict ( #9729 )
...
Signed-off-by: rongfu.leng <rongfu.leng@daocloud.io>
2023-01-31 03:18:50 -08:00
f9cc8ae10c
[kubernetes] Make kubernetes v1.26 default ( #9732 )
...
* make-kube-1.26-default
* fix-bugs
2023-01-31 00:24:48 -08:00
34d0451585
Update KUBESPRAY_VERSION and kube_version_min_required (with hashes cleanup) ( #9691 )
2023-01-20 14:11:54 -08:00
826282fe89
Add k8s hashes for k8s version. ( #9685 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
Signed-off-by: yanggang <gang.yang@daocloud.io>
2023-01-19 05:30:35 -08:00
4a6eb7eaa2
enable back kubelet_authorization_mode_webhook by default ( #9662 )
...
In 6db6c8678c
2023-01-16 23:56:32 -08:00
791064a3d9
Allow custom timeout for kubeadm init ( #9617 )
...
Signed-off-by: tu1h <lihai.tu@daocloud.io>
Signed-off-by: tu1h <lihai.tu@daocloud.io>
2022-12-27 00:53:28 -08:00
f8d6b54dbb
Add hashes for 1.25.5, 1.24.9, 1.23.15 and make v1.25.5 default ( #9557 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
Signed-off-by: yanggang <gang.yang@daocloud.io>
2022-12-11 16:45:33 -08:00
9439487219
Add hashes for 1.25.4, 1.24.8, 1.23.14 and make v1.25.4 default ( #9479 )
...
Signed-off-by: yanggang <gang.yang@daocloud.io>
Signed-off-by: yanggang <gang.yang@daocloud.io>
2022-11-10 20:00:09 -08:00
ccbe38f78c
make-kube-1.25-default ( #9364 )
2022-10-20 00:56:57 -07:00
d9c39c274e
fix(defaults): wrong cri_socket path for containerd ( #9401 )
2022-10-18 00:15:18 -07:00
5ad1d9db5e
[kubernetes] Add hashes for 1.25.3, 1.24.7, 1.23.13 and make v1.24.7 default ( #9397 )
2022-10-17 05:59:07 -07:00
52904ee6ad
Avoid MetalLB speaker image download when MetalLB speaker is disabled ( #9248 )
...
* Avoid MetalLB speaker image download when metallb_speaker_enabled is set to
* Move metallb_speaker_enabled var to allow outside metalLB role references
* Move metallb_speaker_enabled var to allow outside metalLB role references
* Improve metallb_speaker_enabled default values
2022-10-13 16:50:47 -07:00
999586a110
sysctl_additional ( #9351 )
2022-10-02 23:06:14 -07:00
841e2f44c0
Remove references to 1.22 ( #9342 )
2022-09-28 14:10:29 -07:00
e486151aea
cloud-provider-openstack: upgrade 1.22.0 to 1.23.4 ( #9332 )
2022-09-26 17:35:46 -07:00
76573bf293
[kubernetes] Add hashes for 1.24.6, 1.22.15, 1.23.12 and make v1.24.6 default ( #9308 )
2022-09-22 04:13:03 -07:00
680293e79c
[kubernetes] Add hashes for 1.24.5, 1.22.14, 1.23.11 and make v1.24.5 default ( #9286 )
2022-09-19 02:10:31 -07:00
6db6c8678c
disable kubelet_authorization_mode_webhook by default ( #9238 )
2022-08-31 04:53:00 -07:00
ab938602a9
[kubernetes] Add hashes for 1.24.4, 1.22.13, 1.23.10 and make v1.24.4 default ( #9191 )
2022-08-21 23:11:44 -07:00
91073d7379
[kubernetes] make v1.24.3 default ( #9101 )
2022-07-19 02:58:06 -07:00
e4fe679916
[kubernetes] make v1.24.2 default
2022-06-17 11:08:33 -07:00
97b4d79ed5
feat: make kubernetes owner parametrized ( #8952 )
...
* feat: make kubernetes owner parametrized
* docs: update hardening guide with configuration for CIS 1.1.19
* fix: set etcd data directory permissions to be compliant to CIS 1.1.12
2022-06-17 01:34:32 -07:00
9e7f89d2a2
Remove forgotten 1.21 references
2022-06-16 08:55:38 +02:00
24c8ba832a
[kubernetes] drop support for configuring insecure apiserver
2022-06-15 00:57:20 -07:00
2cd8c51a07
[kubeadm] use v1beta3 configuration version
...
* extra admission controls now don't have a version in their file names
eventratelimit.v1beta2.yaml.j2 -> eventratelimit.yaml.j2
* cri_socket variable includes the unix:// prefix to be conformat with
upstream
2022-06-15 00:57:20 -07:00
fad296616c
[docker] use cri-dockerd instead of dockershim for any kubernetes version deployed with docker as the container_manager
2022-06-15 00:57:20 -07:00
ae1dcb031f
[kubernetes] drop pre 1.22.0 workarounds
2022-06-15 00:57:20 -07:00
9535a41187
[kubernetes] make 1.22.0 the minimum version
2022-06-15 00:57:20 -07:00
d69d4a8303
[kubernetes] make 1.24.1 the new default
2022-06-15 00:57:20 -07:00
78aacee21b
[kubernetes] add hashes for 1.24.1 and other versions. ( #8876 )
...
* [kubernetes] add hashes for 1.24.1 and other versions.
versions: v1.21.13, v1.22.10, v1.23.7 & v1.24.1
* [kubernetes] make v1.23.7 default1
2022-05-27 12:00:42 -07:00
f26f544ff6
[kube-ovn]: update kube-ovn version and sync some feature ( #8790 )
...
* [kube-ovn]: some feature
kube-ovn vlan mode
ipv6/ipv4 dual stack
...
* remove unused env
* fix readinessprobe
2022-05-11 21:35:15 -07:00
56cf163a23
[kubernetes] actually make 1.23.6 the default ( #8767 )
2022-05-02 00:43:14 -07:00
30306d6ec7
Enable external CA mode for control-plane deployment ( #8620 )
2022-04-12 05:47:23 -07:00
d7254eead6
UpCloud integration ( #8653 )
...
* [upcloud] add upcloud csi-driver
* Option to use ansible_host as api ip for kubueconfig
2022-04-11 15:13:23 -07:00
424ef3b3f9
[calico] add calico apiserver ( #8690 )
...
* [calico] add calico apiserver
* fix yamllint
* remove addext argument
* Configure API server with the CA bundle
* add check kdd
2022-04-08 00:02:42 -07:00
996ef98b87
Add support for kube-vip ( #8669 )
...
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
2022-04-07 10:37:57 -07:00
bba91a7524
split kube_feature_gates variable for different kubernetes components ( #8677 )
...
* feat: split kube_feature_gates variable for different kubernetes components
* docs: add kube_feaute_gates componet variables
2022-04-05 05:39:37 -07:00
538f9df5cc
[kubernetes] make 1.23.5 the default
2022-03-17 05:03:20 -07:00
394857b5ce
[docker] add support for cri-dockerd as a replacement for dockershim ( #8623 )
2022-03-16 16:28:11 -07:00
2e925f82ef
Revert "Fix: typos in docs and comments ( #7805 )" ( #8592 )
...
This reverts commit 417180246c
2022-03-02 11:57:13 -08:00
e9c8913248
Add kubeadm option to etcd_deployment_type to replace the etcd_kubeadm_enabled variable ( #8317 )
...
* Add kubeadm option to etcd_deployment_type to replace the etcd_kubeadm_enabled variable
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* Add etcd kubeadm deployment documentation
Signed-off-by: necatican <necaticanyildirim@gmail.com>
* Refactor warning for the deprecated 'etcd_kubeadm_enabled' variable
Signed-off-by: necatican <necaticanyildirim@gmail.com>
2022-02-22 08:53:16 -08:00
d4f654275b
Set default kubernetes version to 1.23.4
2022-02-21 03:54:11 -08:00
eacd55fbca
Use sysctl_file_path variable for all sysctl_file locations ( #8395 )
...
* Use sysctl_file_path variable for all sysctl_file locations
* Add sysctl_file_path variable to kubespay-defaults
* Remove previously used sysctl file locations if present
* Use explicit filename in roles/kubernetes/node/defaults/main.yml
* Defaults: use explicit value
2022-02-01 08:12:10 -08:00
e6e7fbc25f
fix reset containerd_storage_dir undefined ( #8478 )
...
* fix reset containerd_storage_dir
* add env to kubespray-defaults
2022-01-31 05:46:23 -08:00
7d4d554436
Document host_resolvconf as default value for resolvconf_mode ( #8493 )
...
refs #8247
2022-01-31 03:12:24 -08:00
ababcd5481
[kube] make 1.23.3 the new default
2022-01-31 00:22:24 -08:00
be9a1f80c1
[kube] make 1.23.2 the default version
2022-01-24 11:59:33 -08:00
e88aa7c96b
Add youki runtime support ( #8411 )
2022-01-21 14:01:07 -08:00
38d129a0b6
add external hcloud cloud controller manager ( #8440 )
2022-01-20 12:31:09 -08:00
57a1d18db3
Improve first_kube_control_plane variable management to avoid installation failures due to variable overlapping ( #8388 )
2022-01-10 01:35:19 -08:00
aa4a3d7afd
Fix container engine still installed on dedicated etcd node even if `etcd_deployment_type: host` ( #8386 )
2022-01-10 01:35:12 -08:00
51bd9bee0d
Move containerd_version to defaults/main.yml ( #8379 )
...
All container image versions were defined in download/defaults/main.yml
except containerd.
The inconsistency caused the offline script(generate_list.sh) could not
output the URL of containerd image.
This moves the definition into a valid file.
In addition, this adds host_os to generate_list.sh for downloading
krew from a valid URL.
2022-01-09 01:47:12 -08:00
cb54eb40ce
Use a variable for standardizing kubectl invocation ( #8329 )
...
* Add kubectl variable
* Replace kubectl usage by kubectl variable in roles
* Remove redundant --kubeconfig on kubectl usage
* Replace unecessary shell usage with command
2022-01-05 02:26:32 -08:00
6136fa7c49
Update Kubernetes version to 1.23.1
2022-01-04 10:25:00 -08:00
8d2b4ed4a9
Move min k8s version to 1.21
2022-01-04 10:25:00 -08:00
1a7b4435f3
Bump default version of kubernetes to 1.22.5
2021-12-20 08:56:56 -08:00
4f27c763af
containerd insecure registry support ( #8298 )
2021-12-13 00:41:58 -08:00
682c8a59c2
containerd: change default resolvconf_mode to host_resolvconf ( #8247 )
...
* containerd: change default resolvconf_mode to host_resolvconf
* Wait for kube-apiserver to come back after pod refresh
* Handle resolv.conf gracefully
* Retain currently configured DNS entries to ensure we don't break the resolvers
* Suse uses wickedd for network management so no dhcp hooks
* Molecule: increase ansible timeout
* CI: Increase ansible timeout to 120s for Packet jobs
2021-12-09 14:09:06 -08:00
a16d427536
Set etcd-events listen port to 2383 ( #8232 )
2021-12-07 00:28:01 -08:00
27ab364df5
Improve control plane scale flow ( #13 ) ( #7989 )
...
* Improve control plane scale flow (#13 )
* Added version 1.20.10 of K8s
* Setting first_kube_control_plane to a existing one
* Setting first_kube_control_plane to a existing one
* change first_kube_master for first_kube_control_plane
* Ansible-lint changes
2021-12-06 00:16:32 -08:00
615216f397
Fix if bind-address is not set to 0.0.0.0 ( #8262 )
...
* if bind-address is not set to 0.0.0.0
* Update docs and left comments
* fix yamllist check: remove space
2021-12-05 23:58:32 -08:00
9d8a83314b
containerd: add hashes for 1.5.8 and 1.4.12 and make 1.5.8 the new default ( #8239 )
...
* containerd: add hashes for 1.5.8 and 1.4.12 and make 1.5.8 the new default
* containerd: make nerdctl mandatory for container_manager = containerd
* nerdctl: bump to version 0.14.0
* containerd: use nerdctl for image manipulation
* OpenSuSE: install basic nerdctl dependencies
2021-12-03 12:20:35 -08:00
0e22a90579
Update docker to 20.10.11 with containerd 1.4.12 ( #8255 )
2021-11-30 11:49:01 -08:00
2fd529a993
Update Kubernetes version to v1.22.4
2021-11-29 23:06:56 -08:00
e78bda65fe
Defaults: replace docker with containerd as our default container_manager ( #8175 )
...
* Defaults: replace docker with containerd as our default container_manager
* CI: Use docker for download_localhost test
* Defaults: with container_manager=containerd we need etcd_deployment_type=host
* CI: Run weave jobs with docker
* CI: Vagrant don't download_force_cache
* CI: Fix upgrade tests
* should run compatible with old settings, this means docker
* we need to run with a distro that has at least modern containerd,
this means move from debian9 to debian10 to allow `containerd_version`
to match between 2.17 and master
2021-11-25 06:54:33 -08:00
0263c649f4
Allow to scrape etcd metrics using a service ( #8203 )
...
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
2021-11-17 23:53:01 -08:00
4d79a55904
Remove extra parameter kube_proxy_remove ( #8158 )
...
Signed-off-by: EDGsheryl <edgsheryl@gmail.com>
2021-11-15 00:02:48 -08:00
039205560a
nodelocaldns: allow a secondary pod for nodelocaldns for local-HA ( #8100 )
...
* nodelocaldns: allow a secondary pod for nodelocaldns for local-HA
* CI: add job to test nodelocaldns secondary
2021-11-09 09:57:47 -08:00
801268d5c1
containerd: upgrade versions 1.4.11 and 1.5.7 and make 1.4.11 the default ( #8129 )
2021-11-09 06:59:47 -08:00
4a8757161e
Docker: replace the use of containerd_version with docker_containerd_version to avoid causing conflicts when bumping containerd_version ( #8130 )
2021-11-08 15:56:49 -08:00
65540c5771
krew: update to v0.4.2 ( #8168 )
...
krew release urls changed since v0.4.2, clearly OS type and arch inside the filename.
from:
https://github.com/kubernetes-sigs/krew/releases/download/v0.4.1/krew.tar.gz
to:
https://github.com/kubernetes-sigs/krew/releases/download/v0.4.2/krew-linux_amd64.tar.gz
define `host_os` like `host_architecture` determine which OS is krew
installed at.
2021-11-08 02:54:59 -08:00
8922c45556
Added ArgoCD kubernetes-app ( #7895 )
...
* Added ArgoCD kubernetes-app
* Update argocd_version to latest
2021-11-07 02:22:51 -08:00
c94291558d
Fix containerd install for fcos ( #8107 )
...
* Fix containerd install for fcos
* rm orphaned runc and containerd binaries
2021-11-05 07:53:53 -07:00
b353e062c7
Update default k8s version to 1.22.3
2021-10-29 10:43:44 -07:00
331647f4ab
Remove deprecated Ambassador ingress code ( #8086 )
2021-10-26 15:19:09 -07:00
e4c8c7188e
etcd: deploy container engine if needed ( #7532 )
...
If the etcd cluster is separate and the etcd_deployment_type is "host",
there is no need for a container engine on the etcd nodes
Do not rely on a 'default(true)' filter, but define a proper default in
kubespray-defaults depending on etcd deployment method and if internal
or external etcd is used
2021-10-12 00:31:47 -07:00
1a57780a75
Add kubeadm_join_phases_skip variable ( #8067 )
...
* Add kubeadm_join_phases_skip variable
* Update kubeadm_join_phases_skip comment
Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>
* Add kubeadm_join_phases_skip_default variable to follow the same logic with kubeadm_init_phases_skip
Co-authored-by: Cristian Calin <6627509+cristicalin@users.noreply.github.com>
2021-10-11 09:36:41 -07:00
43958614e3
Fix kubespray flatcar ansible_os_family and ansible_distribution ( #8029 )
...
Closes https://github.com/kubernetes-sigs/kubespray/issues/8028
Signed-off-by: Iago Santos <iago.santos.pardo@adfinis.com>
2021-10-01 09:11:23 -07:00
5d1b34bdcd
Move min k8s version to 1.20
2021-09-22 09:50:01 -07:00
8efde799e1
Update kubernetes version to 1.22.2
2021-09-22 09:50:01 -07:00
b83e8b020a
Fix default version ( #7977 )
2021-09-17 07:31:00 -07:00
d355b43dce
ContainerD: bump containerd version to 1.4.9 ( #7940 )
2021-09-06 04:50:29 -07:00
db470f8529
Update CSI snaphotter and make it independent ( #7943 )
...
* CSI: update CSI snapshot CRDs
* CSI: update snapshot controller tag version with kubernetes specific versions
* CSI: allow enabling csi_snapshot_controller independent of Cinder CSI
* CSI: Align csi-snapshot-controller with upstream and use a Deployment instead of a StatefulSet
2021-09-06 04:24:29 -07:00
ed87386d7b
Set default k8s version to 1.21.3
2021-07-20 01:29:31 -07:00
417180246c
Fix: typos in docs and comments ( #7805 )
2021-07-16 18:58:50 -07:00
bd6d810d0a
nodelocaldns: allow binding metrics address to host IP ( #7748 )
2021-06-29 05:28:41 -07:00
a3e34f589a
Enable Graceful Node Shutdown for Kubernetes >= 1.21.0 ( #7746 )
...
* Enable Graceful Node Shutdown for Kubernetes >= 1.21.0
* Add sample graceful shutdown parameters
2021-06-27 23:53:25 -07:00
282a27a07c
gVisor: initial support for gVisor container runtime ( #7661 )
...
* Docker/Containerd: move downloads urls to containerd-common
* gVisor: initial support for gVisor container runtime
2021-06-21 05:18:51 -07:00
d9d29af87f
update containerd to version 1.4.6 ( #7674 )
2021-06-03 10:55:38 -07:00
54cda80018
Fix debian docker available version ( #7668 )
2021-06-01 20:58:39 -07:00
4674b03661
Add cinder_csi_ignore_volume_az ( #7624 )
...
Signed-off-by: Cedric Hnyda <cedric.hnyda@itera.io>
2021-06-01 07:10:27 -07:00
qlijin
Kay Yan
Mohamed Omar Zaian
Pat Riehecky
Manuelraa
John Adams
Arthur Outhenin-Chalandre
rongfu.leng
Florian Ruynat
yanggang
tu1h
Maxime Leroy
Unai Arríen
Federico Cucinella
Cristian Calin
Alessio Greggi
Calin Cristian Andrei
Samuel Liu
Julien Le Fur
Robin Wallace
Mathieu Parent
Tom Janson
Necatican Yıldırım
Michael Schmitz
Ilya Margolin
Victor Morales
Johann Schley
rtsp
Kenichi Omichi
Max Gautier
Marat Talipov
zhengtianbao
Alvaro Campesino
Hanna Bledai
EDGsheryl
Álvaro Torres Cogollo
Marcus Fenner
Iago Santos
Atsushi Nukariya
Sergey
Cedric Hnyda